Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 416119 (CVE-2011-3083) - <www-client/chromium-19.0.1084.46, <dev-lang/v8-3.9.24.21 : multiple vulnerabilities (CVE-2011-{3083,3084,3085,3086,3087,3088,3089,3090,3091,3092,3093,3094,3095,3096,3100,3101})
Summary: <www-client/chromium-19.0.1084.46, <dev-lang/v8-3.9.24.21 : multiple vulnerab...
Status: RESOLVED FIXED
Alias: CVE-2011-3083
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: A2 [glsa]
Keywords:
Depends on: CVE-2011-4599
Blocks:
  Show dependency tree
 
Reported: 2012-05-15 16:45 UTC by Paweł Hajdan, Jr. (RETIRED)
Modified: 2012-05-21 07:09 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-05-15 16:45:08 UTC
Release notes: http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html
Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-05-15 16:46:11 UTC
Please stabilize:

=dev-lang/v8-3.9.24.21
=www-client/chromium-19.0.1084.46
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-05-15 16:49:27 UTC
x86 stable
Comment 3 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-05-17 10:12:35 UTC
New stabilization targets:

=dev-lang/v8-3.9.24.21
=www-client/chromium-19.0.1084.46-r1
Comment 4 Mike Gilbert gentoo-dev 2012-05-18 20:33:50 UTC
Adding amd64. Currently blocked by icu-49.
Comment 5 Agostino Sarubbo gentoo-dev 2012-05-19 07:08:25 UTC
Since 19.0.1084.46-r1 is stable on x86, I'd say to move the target to r1

I will stabilize r1 for amd64 too
Comment 6 Agostino Sarubbo gentoo-dev 2012-05-19 13:48:00 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2012-05-19 13:50:53 UTC
Removed old and vulnerable version.

Pawel, go ahead with the glsa.
Comment 8 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-05-19 15:01:05 UTC
(In reply to comment #7)
> Pawel, go ahead with the glsa.

GLSA draft is ready for review.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-05-20 23:13:33 UTC
CVE-2011-3101 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101):
  Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an
  unspecified flaw in an NVIDIA driver, which has unknown impact and attack
  vectors.

CVE-2011-3100 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3100):
  Google Chrome before 19.0.1084.46 does not properly draw dash paths, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors.

CVE-2011-3096 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3096):
  Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux
  allows remote attackers to cause a denial of service or possibly have
  unspecified other impact by leveraging an error in the GTK implementation of
  the omnibox.

CVE-2011-3095 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3095):
  The OGG container in Google Chrome before 19.0.1084.46 allows remote
  attackers to cause a denial of service or possibly have unspecified other
  impact via unknown vectors that trigger an out-of-bounds write.

CVE-2011-3094 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3094):
  Google Chrome before 19.0.1084.46 does not properly handle Tibetan text,
  which allows remote attackers to cause a denial of service (out-of-bounds
  read) via unspecified vectors.

CVE-2011-3093 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3093):
  Google Chrome before 19.0.1084.46 does not properly handle glyphs, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors.

CVE-2011-3092 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3092):
  The regex implementation in Google V8, as used in Google Chrome before
  19.0.1084.46, allows remote attackers to cause a denial of service (invalid
  write operation) or possibly have unspecified other impact via unknown
  vectors.

CVE-2011-3091 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3091):
  Use-after-free vulnerability in the IndexedDB implementation in Google
  Chrome before 19.0.1084.46 allows remote attackers to cause a denial of
  service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3090):
  Race condition in Google Chrome before 19.0.1084.46 allows remote attackers
  to cause a denial of service or possibly have unspecified other impact via
  vectors related to worker processes.

CVE-2011-3089 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3089):
  Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors involving tables.

CVE-2011-3088 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3088):
  Google Chrome before 19.0.1084.46 does not properly draw hairlines, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors.

CVE-2011-3087 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3087):
  Google Chrome before 19.0.1084.46 does not properly perform window
  navigation, which has unspecified impact and remote attack vectors.

CVE-2011-3086 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3086):
  Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors involving a STYLE element.

CVE-2011-3085 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3085):
  The Autofill feature in Google Chrome before 19.0.1084.46 does not properly
  restrict field values, which allows remote attackers to cause a denial of
  service (UI corruption) and possibly conduct spoofing attacks via vectors
  involving long values.

CVE-2011-3084 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3084):
  Google Chrome before 19.0.1084.46 does not use a dedicated process for the
  loading of links found on an internal page, which might allow attackers to
  bypass intended sandbox restrictions via a crafted page.

CVE-2011-3083 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3083):
  browser/profiles/profile_impl_io_data.cc in Google Chrome before
  19.0.1084.46 does not properly handle a malformed ftp URL in the SRC
  attribute of a VIDEO element, which allows remote attackers to cause a
  denial of service (NULL pointer dereference and application crash) via a
  crafted web page.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-05-21 07:09:44 UTC
This issue was resolved and addressed in
 GLSA 201205-03 at http://security.gentoo.org/glsa/glsa-201205-03.xml
by GLSA coordinator Tim Sammut (underling).