See the release notes: http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html Impact: A remote attacker could entice a user to install a specially crafted extension that would trigger an exploitable crash, leading to an execution of arbitrary code, or Denial of Service. A remote attacker could entice a user to visit a specially crafted web page that would trigger one of the vulnerabilities, leading to an execution of arbitrary code within the confines of the sandbox or a Denial of Service. Arches, please stabilize =www-client/chromium-8.0.552.224 (sorry for two stabilizations in very short time). I will bump chromium-bin soon (it doesn't need to be stabilized, all versions are ~arch).
amd64 ok
*** Bug 348279 has been marked as a duplicate of this bug. ***
x86 stable
amd64 done. Thanks Agostino
chromium-bin is now ready. Security team, please proceed with the GLSA. The target versions are: =www-client/chromium-8.0.552.224 =www-client/chromium-bin-8.0.552.224
(In reply to comment #5) > chromium-bin is now ready. Security team, please proceed with the GLSA. > Thank you. GLSA with 325451 (and others).
GLSA 201012-01, thanks everyone.
CVE-2010-4578 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4578): Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." CVE-2010-4576 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4576): browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. CVE-2010-4575 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4575): The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. CVE-2010-4574 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4574): The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data.