Bug 15611

Summary: chromium-browser-stable new security issues fixed in 41.0.2272.118
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: cjw, shlomif, sysadmin-bugs, wrw105
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/638902/
Whiteboard: MGA4-64-OK has_procedure MGA4-32-OK advisory
Source RPM: chromium-browser-stable-41.0.2272.101-1.mga4.src.rpm CVE:
Status comment:

Description David Walser 2015-04-01 20:28:17 CEST 
Upstream has released version 41.0.2272.118 on April 1:
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html

This fixes several new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Reproducible: 

Steps to Reproduce:
David Walser 2015-04-01 20:28:23 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-04-04 17:23:37 CEST 
Updated packages uploaded for Mageia 4 and Cauldron by Christiaan.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

Google Chrome before 41.0.2272.118 does not properly handle the interaction of
IPC, the Gamepad API, and Google V8, which allows remote attackers to execute
arbitrary code via unspecified vectors (CVE-2015-1233).

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google
Chrome before 41.0.2272.118 allows remote attackers to cause a denial of
service (buffer overflow) or possibly have unspecified other impact by
manipulating OpenGL ES commands (CVE-2015-1234).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1234
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html
========================

Updated packages in core/updates_testing:
========================
chromium-browser-41.0.2272.118-1.mga4
chromium-browser-stable-41.0.2272.118-1.mga4

from chromium-browser-stable-41.0.2272.118-1.mga4.src.rpm

CC: (none) => cjw
Version: Cauldron => 4
Assignee: cjw => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 2 Shlomi Fish 2015-04-05 18:19:17 CEST 
Browsing works on a Mageia 4 x86-64 VBox VM : I tried DuckDuckGo, Wikipedia, my personal web site, and an HTML 5 game. Marking a MGA4-64-OK. Procedure is just to test general browsing.

CC: (none) => shlomif
Whiteboard: (none) => MGA4-64-OK has_procedure

Comment 3 Shlomi Fish 2015-04-05 18:29:24 CEST 
It seems to work fine on Mageia 4 32-bits/i586 as well.

Whiteboard: MGA4-64-OK has_procedure => MGA4-64-OK has_procedure MGA4-32-OK

Comment 4 David Walser 2015-04-06 18:57:22 CEST 
RedHat has issued an advisory for this today (April 6):
https://rhn.redhat.com/errata/RHSA-2015-0778.html

URL: (none) => http://lwn.net/Vulnerabilities/638902/

Comment 5 Bill Wilkinson 2015-04-07 05:16:05 CEST 
tested mga4-64.

General browsing, sunspider for javascript, acid3 for rendering, all OK

Validating.  Ready for push when advisory uploaded.

Keywords: (none) => validated_update
CC: (none) => wrw105, sysadmin-bugs

Comment 6 claire robinson 2015-04-07 14:41:06 CEST 
Advisory uploaded.

Whiteboard: MGA4-64-OK has_procedure MGA4-32-OK => MGA4-64-OK has_procedure MGA4-32-OK advisory

Comment 7 Mageia Robot 2015-04-10 00:45:09 CEST 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0141.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED