Debian has issued an advisory on October 26: http://www.debian.org/security/2013/dsa-2785 This updates to the newest security release, from upstream on October 15: http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html There is an even newer bugfix release for Linux, from October 22: http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html This is the current version for Linux on the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates The new security issues fixed are CVE-2013-2925 through CVE-2013-2928. Reproducible: Steps to Reproduce:
Updated packages uploaded for Mageia 2, Mageia 3, and Cauldron. Note: Mageia 3 includes a tainted build. Advisory: ======================== Updated chromium-browser-stable packages fix security vulnerabilities: Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation (CVE-2013-2925). cloudfuzzer discovered a use-after-free issue in the list indenting implementation (CVE-2013-2926). cloudfuzzer discovered a use-after-free issue in the HTML form submission implementation (CVE-2013-2927). The chrome 30 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2928). This updates to the newest version from the Linux stable channel, fixing these and several other issues. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928 http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html http://www.debian.org/security/2013/dsa-2785 ======================== Updated packages in core/updates_testing: ======================== chromium-browser-stable-30.0.1599.114-1.mga2 chromium-browser-30.0.1599.114-1.mga2 chromium-browser-stable-30.0.1599.114-1.mga3 chromium-browser-30.0.1599.114-1.mga3 Updated packages in tainted/updates_testing: ======================== chromium-browser-stable-30.0.1599.114-1.mga3 chromium-browser-30.0.1599.114-1.mga3 from SRPMS: chromium-browser-stable-30.0.1599.114-1.mga2.src.rpm chromium-browser-stable-30.0.1599.114-1.mga3.src.rpm
Version: Cauldron => 3Assignee: bugsquad => qa-bugsWhiteboard: (none) => MGA2TOO
No exploits on securityfocus. Testing mga3-64, general use.
CC: (none) => wrw105
tested mga3-64 from core/updates_testing general browsing: OK Java from javatester: OK flash from Youtube: OK Javascript from sunspider: OK
Tested mga3-64 from tainted/updates_testing as in comment 3, plus https://archive.org/details/testmp3testfile for mp3. All ok
Whiteboard: MGA2TOO => MGA2TOO mga3-64-OK
Tested mga3-32 from core/updates_testing as in comment 3. All OK.
Tested mga3-32 from tainted/updates_testing as in comment 4. All OK.
Whiteboard: MGA2TOO mga3-64-OK => MGA2TOO mga3-64-OK mga3-32-ok
tested mga2-32 as in comment 3. All Ok. As I don't have a mga2-64 setup, I'll leave that for someone else.
Whiteboard: MGA2TOO mga3-64-OK mga3-32-ok => MGA2TOO mga3-64-OK mga3-32-ok mga2-32-ok
Thanks Bill, i'll do that now
Testing complete mga2 64 Actually 3 srpms for this.. chromium-browser-stable-30.0.1599.114-1.mga2.src.rpm chromium-browser-stable-30.0.1599.114-1.mga3.src.rpm chromium-browser-stable-30.0.1599.114-1.mga3.tainted.src.rpm Validating. Advisory uploaded. Could sysadmin please push from 2&3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_updateWhiteboard: MGA2TOO mga3-64-OK mga3-32-ok mga2-32-ok => MGA2TOO mga3-64-OK mga3-32-ok mga2-32-ok mga2-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0321.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED