Comment 1 Mike Gilbert 2012-10-11 14:33:42 UTC

Please stabilize.

=www-client/chromium-22.0.1229.94

Comment 2 Agostino Sarubbo 2012-10-11 17:22:08 UTC

amd64 stable

Comment 3 Agostino Sarubbo 2012-10-11 21:11:19 UTC

x86 done, please proceed with the glsa.

Comment 4 Paweł Hajdan, Jr. (RETIRED) 2012-10-12 22:49:21 UTC

(In reply to comment #3)
> x86 done, please proceed with the glsa.

Thanks, GLSA draft updated and *ping* security, the draft is sitting there since Sep 6th.

Comment 5 GLSAMaker/CVETool Bot 2012-10-13 21:17:11 UTC

CVE-2012-5376 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5376):
  The Inter-process Communication (IPC) implementation in Google Chrome before
  22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions
  and write to arbitrary files by leveraging access to a renderer process, a
  different vulnerability than CVE-2012-5112.

CVE-2012-5112 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5112):
  Use-after-free vulnerability in the SVG implementation in WebKit, as used in
  Google Chrome before 22.0.1229.94, allows remote attackers to execute
  arbitrary code via unspecified vectors.

Comment 6 GLSAMaker/CVETool Bot 2012-10-21 15:43:37 UTC

This issue was resolved and addressed in
 GLSA 201210-07 at http://security.gentoo.org/glsa/glsa-201210-07.xml
by GLSA coordinator Sean Amoss (ackle).