From ${URL} : Description Some vulnerabilities have been reported in Google Chrome, where some has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions. 1) An error within SVG can be exploited to bypass the same origin policy. 2) Some unspecified errors exist. The vulnerabilities are reported in versions prior to 36.0.1985.125. Solution: Upgrade to version 36.0.1985.125. Provided and/or discovered by: 1) The vendor credits Christian Schneider. 2) Reported by the vendor. Original Advisory: http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
+*chromium-36.0.1985.125 (18 Jul 2014) + + 18 Jul 2014; Mike Gilbert <floppym@gentoo.org> +chromium-36.0.1985.125.ebuild: + Stable channel bump. + Please go ahead and stabilize it.
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Arches, Thank you for your work Maintainer(s), please drop the vulnerable version(s). Added to existing GLSA Request
Mike, Setting it back to cleanup. chromium-36.0.1985.67 is still in tree, and it is not masked (only chromium-37* is masked). Since it is vulnerable it would have to be removed as well. If there are reasons why it still needs to be in the tree, please advise. Thank you!
I was going by ago's commit message. It looks like he missed it. I'm working on another version bump right now, but I'll clean it up once that's done.
CVE-2014-3162 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3162): Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-3160 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3160): The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.
This issue was resolved and addressed in GLSA 201408-16 at http://security.gentoo.org/glsa/glsa-201408-16.xml by GLSA coordinator Kristian Fiskerstrand (K_F).