Release notes in URL. Pawel is on vacation, so if someone else wants to write the GLSA have at it.
Please stabilize. =dev-lang/v8-3.10.8.19 =www-client/chromium-20.0.1132.43
amd64 stable
cve2012-2816 is windows only.
CVE-2012-2834 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2834): Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format. CVE-2012-2831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2831): Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. CVE-2012-2830 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2830): Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors. CVE-2012-2829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2829): Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. CVE-2012-2826 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2826): Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-2825 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2825): The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. CVE-2012-2824 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2824): Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. CVE-2012-2823 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2823): Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. CVE-2012-2821 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2821): The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors. CVE-2012-2820 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2820): Google Chrome before 20.0.1132.43 does not properly implement SVG filters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-2819 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2819): The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. CVE-2012-2818 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2818): Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the layout of documents that use the Cascading Style Sheets (CSS) counters feature. CVE-2012-2817 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2817): Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections. CVE-2012-2815 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2815): Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
x86 stable Please go ahead with glsa.
This issue was resolved and addressed in GLSA 201208-03 at http://security.gentoo.org/glsa/glsa-201208-03.xml by GLSA coordinator Sean Amoss (ackle).