Bug 11554 - chromium-browser-stable new security issues fixed in 30.0.1599.101
: chromium-browser-stable new security issues fixed in 30.0.1599.101
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 3
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
: Sec team
: http://lwn.net/Vulnerabilities/571974/
: MGA2TOO mga3-64-OK mga3-32-ok mga2-32...
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2013-10-28 22:19 CET by David Walser
Modified: 2013-11-09 20:19 CET (History)
3 users (show)

See Also:
Source RPM: chromium-browser-stable-30.0.1599.66-1.mga3.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-10-28 22:19:30 CET
Debian has issued an advisory on October 26:
http://www.debian.org/security/2013/dsa-2785

This updates to the newest security release, from upstream on October 15:
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html

There is an even newer bugfix release for Linux, from October 22:
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html

This is the current version for Linux on the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

The new security issues fixed are CVE-2013-2925 through CVE-2013-2928.

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2013-11-05 19:41:01 CET
Updated packages uploaded for Mageia 2, Mageia 3, and Cauldron.

Note: Mageia 3 includes a tainted build.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP
request implementation (CVE-2013-2925).

cloudfuzzer discovered a use-after-free issue in the list indenting
implementation (CVE-2013-2926).

cloudfuzzer discovered a use-after-free issue in the HTML form submission
implementation (CVE-2013-2927).

The chrome 30 development team found various issues from internal fuzzing,
audits, and other studies (CVE-2013-2928).

This updates to the newest version from the Linux stable channel, fixing
these and several other issues.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html
http://www.debian.org/security/2013/dsa-2785
========================

Updated packages in core/updates_testing:
========================
chromium-browser-stable-30.0.1599.114-1.mga2
chromium-browser-30.0.1599.114-1.mga2
chromium-browser-stable-30.0.1599.114-1.mga3
chromium-browser-30.0.1599.114-1.mga3

Updated packages in tainted/updates_testing:
========================
chromium-browser-stable-30.0.1599.114-1.mga3
chromium-browser-30.0.1599.114-1.mga3

from SRPMS:
chromium-browser-stable-30.0.1599.114-1.mga2.src.rpm
chromium-browser-stable-30.0.1599.114-1.mga3.src.rpm
Comment 2 Bill Wilkinson 2013-11-07 22:41:46 CET
No exploits on securityfocus.

Testing mga3-64, general use.
Comment 3 Bill Wilkinson 2013-11-07 22:50:15 CET
tested mga3-64 from core/updates_testing
general browsing: OK
Java from javatester: OK
flash from Youtube: OK 
Javascript from sunspider: OK
Comment 4 Bill Wilkinson 2013-11-07 23:58:21 CET
Tested mga3-64 from tainted/updates_testing as in comment 3, plus https://archive.org/details/testmp3testfile for mp3.

All ok
Comment 5 Bill Wilkinson 2013-11-08 00:28:07 CET
Tested mga3-32 from core/updates_testing as in comment 3.  All OK.
Comment 6 Bill Wilkinson 2013-11-08 05:41:50 CET
Tested mga3-32 from tainted/updates_testing as in comment 4.  All OK.
Comment 7 Bill Wilkinson 2013-11-08 14:12:56 CET
tested mga2-32 as in comment 3.  All Ok.

As I don't have a mga2-64 setup, I'll leave that for someone else.
Comment 8 claire robinson 2013-11-08 14:18:32 CET
Thanks Bill, i'll do that now
Comment 9 claire robinson 2013-11-08 14:41:58 CET
Testing complete mga2 64

Actually 3 srpms for this..
chromium-browser-stable-30.0.1599.114-1.mga2.src.rpm
chromium-browser-stable-30.0.1599.114-1.mga3.src.rpm
chromium-browser-stable-30.0.1599.114-1.mga3.tainted.src.rpm

Validating. Advisory uploaded.

Could sysadmin please push from 2&3 core/updates_testing to updates

Thanks!
Comment 10 Thomas Backlund 2013-11-09 20:19:11 CET
Update pushed:
http://advisories.mageia.org/MGASA-2013-0321.html

Note You need to log in before you can comment on or make changes to this bug.