Summary: | <www-client/{chromium-15.0.874.120,google-chrome-15.0.874.120_p108895}: multiple vulnerabilities (CVE-2011-{3892,3893,3894,3895,3896,3897,3898}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ago, chromium |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html | ||
Whiteboard: | B2 [glsa] phajdan.jr | ||
Package list: | Runtime testing required: | --- |
Description
Mike Gilbert
2011-11-10 20:07:08 UTC
New versions have been added to the tree: dev-lang/v8-3.5.10.23 www-client/chromium-15.0.874.120 www-client/google-chrome-15.0.874.120_p108895 google-chrome should NOT be stabilized. Please stabilize: =dev-lang/v8-3.5.10.23 =www-client/chromium-15.0.874.120 As per agreement between amd64 and chromium, no needs amd64 here. (In reply to comment #2) > Please stabilize: > > =dev-lang/v8-3.5.10.23 > =www-client/chromium-15.0.874.120 both ok, you can mark stable. amd64 done. Thanks again ago. x86 stable, working on GLSA draft CVE-2011-3898 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3898): Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. CVE-2011-3897 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3897): Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. CVE-2011-3896 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3896): Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. CVE-2011-3895 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3895): Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. CVE-2011-3894 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3894): Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. CVE-2011-3893 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3893): Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3892 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3892): Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. This issue was resolved and addressed in GLSA 201111-05 at http://security.gentoo.org/glsa/glsa-201111-05.xml by GLSA coordinator Tim Sammut (underling). |