Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 517304 (CVE-2014-3160) - <www-client/chromium-36.0.1985.125: Multiple Vulnerabilities (CVE-2014-{3160,3162})
Summary: <www-client/chromium-36.0.1985.125: Multiple Vulnerabilities (CVE-2014-{3160,...
Status: RESOLVED FIXED
Alias: CVE-2014-3160
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/60077/
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2014-07-17 08:42 UTC by Agostino Sarubbo
Modified: 2014-09-02 07:59 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-07-17 08:42:33 UTC 
From ${URL} :

Description

Some vulnerabilities have been reported in Google Chrome, where some has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions.

1) An error within SVG can be exploited to bypass the same origin policy.

2) Some unspecified errors exist.

The vulnerabilities are reported in versions prior to 36.0.1985.125.


Solution:
Upgrade to version 36.0.1985.125.

Provided and/or discovered by:
1) The vendor credits Christian Schneider.
2) Reported by the vendor.

Original Advisory:
http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Mike Gilbert gentoo-dev 2014-07-18 01:09:53 UTC 
+*chromium-36.0.1985.125 (18 Jul 2014)
+
+  18 Jul 2014; Mike Gilbert <floppym@gentoo.org> +chromium-36.0.1985.125.ebuild:
+  Stable channel bump.
+

Please go ahead and stabilize it.
Comment 2 Agostino Sarubbo gentoo-dev 2014-07-18 09:39:17 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2014-07-18 15:13:54 UTC 
Arches, Thank you for your work
Maintainer(s), please drop the vulnerable version(s).

Added to existing GLSA Request
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2014-07-18 16:43:28 UTC 
Mike, 

Setting it back to cleanup. 
chromium-36.0.1985.67 is still in tree, and it is not masked (only chromium-37* is masked). Since it is vulnerable it would have to be removed as well.  

If there are reasons why it still needs to be in the tree, please advise.

Thank you!
Comment 5 Mike Gilbert gentoo-dev 2014-07-18 17:10:48 UTC 
I was going by ago's commit message. It looks like he missed it.

I'm working on another version bump right now, but I'll clean it up once that's done.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2014-07-20 14:19:53 UTC 
CVE-2014-3162 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3162):
  Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125
  allow attackers to cause a denial of service or possibly have other impact
  via unknown vectors.

CVE-2014-3160 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3160):
  The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp
  in Blink, as used in Google Chrome before 36.0.1985.125, does not properly
  restrict subresource requests associated with SVG files, which allows remote
  attackers to bypass the Same Origin Policy via a crafted file.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2014-09-02 07:59:06 UTC 
This issue was resolved and addressed in
 GLSA 201408-16 at http://security.gentoo.org/glsa/glsa-201408-16.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).