Advisories ยป MGASA-2014-0213

Updated chromium-browser-stable packages fix multiple vulnerabilities

Publication date: 10 May 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-1730 , CVE-2014-1731 , CVE-2014-1732 , CVE-2014-1733 , CVE-2014-1734 , CVE-2014-1735 , CVE-2014-1736

Description

Updated chromium-browser-stable packages fix security vulnerabilities:

A type confusion issue was discovered in the v8 javascript library
(CVE-2014-1730).

John Butler discovered a type confusion issue in the WebKit/Blink document
object model implementation (CVE-2014-1731).

Khalil Zhani discovered a use-after-free issue in the speech recognition
feature (CVE-2014-1732).

Jed Davis discovered a way to bypass the seccomp-bpf sandbox
(CVE-2014-1733).

The Google Chrome development team discovered and fixed multiple issues
with potential security impact (CVE-2014-1734).

The Google Chrome development team discovered and fixed multiple issues
in version 3.24.35.33 of the v8 javascript library (CVE-2014-1735).

SkyLined discovered an integer overlflow issue in the v8 javascript
library (CVE-2014-1736).
                

References

SRPMS

4/tainted

4/core

3/tainted

3/core