Summary: | <www-client/chromium-52.0.2743.82 - multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ago, chromium |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Mike Gilbert
2016-07-20 21:20:45 UTC
Please stabilize www-client/chromium-52.0.2743.82. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Cleanup done. There is also CVE-2016-5138: Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unrestricted multiplication. (In reply to Haelwenn Monnier from comment #5) CVE-2016-5138 applies to Google Chrome as deployed on Chrome OS. There was no corresponding release for desktop Linux. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201610-09 at https://security.gentoo.org/glsa/201610-09 by GLSA coordinator Kristian Fiskerstrand (K_F). *** Bug 589816 has been marked as a duplicate of this bug. *** *** Bug 589816 has been marked as a duplicate of this bug. *** |