Release notes: http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html At this moment we have no CVE numbers for the vulnerabilities described here. Synopsis: Multiple vulnerabilities have been reported in Chromium, some of which may allow user-assisted execution of arbitrary code. Impact: A remote attacker could trick a user to perform a set of UI actions or install a malicious extension that trigger a possibly exploitable crash, leading to execution of arbitrary code or a Denial of Service. It was also possible for an attacker to entice a user to visit a specially-crafted web page that would trigger one of the vulnerabilities, leading to execution of arbitrary code within the confines of the sandbox or a Denial of Service. Arches, please test and stabilize www-client/chromium-8.0.552.237. I will update chromium-bin soon, we're not going to stabilize it (fully ~arch).
amd64 done
chromium-bin done
Tested on x86, all good here.
x86 stable, thanks David, all arches done
Thanks folks, GLSA request filed.
This issue was resolved and addressed in GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml by GLSA coordinator Alex Legler (a3li).
CVE-2011-0485 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0485): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." CVE-2011-0484 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0484): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." CVE-2011-0483 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0483): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-0482 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0482): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. CVE-2011-0479 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0479): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer. CVE-2011-0478 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0478): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-0477 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0477): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. CVE-2011-0474 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0474): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-0473 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0473): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-0471 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0471): The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-0470 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0470): Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
