| Summary: | <www-client/chromium-19.0.1084.46, <dev-lang/v8-3.9.24.21 : multiple vulnerabilities (CVE-2011-{3083,3084,3085,3086,3087,3088,3089,3090,3091,3092,3093,3094,3095,3096,3100,3101}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | chromium, rich0 |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html | ||
| Whiteboard: | A2 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 394201 | ||
| Bug Blocks: | |||
|
Description
Paweł Hajdan, Jr. (RETIRED)
2012-05-15 16:45:08 UTC
Please stabilize: =dev-lang/v8-3.9.24.21 =www-client/chromium-19.0.1084.46 x86 stable New stabilization targets: =dev-lang/v8-3.9.24.21 =www-client/chromium-19.0.1084.46-r1 Adding amd64. Currently blocked by icu-49. Since 19.0.1084.46-r1 is stable on x86, I'd say to move the target to r1 I will stabilize r1 for amd64 too amd64 stable Removed old and vulnerable version. Pawel, go ahead with the glsa. (In reply to comment #7) > Pawel, go ahead with the glsa. GLSA draft is ready for review. CVE-2011-3101 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101): Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. CVE-2011-3100 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3100): Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3096 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3096): Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. CVE-2011-3095 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3095): The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. CVE-2011-3094 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3094): Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3093 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3093): Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3092 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3092): The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. CVE-2011-3091 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3091): Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3090): Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. CVE-2011-3089 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3089): Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. CVE-2011-3088 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3088): Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3087 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3087): Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. CVE-2011-3086 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3086): Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. CVE-2011-3085 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3085): The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values. CVE-2011-3084 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3084): Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. CVE-2011-3083 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3083): browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page. This issue was resolved and addressed in GLSA 201205-03 at http://security.gentoo.org/glsa/glsa-201205-03.xml by GLSA coordinator Tim Sammut (underling). |