Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 394587 - <www-client/chromium-16.0.912.63, <dev-lang/v8-3.6.6.11: Multiple vulnerabilities (CVE-2011-{3903,3904,3906,3907,3908,3909,3910,3912,3913,3914,3917})
Summary: <www-client/chromium-16.0.912.63, <dev-lang/v8-3.6.6.11: Multiple vulnerabili...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: B2 [glsa]
Keywords:
Depends on: 390299
Blocks:
  Show dependency tree
 
Reported: 2011-12-13 18:40 UTC by Paweł Hajdan, Jr. (RETIRED)
Modified: 2012-01-08 05:19 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-12-13 18:40:08 UTC
Release Notes: http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html
Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-12-13 18:41:55 UTC
Please stabilize:

=www-client/chromium-16.0.912.63
=dev-lang/v8-3.6.6.11

The Gentoo Chromium team will of course try to do its own testing and stabilization.
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-12-13 18:50:13 UTC
Removing CVEs that only affect Google Chrome, not Chromium.
Comment 3 Myckel Habets 2011-12-13 19:32:24 UTC
!!! All ebuilds that could satisfy "dev-lang/nacl-toolchain-newlib" have been masked.
!!! One of the following masked packages is required to complete your request:
- dev-lang/nacl-toolchain-newlib-0_p7311::gentoo (masked by: ~x86 keyword)
- dev-lang/nacl-toolchain-newlib-0_p6869-r1::gentoo (masked by: ~x86 keyword)

(dependency required by "www-client/chromium-16.0.912.63" [ebuild])
(dependency required by "=www-client/chromium-16.0.912.63" [argument])
For more information, see the MASKED PACKAGES section in the emerge
man page or refer to the Gentoo Handbook.

Depends on bug 390299.
Comment 4 Mike Gilbert gentoo-dev 2011-12-13 19:42:14 UTC
Tested briefly on amd64, nothing seems to be broken. Would like another ack before committing.
Comment 5 Agostino Sarubbo gentoo-dev 2011-12-13 19:58:42 UTC
(In reply to comment #3)
> !!! All ebuilds that could satisfy "dev-lang/nacl-toolchain-newlib" have been
> masked.
> !!! One of the following masked packages is required to complete your request:
> - dev-lang/nacl-toolchain-newlib-0_p7311::gentoo (masked by: ~x86 keyword)
> - dev-lang/nacl-toolchain-newlib-0_p6869-r1::gentoo (masked by: ~x86 keyword)
> 
> (dependency required by "www-client/chromium-16.0.912.63" [ebuild])
> (dependency required by "=www-client/chromium-16.0.912.63" [argument])
> For more information, see the MASKED PACKAGES section in the emerge
> man page or refer to the Gentoo Handbook.
> 
> Depends on bug 390299.

stable now for x86, go ahead ;)
Comment 6 Agostino Sarubbo gentoo-dev 2011-12-13 20:14:39 UTC
amd64 stable, thanks Mike
Comment 7 Agostino Sarubbo gentoo-dev 2011-12-14 08:13:03 UTC
x86 stable

Pawel, please continue with glsa ;)
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2011-12-14 23:34:00 UTC
CVE-2011-3917 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3917):
  Stack-based buffer overflow in FileWatcher in Google Chrome before
  16.0.912.63 allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via unknown vectors.

CVE-2011-3914 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3914):
  The internationalization (aka i18n) functionality in Google V8, as used in
  Google Chrome before 16.0.912.63, allows remote attackers to cause a denial
  of service or possibly have unspecified other impact via unknown vectors
  that trigger an out-of-bounds write.

CVE-2011-3913 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3913):
  Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to Range handling.

CVE-2011-3912 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3912):
  Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to SVG filters.

CVE-2011-3910 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3910):
  Google Chrome before 16.0.912.63 does not properly handle YUV video frames,
  which allows remote attackers to cause a denial of service (out-of-bounds
  read) via unspecified vectors.

CVE-2011-3909 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3909):
  The Cascading Style Sheets (CSS) implementation in Google Chrome before
  16.0.912.63 on 64-bit platforms does not properly manage property arrays,
  which allows remote attackers to cause a denial of service (memory
  corruption) via unspecified vectors.

CVE-2011-3908 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3908):
  Google Chrome before 16.0.912.63 does not properly parse SVG documents,
  which allows remote attackers to cause a denial of service (out-of-bounds
  read) via unspecified vectors.

CVE-2011-3907 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3907):
  The view-source feature in Google Chrome before 16.0.912.63 allows remote
  attackers to spoof the URL bar via unspecified vectors.

CVE-2011-3906 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3906):
  The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers
  to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-3904 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3904):
  Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to bidirectional text (aka bidi) handling.

CVE-2011-3903 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3903):
  Google Chrome before 16.0.912.63 does not properly perform regex matching,
  which allows remote attackers to cause a denial of service (out-of-bounds
  read) via unspecified vectors.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-01-08 05:19:54 UTC
This issue was resolved and addressed in
 GLSA 201201-03 at http://security.gentoo.org/glsa/glsa-201201-03.xml
by GLSA coordinator Tim Sammut (underling).