Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 548108 (CVE-2015-1243)

Summary: <www-client/chromium-42.0.2311.135: multiple vulnerabilities (CVE-2015-{1243,1250})
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: major CC: chromium
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2015-04-29 07:26:16 UTC
From ${URL} :

The stable channel has been updated to 42.0.2311.135 for Windows, Mac and Linux. A list of changes is available in the log.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$TBD][453279] High CVE-2015-1243: Use-after-free in DOM. Credit to Saif El-Sherei.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
[481777] CVE-2015-1250: Various fixes from internal audits, fuzzing and other initiatives.

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2015-05-07 16:20:36 UTC
amd64 and x86 stable.
Cleanup done.
Security go ahead.
Comment 2 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-05-11 16:41:01 UTC
Added to existing GLSA request (10d1088f3)
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2015-06-15 00:51:49 UTC
CVE-2015-1250 (
  Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135
  allow attackers to cause a denial of service or possibly have other impact
  via unknown vectors.

CVE-2015-1243 (
  Use-after-free vulnerability in the MutationObserver::disconnect function in
  core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in
  Google Chrome before 42.0.2311.135, allows remote attackers to cause a
  denial of service or possibly have unspecified other impact by triggering an
  attempt to unregister a MutationObserver object that is not currently
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2015-06-23 04:02:06 UTC
This issue was resolved and addressed in
 GLSA 201506-04 at
by GLSA coordinator Yury German (BlueKnight).