Release notes in URL.
Please mark stable. =www-client/chromium-17.0.963.83
amd64 stable
CVE-2011-3057 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3057): Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. CVE-2011-3056 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3056): Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." CVE-2011-3055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3055): The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. CVE-2011-3054 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3054): The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. CVE-2011-3053 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3053): Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. CVE-2011-3052 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3052): The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2011-3051 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3051): Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. CVE-2011-3050 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3050): Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
x86 stable, GLSA draft is ready
This issue was resolved and addressed in GLSA 201203-19 at http://security.gentoo.org/glsa/glsa-201203-19.xml by GLSA coordinator Tim Sammut (underling).