See the release notes at http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html Some details: Aside from the listed security bugs fixed in Chromium, we have also deployed workarounds for two critical vulnerabilities where the root cause lies in external components. Credit and $1337 to Marc Schoenefeld for enabling us to work around a Windows kernel bug [48283]. Credit and $1337 to Simon Berry-Byrne for enabling us to work around a glibc bug [48733]. [$500] [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev. [$500] [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com. [$500] [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez. [$500] [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG. [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno). You can read more about the severity ratings at http://sites.google.com/a/chromium.org/dev/developers/severity-guidelines . I suggest to rate it B2 on the Gentoo scale. Security, this bug sort of obsoletes bug #326717 (you now have 3 www-client/chromium bugs in the queue). Arches, please stabilize. A compile test and basic smoke test is sufficient. The 375 branch gets only the most important bugfixes.
stable x86
amd64 done
Chromium Herd has nothing to do here. The vulnerable versions are no longer in the tree.
GLSA 201012-01, thanks everyone.
CVE-2010-2903 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2903): Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors. CVE-2010-2902 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2902): The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2010-2901 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2901): The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2010-2900 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2900): Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. CVE-2010-2899 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2899): Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors. CVE-2010-2898 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2898): Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.
