[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1WF60x-0003Me-Rz@alpha.psidef.org>
Date: Sun, 16 Feb 2014 13:00:27 -0500
From: Michael Gilbert <mgilbert@...ian.org>
To: debian-security-announce@...ts.debian.org
Subject: [SECURITY] [DSA 2862-1] chromium-browser security
update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2862-1 security@...ian.org
http://www.debian.org/security/ Michael Gilbert
February 16, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : chromium-browser
Vulnerability : several
CVE ID : CVE-2013-6641 CVE-2013-6643 CVE-2013-6644 CVE-2013-6645
CVE-2013-6646 CVE-2013-6649 CVE-2013-6650
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2013-6641
Atte Kettunen discovered a use-after-free issue in Blink/Webkit form
elements.
CVE-2013-6643
Joao Lucas Melo Brasio discovered a Google account information
disclosure issue related to the one-click sign-on feature.
CVE-2013-6644
The chrome development team discovered and fixed multiple issues with
potential security impact.
CVE-2013-6645
Khalil Zhani discovered a use-after-free issue related to speech input.
CVE-2013-6646
Colin Payne discovered a use-after-free issue in the web workers
implementation.
CVE-2013-6649
Atte Kettunen discovered a use-after-free issue in the Blink/Webkit
SVG implementation.
CVE-2013-6650
Christian Holler discovered a memory corruption in the v8 javascript
library.
For the stable distribution (wheezy), these problems have been fixed in
version 32.0.1700.123-1~deb7u1.
For the testing distribution (jessie), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in
version 32.0.1700.123-1.
We recommend that you upgrade your chromium-browser packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQQcBAEBCgAGBQJTAPwuAAoJELjWss0C1vRzHu0f/i51htbha+JCafx87gIm1vU/
z2cLhHDzWEKk47Bhl8Y0BJzl5lMCwAxmBfKaHLLz2/UQvNY4Eva1Jsj0o297KX1z
qHl32L0yAblue5n+iWmccx9/vZ2d0Bj0/tYk8LGZ2W4IzzqhNbRsV2Grq14mA6N0
ne9EMmsJenir8tQBk1GD8yFA4QWStzIxGt0Mmvtt8EdE7Vwk6cBb5wProY9aFwCX
hsui4ysoZL6kZdmlN/hrrZmtA8j7Vnq8v/sgAKZgvXY/b0tBjWQOGyDdDBEECtk7
Y991Zg8IhQCBwt1euICFVKGkdAwq/6mlJAxKJEnzlvj9hw3TiWTFFSkk3fqQJkT1
T/aDoWrGUsPc0iDYo0GrFsJejLvD3jznQiWLU21b+j8GYS6gJoZJDbv8VCwoCHCn
rG+NiRoI9p1DwTWTOSs3h3ypp8On77CC0w3VsNErVv0+GMxQteo+2W85R2AxhdWH
B5RnDfxS/J6DG6dlkkjf3mkUxbT2VidT0TZMDFtqKwREiyEaXRMuUm9BmIIixO2W
nJybfpYJVKmlDsJjmMq6+1jUL1nXAm8AtbWEHS/yHapqlykOSjA2zt4UqOSaOVwz
x5ZiWB5aVf13atISUTJsv6tSZ3OnBjUzW0wHM4D+cw8DMjC9ruoqpoy3hsToCBvi
CesvjFirPNQnQQmltaNvek6lT9b1C8W5lm3IQhj9jiylAPF15Lenfk1YrxTMQ6cd
EI6mRCDCeF1gq1lRopVJkbY0AuHWRHHQpwgiyuAznY+E3iKSksAVVZVfcoO70jxY
q6Ht3lXT5g6tF5GbGE1gZAZn6rm5M3I8fRkBq/7hiKV77ex8g8EdtgvDzN0Jipea
VGL/yQo5/Bn2h+600tWurExSKNlbvUkoTL2/ORJDl79J3n6C8XSGG9I3IpAw/ncx
u26fOfxuQGw/y18QkCvW+J3s8i8v3sdn2NjDI/rS0djUGN4KTZRMFajvthYf1IJg
KhbO/d5D+iZGqNC+B5S8RnDj91xW/tL4KG3hcYlrfRH6o4F1BSeh7q/kQDpnZSNt
z6jXGl1bnPlACRDTDWSNTci2NnlVIj6qIB8V5Lf9BAEDHgQS/Gvv+hVwqJZqIiKC
gdpWEdhZEw4ExsFT8oOUqINbXIG68YujeUwC5gBXStA5YZbnJBMuVU05BOB/3Gsp
zX7W0IEUxaTrDmKqNLNilZ5soBl63Dei4hOOnsnVvBDfuO6HEJNd/kVzB5nV4yYZ
0tujnudHHdfHFVhonzrbUu75Ryk9Y36Md0+cp2n51na2BK2ljdOUUab5x3xbFTQo
PsuIbyJJIrRt+t0cu4S7X47ajZMH/cpQLJTZO0jCeWIOvlX00EyXXtDhLa+sPkA=
=yzUa
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists