Updated chromium-browser-stable package fixes multiple vulnerabilities
Publication date: 08 Feb 2014Modification date: 08 Feb 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2013-6641 , CVE-2013-6643 , CVE-2013-6644 , CVE-2013-6645 , CVE-2013-6646 , CVE-2013-6649 , CVE-2013-6650
Description
Use-after-free related to forms (CVE-2013-6641). Unprompted sync with an attackers Google account (CVE-2013-6643). Various fixes from internal audits, fuzzing and other initiatives (CVE-2013-6644). Use-after-free related to speech input elements (CVE-2013-6645). Use-after-free in web workers (CVE-2013-6646). Use-after-free in SVG images (CVE-2013-6649). Memory corruption in v8 before version 3.22.24.16 (CVE-2013-6650).
References
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- https://bugs.mageia.org/show_bug.cgi?id=12314
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6641
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6643
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6644
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6645
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6646
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6649
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6650
SRPMS
3/tainted
- chromium-browser-stable-32.0.1700.102-1.mga3.tainted
3/core
- chromium-browser-stable-32.0.1700.102-1.mga3
4/tainted
- chromium-browser-stable-32.0.1700.102-1.mga4.tainted
4/core
- chromium-browser-stable-32.0.1700.102-1.mga4