Updated chromium-browser-stable packages fix multiple vulnerabilities
Publication date: 09 Nov 2013Modification date: 09 Nov 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-2925 , CVE-2013-2926 , CVE-2013-2927 , CVE-2013-2928
Description
Updated chromium-browser-stable packages fix security vulnerabilities:
Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP
request implementation (CVE-2013-2925).
cloudfuzzer discovered a use-after-free issue in the list indenting
implementation (CVE-2013-2926).
cloudfuzzer discovered a use-after-free issue in the HTML form submission
implementation (CVE-2013-2927).
The chrome 30 development team found various issues from internal fuzzing,
audits, and other studies (CVE-2013-2928).
This updates to the newest version from the Linux stable channel, fixing
these and several other issues.
References
- http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html
- http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html
- http://www.debian.org/security/2013/dsa-2785
- https://bugs.mageia.org/show_bug.cgi?id=11554
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928
SRPMS
2/core
- chromium-browser-stable-30.0.1599.114-1.mga2
3/core
- chromium-browser-stable-30.0.1599.114-1.mga3
3/tainted
- chromium-browser-stable-30.0.1599.114-1.mga3.tainted