Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 458644 (CVE-2013-0879) - <www-client/chromium-25.0.1364.97 multiple vulnerabilities (CVE-2013-{0879,0880,0881,0882,0883,0884,0885,0887,0888,0889,0890,0891,0892,0893,0894,0895,0896,0897,0898,0899,0900})
Summary: <www-client/chromium-25.0.1364.97 multiple vulnerabilities (CVE-2013-{0879,08...
Status: RESOLVED FIXED
Alias: CVE-2013-0879
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: A2 [glsa]
Keywords:
Depends on: 456874
Blocks:
  Show dependency tree
 
Reported: 2013-02-21 22:57 UTC by Mike Gilbert
Modified: 2013-09-25 00:10 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2013-02-21 22:57:33 UTC
Release notes in URL.
Comment 1 Mike Gilbert gentoo-dev 2013-02-21 23:49:01 UTC
Bug 456874 is a dependency.

Please stabilize:

=dev-lang/v8-3.15.11.15
=www-client/chromium-25.0.1364.97
Comment 2 Mike Gilbert gentoo-dev 2013-02-21 23:52:57 UTC
CVE-2013-0886 is Mac-only.
CVE-2013-0900 may affect dev-libs/icu.
Comment 3 Tomáš Chvátal (RETIRED) gentoo-dev 2013-02-22 09:01:32 UTC
(In reply to comment #2)
> CVE-2013-0886 is Mac-only.
> CVE-2013-0900 may affect dev-libs/icu.

@Mike: do you happen to have some sensible link for the cve description? My googling seems not to be sufficient
Comment 4 Agostino Sarubbo gentoo-dev 2013-02-22 12:09:24 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2013-02-22 12:09:55 UTC
x86 stable
Comment 6 Mike Gilbert gentoo-dev 2013-02-22 16:25:05 UTC
(In reply to comment #3)
> @Mike: do you happen to have some sensible link for the cve description? My
> googling seems not to be sufficient

I suspect the CVE database has not been updated yet. Once it has, the link below should return something useful.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900
Comment 7 Sean Amoss gentoo-dev Security 2013-02-23 19:01:30 UTC
Thanks, Mike!

Added to existing GLSA draft.
Comment 8 Mike Gilbert gentoo-dev 2013-02-23 19:22:09 UTC
@openoffice:

I did a little digging, and found the changeset addressing CVE-2013-0900.

http://src.chromium.org/viewvc/chrome?view=rev&revision=172827

It refers the this ICU ticket, which appears to be locked.

http://bugs.icu-project.org/trac/ticket/9737
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2013-03-04 23:33:50 UTC
CVE-2013-0899 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0899):
  Integer overflow in the padding implementation in the opus_packet_parse_impl
  function in src/opus_decoder.c in Opus before 1.0.2, as used in Google
  Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on
  Mac OS X and other products, allows remote attackers to cause a denial of
  service (out-of-bounds read) via a long packet.

CVE-2013-0898 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0898):
  Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows
  and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to
  cause a denial of service or possibly have unspecified other impact via
  vectors involving a URL.

CVE-2013-0897 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0897):
  Off-by-one error in the PDF functionality in Google Chrome before
  25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X,
  allows remote attackers to cause a denial of service via a crafted document.

CVE-2013-0896 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0896):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, does not properly manage memory during message
  handling for plug-ins, which allows remote attackers to cause a denial of
  service or possibly have unspecified other impact via unknown vectors.

CVE-2013-0895 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0895):
  Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac
  OS X, does not properly handle pathnames during copy operations, which might
  make it easier for remote attackers to execute arbitrary programs via
  unspecified vectors.

CVE-2013-0894 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0894):
  Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis
  decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in
  Google Chrome before 25.0.1364.97 on Windows and Linux and before
  25.0.1364.99 on Mac OS X and other products, allows remote attackers to
  cause a denial of service (divide-by-zero error or out-of-bounds array
  access) or possibly have unspecified other impact via vectors involving a
  zero value for a bark map size.

CVE-2013-0893 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0893):
  Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux,
  and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a
  denial of service or possibly have unspecified other impact via vectors
  related to media.

CVE-2013-0892 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0892):
  Multiple unspecified vulnerabilities in the IPC layer in Google Chrome
  before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS
  X, allow remote attackers to cause a denial of service or possibly have
  other impact via unknown vectors.

CVE-2013-0891 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0891):
  Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux,
  and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a
  denial of service or possibly have unspecified other impact via a blob.

CVE-2013-0890 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0890):
  Multiple unspecified vulnerabilities in the IPC layer in Google Chrome
  before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS
  X, allow remote attackers to cause a denial of service (memory corruption)
  or possibly have other impact via unknown vectors.

CVE-2013-0889 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0889):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, does not properly enforce a user gesture
  requirement before proceeding with a file download, which might make it
  easier for remote attackers to execute arbitrary code via a crafted file.

CVE-2013-0888 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0888):
  Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and
  before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial
  of service (out-of-bounds read) via unspecified vectors.

CVE-2013-0887 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0887):
  The developer-tools process in Google Chrome before 25.0.1364.97 on Windows
  and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict
  privileges during interaction with a connected server, which has unspecified
  impact and attack vectors.

CVE-2013-0885 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0885):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, does not properly restrict API privileges during
  interaction with the Chrome Web Store, which has unspecified impact and
  attack vectors.

CVE-2013-0884 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0884):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl)
  code, which has unspecified impact and attack vectors.

CVE-2013-0883 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0883):
  Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and
  before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial
  of service (incorrect read operation) via unspecified vectors.

CVE-2013-0882 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0882):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of
  service (incorrect memory access) or possibly have unspecified other impact
  via a large number of SVG parameters.

CVE-2013-0881 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0881):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of
  service (incorrect read operation) via crafted data in the Matroska
  container format.

CVE-2013-0880 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0880):
  Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows
  and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to
  cause a denial of service or possibly have unspecified other impact via
  vectors related to databases.

CVE-2013-0879 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0879):
  Google Chrome before 25.0.1364.97 on Windows and Linux, and before
  25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which
  allows remote attackers to cause a denial of service (memory corruption) or
  possibly have unspecified other impact via unknown vectors.
Comment 10 Tomáš Chvátal (RETIRED) gentoo-dev 2013-03-06 21:30:58 UTC
We have separate bug as of now.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2013-09-25 00:10:38 UTC
This issue was resolved and addressed in
 GLSA 201309-16 at http://security.gentoo.org/glsa/glsa-201309-16.xml
by GLSA coordinator Sean Amoss (ackle).