Summary: | <www-client/chromium-8.0.552.224: multiple vulnerabilities (CVE-2010-{4574,4575,4576,4578}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | chromium |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Paweł Hajdan, Jr. (RETIRED)
2010-12-13 20:57:56 UTC
amd64 ok *** Bug 348279 has been marked as a duplicate of this bug. *** x86 stable amd64 done. Thanks Agostino chromium-bin is now ready. Security team, please proceed with the GLSA. The target versions are: =www-client/chromium-8.0.552.224 =www-client/chromium-bin-8.0.552.224 (In reply to comment #5) > chromium-bin is now ready. Security team, please proceed with the GLSA. > Thank you. GLSA with 325451 (and others). GLSA 201012-01, thanks everyone. CVE-2010-4578 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4578): Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." CVE-2010-4576 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4576): browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. CVE-2010-4575 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4575): The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. CVE-2010-4574 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4574): The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data. |