Bug 11049 - chromium-browser-stable new security issues fixed in 29.0.1547.57
Summary: chromium-browser-stable new security issues fixed in 29.0.1547.57
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 3
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/564817/
Whiteboard: MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-6...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2013-08-21 16:42 CEST by David Walser
Modified: 2014-05-08 18:06 CEST (History)
2 users (show)

See Also:
Source RPM: chromium-browser-stable-28.0.1500.95-1.mga3.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-08-21 16:42:43 CEST
Upstream has released version 28.0.1500.95 on August 20:
http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html

This fixes a handful of new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Reproducible: 

Steps to Reproduce:
David Walser 2013-08-21 16:42:50 CEST

Whiteboard: (none) => MGA3TOO, MGA2TOO

Comment 1 David Walser 2013-08-26 19:08:53 CEST
Debian has issued an advisory for this on August 25:
http://www.debian.org/security/2013/dsa-2741

URL: (none) => http://lwn.net/Vulnerabilities/564817/

Comment 2 David Walser 2013-09-06 13:22:05 CEST
The stable channel has been upated to 29.0.1547.65:
http://googlechromereleases.blogspot.com/2013/09/stable-channel-update.html

D Morgan uploaded 29.0.1547.72 to Cauldron, which is actually older:
http://src.chromium.org/viewvc/chrome/releases/

This should probably be reverted.
Comment 3 David Walser 2013-09-12 22:23:25 CEST
Updated packages uploaded for Mageia 2, Mageia 3, and Cauldron.

Note: Mageia 3 includes a tainted build.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

The chrome 29 development team found various issues from internal fuzzing,
audits, and other studies (CVE-2013-2887).

Krystian Bigaj discovered a file handling path sanitization issue
(CVE-2013-2900).

Alex Chapman discovered an integer overflow issue in ANGLE, the Almost Native
Graphics Layer (CVE-2013-2901).

cloudfuzzer discovered a use-after-free issue in XSLT (CVE-2013-2902).

cloudfuzzer discovered a use-after-free issue in HTMLMediaElement
(CVE-2013-2903).

cloudfuzzer discovered a use-after-free issue in XML document parsing
(CVE-2013-2904).

Christian Jaeger discovered an information leak due to insufficient file
permissions (CVE-2013-2905).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2905
http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html
http://googlechromereleases.blogspot.com/2013/09/stable-channel-update.html
http://www.debian.org/security/2013/dsa-2741
========================

Updated packages in core/updates_testing:
========================
chromium-browser-stable-29.0.1547.65-1.mga2
chromium-browser-29.0.1547.65-1.mga2
chromium-browser-stable-29.0.1547.65-1.mga3
chromium-browser-29.0.1547.65-1.mga3

Updated packages in tainted/updates_testing:
========================
chromium-browser-stable-29.0.1547.65-1.mga3
chromium-browser-29.0.1547.65-1.mga3

from SRPMS:
chromium-browser-stable-29.0.1547.65-1.mga2.src.rpm
chromium-browser-stable-29.0.1547.65-1.mga3.src.rpm

Version: Cauldron => 3
Assignee: dmorganec => qa-bugs
Whiteboard: MGA3TOO, MGA2TOO => MGA2TOO

Comment 4 Dave Hodgins 2013-09-12 22:52:01 CEST
Advisory 11049.adv committed to svn.

CC: (none) => davidwhodgins

Comment 5 Dave Hodgins 2013-09-13 22:25:58 CEST
Added the srpm chromium-browser-stable-29.0.1547.65-1.mga3.tainted
to the advisory.

Testing complete Mageia 2 and 3, i586 and x86_64, including tainted
on Mageia 3.

Someone from the sysadmin team please push 11049.adv to updates.

Keywords: (none) => validated_update
Whiteboard: MGA2TOO => MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64-OK MGA2-32-OK
CC: (none) => sysadmin-bugs

Comment 6 Nicolas Vigier 2013-09-13 22:32:17 CEST
http://advisories.mageia.org/MGASA-2013-0278.html

Status: NEW => RESOLVED
CC: (none) => boklm
Resolution: (none) => FIXED

Nicolas Vigier 2014-05-08 18:06:39 CEST

CC: boklm => (none)


Note You need to log in before you can comment on or make changes to this bug.