{ "schema_version": "1.7.0", "id": "MGASA-2014-0485", "published": "2014-11-25T09:21:26Z", "modified": "2014-11-25T09:06:20Z", "summary": "Updated chromium-browser-stable fixes multiple security vulnerabilities", "details": "Updated chromium-browser-stable packages fix security vulnerabilities:\n\nBuffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows\nremote attackers to cause a denial of service or possibly have unspecified\nother impact via unknown vectors (CVE-2014-7904).\n\nUse-after-free vulnerability in the Pepper plugins in Google Chrome before\n39.0.2171.65 allows remote attackers to cause a denial of service or possibly\nhave unspecified other impact via crafted Flash content that triggers an\nattempted PepperMediaDeviceManager access outside of the object's lifetime\n(CVE-2014-7906).\n\nMultiple use-after-free vulnerabilities in\nmodules/screen_orientation/ScreenOrientationController.cpp in Blink, as used\nin Google Chrome before 39.0.2171.65, allow remote attackers to cause a\ndenial of service or possibly have unspecified other impact via vectors that\ntrigger improper handling of a detached frame, related to the lock and unlock\nmethods (CVE-2014-7907).\n\nMultiple integer overflows in the CheckMov function in\nmedia/base/container_names.cc in Google Chrome before 39.0.2171.65 allow\nremote attackers to cause a denial of service or possibly have unspecified\nother impact via a large atom in MPEG-4 or QuickTime .mov data\n(CVE-2014-7908).\n\neffects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before\n39.0.2171.65, computes a hash key using uninitialized integer values, which\nmight allow remote attackers to cause a denial of service by rendering\ncrafted data (CVE-2014-7909).\n\nMultiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65\nallow attackers to cause a denial of service or possibly have other impact\nvia unknown vectors (CVE-2014-7910).\n", "upstream": [ "CVE-2014-7904", "CVE-2014-7906", "CVE-2014-7907", "CVE-2014-7908", "CVE-2014-7909", "CVE-2014-7910" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2014-0485.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=14596" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update_27.html" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2014/11/stable-channel-update.html" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html" } ], "affected": [ { "package": { "ecosystem": "Mageia:3", "name": "chromium-browser-stable", "purl": "pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-3" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "39.0.2171.65-1.mga3" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:3", "name": "chromium-browser-stable", "purl": "pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-3" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "39.0.2171.65-1.mga3.tainted" } ] } ], "ecosystem_specific": { "section": "tainted" } }, { "package": { "ecosystem": "Mageia:4", "name": "chromium-browser-stable", "purl": "pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-4" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "39.0.2171.65-1.mga4" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }