| Summary: | chromium-browser-stable new security issues fixed in 42.0.2311.135 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | cjw, sysadmin-bugs, wrw105 |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/642380/ | ||
| Whiteboard: | mga4-32-ok mga4-64-ok has_procedure advisory | ||
| Source RPM: | chromium-browser-stable-42.0.2311.90-1.mga4.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2015-04-29 18:53:18 CEST
David Walser
2015-04-29 18:53:37 CEST
URL:
(none) =>
http://lwn.net/Vulnerabilities/642380/ For cauldron (MGA5) a freeze push request has been sent. For MGA4, updated packages are available for testing: MGA4 SRPM: chromium-browser-stable-42.0.2311.135-1.mga4.src.rpm RPMS: chromium-browser-stable-42.0.2311.135-1.mga4.i586.rpm chromium-browser-42.0.2311.135-1.mga4.i586.rpm chromium-browser-stable-42.0.2311.135-1.mga4.x86_64.rpm chromium-browser-42.0.2311.135-1.mga4.x86_64.rpm Proposed advisory: Chromium-browser 42.0.2311.135 fixes security issues: a use-after-free in DOM (CVE-2015-1243), and various fixes from internal audits, fuzzing and other initiatives (CVE-2015-1250). References: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1250 CC:
(none) =>
cjw
David Walser
2015-05-01 14:41:53 CEST
Whiteboard:
MGA5TOO, MGA4TOO =>
(none) Tested general use mga4-64. Sunspider for javascript, acid3. General browsing OK. Unable to test with my 32 bit system--chromium hasn't run on it in a while, I'm guessing it's the old AMD processor thing.... CC:
(none) =>
wrw105 Tested general usage on Mageia 4 i586, also works fine. Whiteboard:
mga4-64-ok has_procedure =>
mga4-32-ok mga4-64-ok has_procedure validating. Ready for push when advisory uploaded to svn. Keywords:
(none) =>
validated_update Well done both. Advisory uploaded. Whiteboard:
mga4-32-ok mga4-64-ok has_procedure =>
mga4-32-ok mga4-64-ok has_procedure advisory An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0182.html Status:
NEW =>
RESOLVED |