Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 385649 (CVE-2011-2876)

Summary: <www-client/{chromium-14.0.835.202,google-chrome-14.0.835.202_p103287}, <dev-lang/v8-3.4.14.28: Multiple vulnerabilities (CVE-2011-{2876,2877,2878,2879,2880,2881,3873})
Product: Gentoo Security Reporter: Mike Gilbert <floppym>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: chromium, n0idx80
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Mike Gilbert gentoo-dev 2011-10-04 19:07:02 UTC 
See URL for release notes.

google-chrome has been bumped, and I am working on chromium.
Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-10-04 21:04:42 UTC 
When you post a stabilization list, please include v8-3.4.14.28 in it (I just bumped it).
Comment 2 Mike Gilbert gentoo-dev 2011-10-04 21:18:08 UTC 
Please stabilize. 

Including amd64 alias because we have not discussed an alternative scenario for stabilizing v8.

=www-client/chromium-14.0.835.202
=dev-lang/v8-3.4.14.28
Comment 3 Agostino Sarubbo gentoo-dev 2011-10-04 22:57:55 UTC 
@chromium:

I remember that v8 installs /usr/bin/d8: In fact I try to install actual stable and make a diff from $( qlist -e =v8-stable ) and $( qlist -e v8-stable-candidate )

this is the difference:

--- /tmp/v8_3.3 2011-10-05 00:55:16.714601410 +0200
+++ /tmp/v8_3.4 2011-10-05 00:51:51.227601465 +0200
@@ -1,8 +1,7 @@
-/usr/share/doc/v8-3.3.10.30/AUTHORS.bz2
-/usr/share/doc/v8-3.3.10.30/ChangeLog.bz2
-/usr/lib64/libv8-3.3.10.30.so
+/usr/share/doc/v8-3.4.14.28/AUTHORS.bz2
+/usr/share/doc/v8-3.4.14.28/ChangeLog.bz2
+/usr/lib64/libv8-3.4.14.28.so
 /usr/lib64/libv8.so
-/usr/bin/d8
 /usr/include/v8stdint.h
 /usr/include/v8-debug.h
 /usr/include/v8.h

Missing d8 in v8-3.4.14.28. Is this ok?
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-10-05 15:07:41 UTC 
(In reply to comment #3)
> Missing d8 in v8-3.4.14.28. Is this ok?

It has to be OK. d8 just doesn't compile otherwise.
Comment 5 Agostino Sarubbo gentoo-dev 2011-10-05 15:48:28 UTC 
well, both ok on amd64
Comment 6 Mike Gilbert gentoo-dev 2011-10-06 21:28:06 UTC 
Stable on amd64. Thanks ago.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2011-10-07 23:33:48 UTC 
CVE-2011-3873 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873):
  Google Chrome before 14.0.835.202 does not properly implement shader
  translation, which allows remote attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified vectors.
Comment 8 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-10-17 17:28:53 UTC 
*** Bug 386237 has been marked as a duplicate of this bug. ***
Comment 9 Andreas Schürch gentoo-dev 2011-10-17 18:34:20 UTC 
x86 stable, thanks!
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2011-10-17 18:37:28 UTC 
Thanks, everyone. Added to existing GLSA request.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2011-11-01 10:03:25 UTC 
This issue was resolved and addressed in
 GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml
by GLSA coordinator Alex Legler (a3li).
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2011-11-01 10:04:14 UTC 
This issue was resolved and addressed in
 GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml
by GLSA coordinator Alex Legler (a3li).
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2012-09-11 00:45:25 UTC 
CVE-2011-2881 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2881):
  Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden
  objects, which allows remote attackers to cause a denial of service (memory
  corruption) or possibly have unspecified other impact via crafted JavaScript
  code.

CVE-2011-2880 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2880):
  Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the Google V8 bindings.

CVE-2011-2879 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2879):
  Google Chrome before 14.0.835.202 does not properly consider object
  lifetimes and thread safety during the handling of audio nodes, which allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via unknown vectors.

CVE-2011-2878 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2878):
  Google Chrome before 14.0.835.202 does not properly restrict access to the
  window prototype, which allows remote attackers to bypass the Same Origin
  Policy via unspecified vectors.

CVE-2011-2877 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2877):
  Google Chrome before 14.0.835.202 does not properly handle SVG text, which
  allows remote attackers to cause a denial of service or possibly have
  unspecified other impact via unknown vectors that lead to "stale font."

CVE-2011-2876 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2876):
  Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors involving a text line box.