Advisories ยป MGASA-2015-0141

Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 09 Apr 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-1233 , CVE-2015-1234

Description

Updated chromium-browser-stable packages fix security vulnerabilities:

Google Chrome before 41.0.2272.118 does not properly handle the interaction of
IPC, the Gamepad API, and Google V8, which allows remote attackers to execute
arbitrary code via unspecified vectors (CVE-2015-1233).

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google
Chrome before 41.0.2272.118 allows remote attackers to cause a denial of
service (buffer overflow) or possibly have unspecified other impact by
manipulating OpenGL ES commands (CVE-2015-1234).
                

References

SRPMS

4/core