Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 275745 (CVE-2009-2121) - <=www-client/chromium-bin-? buffer overflow (CVE-2009-2121)
Summary: <=www-client/chromium-bin-? buffer overflow (CVE-2009-2121)
Alias: CVE-2009-2121
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: ~1 [noglsa]
Depends on:
Reported: 2009-06-28 20:59 UTC by Stefan Behte (RETIRED)
Modified: 2009-11-07 00:19 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-06-28 20:59:50 UTC
CVE-2009-2121 (
  Buffer overflow in the browser kernel in Google Chrome before allows remote HTTP servers to cause a denial of service
  (application crash) or possibly execute arbitrary code via a crafted
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-06-28 21:02:17 UTC
This is hardmasked, so we do not have to hurry.
Comment 2 Bernard Cafarelli gentoo-dev 2009-06-28 22:47:17 UTC
chromium-bin-9999 is hardmasked, but -0_p* are not (just ~x86 keyworded), so let's fix that one ;)

From, chromium trunk was fixed in revision 18687, so for us it's <=www-client/chromium-bin-0_p18366 vulnerable. I've just removed this version from portage

I've tested the "listener of death" from the bugreport with 0_p19106 (current ebuild in portage), and it did not crash
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-07 00:19:37 UTC
Thanks! Closing noglsa.