Summary: | <www-client/chromium-30.0.1599.101 use after free in various modules (CVE-2013-{2925,2926,2927,2928}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | chromium |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Mike Gilbert
2013-10-16 00:16:57 UTC
Please stabilize on amd64 and x86. =dev-lang/v8-3.20.17.15 =www-client/chromium-30.0.1599.101 amd64 and x86 stable Added to existing GLSA draft. CVE-2013-2928 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2928): Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-2927 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2927): Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. CVE-2013-2926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2926): Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. CVE-2013-2925 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2925): Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. This issue was resolved and addressed in GLSA 201403-01 at http://security.gentoo.org/glsa/glsa-201403-01.xml by GLSA coordinator Mikle Kolyada (Zlogene). |