Bug 2764

Summary: update request: chromium-browser-stable
Product: Mageia Reporter: D Morgan <dmorganec>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins, eeeemail, mageia, mailinglistsduraph, sysadmin-bugs
Version: 1Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: chromium-browser-stable CVE:
Status comment:

Description D Morgan 2011-09-18 01:41:13 CEST 
This package provide a new version of chromium-browser-stable fixing a lot of CVE.


The needed tests are just to test that all still works OK.

This package obsolete chromium-browser-unstable and chromium-browser-beta as asked on dev ML.


- new upstream release 14.0.835.163 (101024)
- security fixes:
 * [49377] High CVE-2011-2835: Race condition in the certificate cache
 * [57908] Low CVE-2011-2837: Use PIC / pie compiler flags
 * [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
   loading plug-ins
 * [76771] High CVE-2011-2839: Crash in v8 script object wrappers
 * [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
   user interaction
 * [78639] High CVE-2011-2841: Garbage collection error in PDF
 * [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers
 * [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files
 * [$1000] [89219] High CVE-2011-2846: Use-after-free in unload event handling
 * [$1000] [89330] High CVE-2011-2847: Use-after-free in document loader
 * [89564] Medium CVE-2011-2848: URL bar spoof with forward button
 * [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets
 * [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling
 * [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters
 * [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling
 * [91120] High CVE-2011-2852: Off-by-one in v8
 * [91197] High CVE-2011-2853: Use-after-free in plug-in handling
 * [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style
   handing
 * [92959] High CVE-2011-2855: Stale node in stylesheet handling
 * [93416] High CVE-2011-2856: Cross-origin bypass in v8
 * [93420] High CVE-2011-2857: Use-after-free in focus controller
 * [93472] High CVE-2011-2834: Double free in libxml XPath handling
 * [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
   non-gallery pages
 * [93587] High CVE-2011-2860: Use-after-free in table style handling
 * [93596] Medium CVE-2011-2861: Bad string read in PDF
 * [93906] High CVE-2011-2862: Unintended access to v8 built-in objects
 * [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters
 * [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays
 * [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session
 * [95920] High CVE-2011-2875: Type confusion in v8 object sealing
- detailed changelog at http://goo.gl/6B1kT
Raphaƫl Vinet 2011-09-18 07:51:24 CEST

CC: (none) => mailinglistsduraph

Comment 1 Sander Lepik 2011-09-18 11:44:43 CEST 
Tested on x86_64.

Obsoleting seems to work. Flash works, JS tests too, no regressions noticed.

CC: (none) => sander.lepik
Hardware: i586 => All

Comment 2 claire robinson 2011-09-18 19:21:45 CEST 
i586:

There are no exploits for the CVE's, they are just listed as Multiple Vulnerabilities.

Https OK, Java OK, Spellchecking OK, Flash OK, Import from firefox OK, Printing OK

No problems to report.

CC: (none) => eeeemail

Comment 3 D Morgan 2011-09-19 01:11:04 CEST 
seems OK to validate.

any more testers ?
Comment 4 Dave Hodgins 2011-09-19 04:14:09 CEST 
I've been testing on i586 as well.  Everything looks ok.

Can someone from the sysadmin team push the srpm
chromium-browser-stable-14.0.835.163-0.2.mga1.src.rpm
from Core Updates Testing to Core Updates.

Advisory: This update to the chromium-browser-stable web browser includes
a number of bug fixes, as well security fixes.  For details see
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html

https://bugs.mageia.org/show_bug.cgi?id=2764

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 D Morgan 2011-09-19 08:22:39 CEST 
update pushed.

Status: NEW => RESOLVED
Resolution: (none) => FIXED