Bug 400551

Comment 1 Paweł Hajdan, Jr. (RETIRED) 2012-01-24 07:46:31 UTC

Please stabilize =www-client/chromium-16.0.912.77

Comment 2 Agostino Sarubbo 2012-01-24 09:04:07 UTC

Pawel:

as per our previous agreement (via mail) about stabilization, please don't CC amd64.

CC me and Richard (rich0). Thanks :)

Comment 3 Agostino Sarubbo 2012-01-24 09:51:08 UTC

amd64 stable

Comment 4 Paweł Hajdan, Jr. (RETIRED) 2012-01-24 10:44:58 UTC

x86 stable

GLSA draft is ready, security please review

Comment 5 GLSAMaker/CVETool Bot 2012-01-28 03:38:46 UTC

This issue was resolved and addressed in
 GLSA 201201-17 at http://security.gentoo.org/glsa/glsa-201201-17.xml
by GLSA coordinator Tim Sammut (underling).

Comment 6 GLSAMaker/CVETool Bot 2012-02-21 03:59:47 UTC

CVE-2011-3928 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3928):
  Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to DOM handling.

CVE-2011-3927 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3927):
  Skia, as used in Google Chrome before 16.0.912.77, does not perform all
  required initialization of values, which allows remote attackers to cause a
  denial of service or possibly have unspecified other impact via unknown
  vectors.

CVE-2011-3926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3926):
  Heap-based buffer overflow in the tree builder in Google Chrome before
  16.0.912.77 allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via unknown vectors.

CVE-2011-3924 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3924):
  Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to DOM selections.