| Summary: | chromium-browser-stable new security issues fixed in 33.0.1750.117 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | sysadmin-bugs, tmb, wilcal.int, wrw105 |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/588859/ | ||
| Whiteboard: | MGA3TOO mga4-32-ok mga3-32-ok mga4-64-ok mga3-64-ok | ||
| Source RPM: | chromium-browser-stable-32.0.1700.102-1.mga4.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2014-02-26 19:16:48 CET
David Walser
2014-02-26 19:17:00 CET
Whiteboard:
(none) =>
MGA4TOO, MGA3TOO Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron. Note to QA: there are both core and tainted builds for this package. Advisory: ======================== Use-after-free related to web contents (CVE-2013-6653). Bad cast in SVG (CVE-2013-6654). Use-after-free in layout (CVE-2013-6655). Information leaks in XSS auditor (CVE-2013-6656, CVE-2013-6657). Use-after-free in layout (CVE-2013-6658). Issue with certificates validation in TLS handshake (CVE-2013-6659). Information leak in drag and drop (CVE-2013-6660). Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers (CVE-2013-6661). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661 http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html ======================== Updated packages in core/updates_testing: ======================== chromium-browser-stable-33.0.1750.117-1.mga3 chromium-browser-33.0.1750.117-1.mga3 chromium-browser-stable-33.0.1750.117-1.mga4 chromium-browser-33.0.1750.117-1.mga4 Updated packages in tainted/updates_testing: ======================== chromium-browser-stable-33.0.1750.117-1.mga3 chromium-browser-33.0.1750.117-1.mga3 chromium-browser-stable-33.0.1750.117-1.mga4 chromium-browser-33.0.1750.117-1.mga4 from SRPMS: chromium-browser-stable-33.0.1750.117-1.mga3.src.rpm chromium-browser-stable-33.0.1750.117-1.mga4.src.rpm URL:
(none) =>
qa-bugs@ml.mageia.org Oops, QA is not a URL. Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron. Note to QA: there are both core and tainted builds for this package. Advisory: ======================== Use-after-free related to web contents (CVE-2013-6653). Bad cast in SVG (CVE-2013-6654). Use-after-free in layout (CVE-2013-6655). Information leaks in XSS auditor (CVE-2013-6656, CVE-2013-6657). Use-after-free in layout (CVE-2013-6658). Issue with certificates validation in TLS handshake (CVE-2013-6659). Information leak in drag and drop (CVE-2013-6660). Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers (CVE-2013-6661). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6653 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6661 http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html ======================== Updated packages in core/updates_testing: ======================== chromium-browser-stable-33.0.1750.117-1.mga3 chromium-browser-33.0.1750.117-1.mga3 chromium-browser-stable-33.0.1750.117-1.mga4 chromium-browser-33.0.1750.117-1.mga4 Updated packages in tainted/updates_testing: ======================== chromium-browser-stable-33.0.1750.117-1.mga3 chromium-browser-33.0.1750.117-1.mga3 chromium-browser-stable-33.0.1750.117-1.mga4 chromium-browser-33.0.1750.117-1.mga4 from SRPMS: chromium-browser-stable-33.0.1750.117-1.mga3.src.rpm chromium-browser-stable-33.0.1750.117-1.mga4.src.rpm URL:
qa-bugs@ml.mageia.org =>
(none) No PoC on Securityfocus. Testing mga4-32 CC:
(none) =>
wrw105 Did the usual browser tests: sunspider, javatester, general browsing, youtube for flash, mp3 at https://archive.org/details/testmp3testfile for the tainted build, all OK. Whiteboard:
MGA3TOO =>
MGA3TOO mga4-32-ok Tested mga3-32 as above, all OK. Whiteboard:
MGA3TOO mga4-32-ok =>
MGA3TOO mga4-32-ok mga3-32-ok Tested mga4-64 as above, all OK. Whiteboard:
MGA3TOO mga4-32-ok mga3-32-ok =>
MGA3TOO mga4-32-ok mga3-32-ok mga4-64-ok Tested mga3-64 as above, all OK. Update just needs advisory uploaded to svn to validate. Whiteboard:
MGA3TOO mga4-32-ok mga3-32-ok mga4-64-ok =>
MGA3TOO mga4-32-ok mga3-32-ok mga4-64-ok mga3-64-ok In Whiteboard: MGA3-64-OK In VirtualBox, M3, KDE, 64-bit Package(s) under test: chromium-browser-stable default install of chromium [root@localhost wilcal]# urpmi chromium-browser-stable Package chromium-browser-stable-32.0.1700.102-1.mga3.tainted.x86_64 is already installed Successfully plays flash videos, cnn.com, successfully passes: http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ install chromium-browser-stable from updates_testing [root@localhost wilcal]# urpmi chromium-browser-stable Package chromium-browser-stable-33.0.1750.117-1.mga3.tainted.x86_64 is already installed Successfully plays flash videos, cnn.com, successfully passes: http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver VirtualBox 4.3.6-1.mga4.x86_64.rpm CC:
(none) =>
wilcal.int I think we can go ahead and push this one. Thanks guys. Validating.
Added the missing tainted srpms to the advisory again..
3:
core:
- chromium-browser-stable-33.0.1750.117-1.mga3
tainted:
- chromium-browser-stable-33.0.1750.117-1.mga3.tainted
4:
core:
- chromium-browser-stable-33.0.1750.117-1.mga4
tainted:
- chromium-browser-stable-33.0.1750.117-1.mga4.tainted
Could sysadmin please push to 3 & 4 updates
ThanksKeywords:
(none) =>
validated_update Update pushed: http://advisories.mageia.org/MGASA-2014-0107.html Status:
NEW =>
RESOLVED
David Walser
2014-03-02 00:12:28 CET
URL:
(none) =>
http://lwn.net/Vulnerabilities/588859/ |