Bug 12945

Summary: chromium-browser-stable new security issues fixed in 33.0.1750.146
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: davidwhodgins, sysadmin-bugs, tmb, wrw105
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/589473/
Whiteboard: MGA3TOO advisory mga3-32-ok mga3-64-ok mga4-64-ok mga4-32-ok
Source RPM: chromium-browser-stable-33.0.1750.117-1.mga4.src.rpm CVE:
Status comment:

Description David Walser 2014-03-05 19:18:59 CET 
Upstream has released version 33.0.1750.146 on March 3:
http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html

This fixes a handful of new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Reproducible: 

Steps to Reproduce:
David Walser 2014-03-05 19:19:06 CET

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-03-06 01:55:22 CET 
Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Note to QA: there are both core and tainted builds for this package.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

Use-after-free in svg images (CVE-2013-6663).

Use-after-free in speech recognition (CVE-2013-6664).

Heap buffer overflow in software rendering (CVE-2013-6665).

Chrome allows requests in flash header request (CVE-2013-6666).

Various fixes from internal audits, fuzzing and other initiatives
(CVE-2013-6667).

Multiple vulnerabilities in V8 fixed in version 3.24.35.10 (CVE-2013-6668).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668
http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html
========================

Updated packages in core/updates_testing:
========================
chromium-browser-stable-33.0.1750.146-1.mga3
chromium-browser-33.0.1750.146-1.mga3
chromium-browser-stable-33.0.1750.146-1.mga4
chromium-browser-33.0.1750.146-1.mga4

Updated packages in tainted/updates_testing:
========================
chromium-browser-stable-33.0.1750.146-1.mga3
chromium-browser-33.0.1750.146-1.mga3
chromium-browser-stable-33.0.1750.146-1.mga4
chromium-browser-33.0.1750.146-1.mga4

from SRPMS:
chromium-browser-stable-33.0.1750.146-1.mga3.src.rpm
chromium-browser-stable-33.0.1750.146-1.mga4.src.rpm

Assignee: bugsquad => qa-bugs

Comment 2 Dave Hodgins 2014-03-06 02:33:54 CET 
Advisory added to svn. Will test as soon as my local mirror syncs the update.

CC: (none) => davidwhodgins
Whiteboard: MGA3TOO => MGA3TOO advisory

Comment 3 Dave Hodgins 2014-03-06 04:15:30 CET 
Advisory updated to include tainted srpms.

Testing complete on Mageia 3 and 4 i586 and x86_64 non-tainted.

Testing complete on Mageia 3 and 4 i586 tainted.
Comment 4 Bill Wilkinson 2014-03-06 04:38:25 CET 
tested tainted builds mageia 3 and 4 i586 and x86_64. All OK.

validating.

Could someone from the sysadmin team please push to core and tainted updates? Thanks!

Keywords: (none) => validated_update
Whiteboard: MGA3TOO advisory => MGA3TOO advisory mga3-32-ok mga3-64-ok mga4-64-ok mga4-32-ok
CC: (none) => wrw105, sysadmin-bugs

Comment 5 Thomas Backlund 2014-03-06 22:53:48 CET 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0121.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED