Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 470920 - <www-client/chromium-27.0.1453.93 mulitiple vulnerabilities (CVE-2013-{2836,2837,2838,2839,2840,2841,2842,2843,2844,2845,2846,2847,2848,2849})
Summary: <www-client/chromium-27.0.1453.93 mulitiple vulnerabilities (CVE-2013-{2836,2...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks: 468132
  Show dependency tree
 
Reported: 2013-05-21 22:06 UTC by Mike Gilbert
Modified: 2013-09-25 00:10 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2013-05-21 22:06:02 UTC
Release notes in URL.
Comment 1 Agostino Sarubbo gentoo-dev 2013-05-23 17:39:30 UTC
Which v8 version we need to stabilize?
Comment 2 Mike Gilbert gentoo-dev 2013-05-23 17:50:15 UTC
Lets do v8-3.17.16.2.
Comment 3 Mike Gilbert gentoo-dev 2013-05-23 17:57:46 UTC
Actually, phajdan says he is bumping v8, so use what he says.
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2013-05-23 20:19:07 UTC
(In reply to comment #3)
> Actually, phajdan says he is bumping v8, so use what he says.

Thanks for asking and waiting. Please do v8-3.17.6.14 .

It's deliberately lower version number than existing ~arch ebuilds, and that's what omahaproxy.appspot.com says Google used for Chrome 27.0.1453.93 .
Comment 5 Agostino Sarubbo gentoo-dev 2013-05-23 21:20:18 UTC
(In reply to comment #4)
> (In reply to comment #3)
> > Actually, phajdan says he is bumping v8, so use what he says.
> 
> Thanks for asking and waiting. Please do v8-3.17.6.14 .
> 
> It's deliberately lower version number than existing ~arch ebuilds, and
> that's what omahaproxy.appspot.com says Google used for Chrome 27.0.1453.93 .

It needs =media-video/ffmpeg-1.0.7 what we should do?
Comment 6 Mike Gilbert gentoo-dev 2013-05-23 21:55:59 UTC
(In reply to comment #5)
> It needs =media-video/ffmpeg-1.0.7 what we should do?

Hmm... I wonder why repoman doesn't catch that.
Comment 7 Mike Gilbert gentoo-dev 2013-05-23 21:58:49 UTC
Oh, the www-cliennt/chromium[system-ffmpeg] use flag is stable-masked. So no, ffmpeg-1.0.7 is NOT required.
Comment 8 Richard Freeman gentoo-dev 2013-05-27 13:08:31 UTC
(In reply to Mike Gilbert from comment #2)
> Lets do v8-3.17.16.2.

That version is no longer in portage.
Comment 9 Mike Gilbert gentoo-dev 2013-05-27 16:20:50 UTC
(In reply to Richard Freeman from comment #8)
> That version is no longer in portage.

Please see comment 3 and comment 4. :)
Comment 10 Richard Freeman gentoo-dev 2013-05-31 09:39:41 UTC
I didn't see any comment here, but this is stabilized on all platforms.

The security team can wrap this up.
Comment 11 Sergey Popov gentoo-dev Security 2013-08-22 08:29:21 UTC
Thanks for your work

Added to existing GLSA request
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2013-08-27 17:03:56 UTC
CVE-2013-2849 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2849):
  Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before
  27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web
  script or HTML via vectors involving a (1) drag-and-drop or (2)
  copy-and-paste operation.

CVE-2013-2847 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2847):
  Race condition in the workers implementation in Google Chrome before
  27.0.1453.93 allows remote attackers to cause a denial of service
  (use-after-free and application crash) or possibly have unspecified other
  impact via unknown vectors.

CVE-2013-2846 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2846):
  Use-after-free vulnerability in the media loader in Google Chrome before
  27.0.1453.93 allows remote attackers to cause a denial of service or
  possibly have unspecified other impact via unknown vectors, a different
  vulnerability than CVE-2013-2840.

CVE-2013-2845 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2845):
  The Web Audio implementation in Google Chrome before 27.0.1453.93 allows
  remote attackers to cause a denial of service (memory corruption) or
  possibly have unspecified other impact via unknown vectors.

CVE-2013-2844 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2844):
  Use-after-free vulnerability in the Cascading Style Sheets (CSS)
  implementation in Google Chrome before 27.0.1453.93 allows remote attackers
  to cause a denial of service or possibly have unspecified other impact via
  vectors related to style resolution.

CVE-2013-2843 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2843):
  Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of speech data.

CVE-2013-2842 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2842):
  Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of widgets.

CVE-2013-2841 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2841):
  Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of Pepper resources.

CVE-2013-2840 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2840):
  Use-after-free vulnerability in the media loader in Google Chrome before
  27.0.1453.93 allows remote attackers to cause a denial of service or
  possibly have unspecified other impact via unknown vectors, a different
  vulnerability than CVE-2013-2846.

CVE-2013-2839 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2839):
  Google Chrome before 27.0.1453.93 does not properly perform a cast of an
  unspecified variable during handling of clipboard data, which allows remote
  attackers to cause a denial of service or possibly have other impact via
  unknown vectors.

CVE-2013-2838 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2838):
  Google V8, as used in Google Chrome before 27.0.1453.93, allows remote
  attackers to cause a denial of service (out-of-bounds read) via unspecified
  vectors.

CVE-2013-2837 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2837):
  Use-after-free vulnerability in the SVG implementation in Google Chrome
  before 27.0.1453.93 allows remote attackers to cause a denial of service or
  possibly have unspecified other impact via unknown vectors.

CVE-2013-2836 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2836):
  Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93
  allow attackers to cause a denial of service or possibly have other impact
  via unknown vectors.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2013-09-25 00:10:47 UTC
This issue was resolved and addressed in
 GLSA 201309-16 at http://security.gentoo.org/glsa/glsa-201309-16.xml
by GLSA coordinator Sean Amoss (ackle).