Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 368649

Summary: <www-client/chromium-11.0.696.71: multiple vulnerabilities (CVE-2011-{1801,1804,1806,1807})
Product: Gentoo Security Reporter: Paweł Hajdan, Jr. (RETIRED) <phajdan.jr>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: chromium
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-05-25 06:09:38 UTC
Release notes: http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html

Synopsis:

Multiple vulnerabilities have been reported in Chromium, that may
allow user-assisted execution of arbitrary code or a Denial of Service.

Impact:

A remote attacker could entice a user to visit a specially-crafted web page
that would trigger one of the vulnerabilities, leading to execution of
arbitrary code, a Denial of Service, or popup blocker bypass.

Arches, please stabilize =www-client/chromium-11.0.696.71
Comment 1 Agostino Sarubbo gentoo-dev 2011-05-25 10:43:01 UTC
works as usual.
Comment 2 Ian Delaney (RETIRED) gentoo-dev 2011-05-25 13:39:03 UTC
amd64;

ditto Ago
Comment 3 Thomas Kahle (RETIRED) gentoo-dev 2011-05-25 19:00:06 UTC
x86 stable
Comment 4 Anton Bolshakov 2011-05-27 02:41:29 UTC
Guys,

I suggest to hold on with the stabilization. There is a new bug in .71 reported 
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1801

Just to remind, it takes up to 2 hours to compile chromium on some old laptops. I even started to mask all newly stabilized versions even on descent hardware because it's simply too annoying.
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-05-27 06:48:40 UTC
(In reply to comment #4)
> I suggest to hold on with the stabilization. There is a new bug in .71 reported 
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1801

The bug you linked to is one of the holes _fixed_ in .71: "Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors.". Also, you can see CVE-2011-1801 mentioned in the release notes: http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html
Comment 6 Markos Chandras (RETIRED) gentoo-dev 2011-05-27 10:00:03 UTC
amd64 done. Thanks Agostino and Ian
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2011-05-27 14:41:18 UTC
Thanks, everyone. Added to existing GLSA request.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2011-11-01 10:02:22 UTC
This issue was resolved and addressed in
 GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml
by GLSA coordinator Alex Legler (a3li).
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2011-11-01 10:03:32 UTC
This issue was resolved and addressed in
 GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml
by GLSA coordinator Alex Legler (a3li).
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-09-11 00:33:56 UTC
CVE-2011-1807 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1807):
  Google Chrome before 11.0.696.71 does not properly handle blobs, which
  allows remote attackers to execute arbitrary code via unspecified vectors
  that trigger an out-of-bounds write.

CVE-2011-1806 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1806):
  Google Chrome before 11.0.696.71 does not properly implement the GPU command
  buffer, which allows remote attackers to execute arbitrary code or cause a
  denial of service (memory corruption) via unspecified vectors.

CVE-2011-1804 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1804):
  rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in
  Google Chrome before 11.0.696.71, does not properly render floats, which
  allows remote attackers to cause a denial of service or possibly have
  unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1801 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1801):
  Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote
  attackers to bypass the pop-up blocker via unknown vectors.