Bug 13325

Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Note to QA: there are both core and tainted builds for this package.

The tainted builds are still building, so they won't be available for a few hours, as we have only one build node in the build system right now.  The core builds are already uploaded.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

A type confusion issue was discovered in the v8 javascript library
(CVE-2014-1730).

John Butler discovered a type confusion issue in the WebKit/Blink document
object model implementation (CVE-2014-1731).

Khalil Zhani discovered a use-after-free issue in the speech recognition
feature (CVE-2014-1732).

Jed Davis discovered a way to bypass the seccomp-bpf sandbox (CVE-2014-1733).

The Google Chrome development team discovered and fixed multiple issues with
potential security impact (CVE-2014-1734).

The Google Chrome development team discovered and fixed multiple issues in
version 3.24.35.33 of the v8 javascript library (CVE-2014-1735).

SkyLined discovered an integer overlflow issue in the v8 javascript library
(CVE-2014-1736).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1736
http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
https://www.debian.org/security/2014/dsa-2920
========================

Updated packages in core/updates_testing:
========================
chromium-browser-stable-34.0.1847.132-2.mga3
chromium-browser-34.0.1847.132-2.mga3
chromium-browser-stable-34.0.1847.132-2.mga4
chromium-browser-34.0.1847.132-2.mga4

Updated packages in tainted/updates_testing:
========================
chromium-browser-stable-34.0.1847.132-2.mga3
chromium-browser-34.0.1847.132-2.mga3
chromium-browser-stable-34.0.1847.132-2.mga4
chromium-browser-34.0.1847.132-2.mga4

from SRPMS:
chromium-browser-stable-34.0.1847.132-2.mga3.src.rpm
chromium-browser-stable-34.0.1847.132-2.mga4.src.rpm

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO

Tested mga4-32

Usual browser tests: sunspider, javatester, youtube, mp3 test for tainted build, general browsing.

Will catch the 64 bit under both versions in the AM (US East coast time) if nobody beats me to them.

CC: (none) => wrw105
Whiteboard: MGA3TOO => MGA3TOO mga4-32-ok

tested mga3-64
All as above.

Will be a few hours before I can get to the others.

Whiteboard: MGA3TOO mga4-32-ok => MGA3TOO mga4-32-ok mga3-64-ok

Advisory uploaded. Remembered to add the tainted SRPMs.

Whiteboard: MGA3TOO mga4-32-ok mga3-64-ok => MGA3TOO has_procedure advisory mga4-32-ok mga3-64-ok

Sorry Bill, I thought others would be able to test a web browser.

Testing complete mga4 64, testing mga3 32 next.

Whiteboard: MGA3TOO has_procedure advisory mga4-32-ok mga3-64-ok => MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok mga3-64-ok

Testing complete mga3 32

Validating. Could sysadmin please push to updates.

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok mga3-64-ok => MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok mga3-32-ok mga3-64-ok
CC: (none) => sysadmin-bugs

Update pushed:
http://advisories.mageia.org/MGASA-2014-0213.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED