Release notes: http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
A vulnerability has been reported in Chromium, that may
allow user-assisted execution of arbitrary code.
A remote attacker could entice a user to visit a specially-crafted web page
that would trigger the vulnerability, leading to execution of
arbitrary code, or a Denial of Service.
Arches, please test and mark stable =www-client/chromium-10.0.648.133
I apologize for one stabilization very shortly after another. There might be even more security updates for the 10.x branch soon, the .133 one is surprisingly small.
x86 stable. Frequent updates are not your fault, Paweł.
amd64 done. Thanks Agostino
Thanks, everyone. Added to existing GLSA request.
This issue was resolved and addressed in
GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml
by GLSA coordinator Alex Legler (a3li).
Integer overflow in WebKit, as used on the Research In Motion (RIM)
BlackBerry Torch 9800 with firmware 126.96.36.199, in Google Chrome before
10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to
execute arbitrary code via unknown vectors related to CSS "style handling,"
nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem
Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at