Bug 12314 - chromium-browser-stable new security issues fixed in 32.0.1700.102
: chromium-browser-stable new security issues fixed in 32.0.1700.102
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 4
: i586 Linux
: Normal Severity: major
: ---
Assigned To: QA Team
: Sec team
: http://lwn.net/Vulnerabilities/585198/
: MGA3TOO has_procedure advisory mga3-6...
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2014-01-15 17:25 CET by David Walser
Modified: 2014-02-18 17:41 CET (History)
5 users (show)

See Also:
Source RPM: chromium-browser-stable-31.0.1650.63-1.mga3.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2014-01-15 17:25:02 CET
Upstream has released version 32.0.1700.77 on January 14:
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html

This fixes a handful of new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2014-01-28 14:17:25 CET
Upstream has released version 32.0.1700.102 on January 27:
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html

It fixes some regressions in the previous version and two security issues.
Comment 2 David Walser 2014-02-05 22:45:48 CET
Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Note to QA: there are both core and tainted builds for this package.

Advisory:
========================

Use-after-free related to forms (CVE-2013-6641).

Unprompted sync with an attacker’s Google account (CVE-2013-6643).

Various fixes from internal audits, fuzzing and other initiatives
(CVE-2013-6644).

Use-after-free related to speech input elements (CVE-2013-6645).

Use-after-free in web workers (CVE-2013-6646).

Use-after-free in SVG images (CVE-2013-6649).

Memory corruption in v8 before version 3.22.24.16 (CVE-2013-6650).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6650
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
========================

Updated packages in core/updates_testing:
========================
chromium-browser-stable-32.0.1700.102-1.mga3
chromium-browser-32.0.1700.102-1.mga3
chromium-browser-stable-32.0.1700.102-1.mga4
chromium-browser-32.0.1700.102-1.mga4

Updated packages in tainted/updates_testing:
========================
chromium-browser-stable-32.0.1700.102-1.mga3
chromium-browser-32.0.1700.102-1.mga3
chromium-browser-stable-32.0.1700.102-1.mga4
chromium-browser-32.0.1700.102-1.mga4

from SRPMS:
chromium-browser-stable-32.0.1700.102-1.mga3.src.rpm
chromium-browser-stable-32.0.1700.102-1.mga4.src.rpm
Comment 3 claire robinson 2014-02-05 23:45:59 CET
There are actually tainted srpms too so..

chromium-browser-stable-32.0.1700.102-1.mga3.src.rpm
chromium-browser-stable-32.0.1700.102-1.mga4.src.rpm
chromium-browser-stable-32.0.1700.102-1.mga3.tainted.src.rpm
chromium-browser-stable-32.0.1700.102-1.mga4.tainted.src.rpm
Comment 4 Bill Wilkinson 2014-02-06 16:43:26 CET
tested mga3-64, core and tainted.

Browsed various websites, tested javascript with sunspider, java with javatester.org, flash with youtube and a flash game.

In tainted tested an mp3 from https://archive.org/details/testmp3testfile

All OK.
Comment 5 Bill Wilkinson 2014-02-06 18:02:13 CET
Mga4-32 tested as above, all OK
Comment 6 David GEIGER 2014-02-06 19:34:48 CET
Tested mga4-64,


Testing complete for chromium-browser-stable-32.0.1700.102-1.mga4, nothing to report.
Comment 7 Bill Wilkinson 2014-02-07 05:50:45 CET
Tested mga3-32 as in comment 4, all OK.

Update just needs the advisory update for validation.
Comment 8 Nicolas Lécureuil 2014-02-07 09:23:34 CET
the advisory of comment #2 is not enough ?
Comment 9 claire robinson 2014-02-07 09:59:31 CET
Yes, he's referring to me needing to add it to svn.

Thanks Bill!
Comment 10 claire robinson 2014-02-07 09:59:51 CET
and David
Comment 11 claire robinson 2014-02-07 10:17:55 CET
Advisory uploaded. Validating

Could sysadmin please push from 3&4 core & tainted updates_testing to updates

Thanks!
Comment 12 Thomas Backlund 2014-02-08 20:32:17 CET
Update pushed:
http://advisories.mageia.org/MGASA-2014-0037.html
Comment 13 David Walser 2014-02-18 17:41:19 CET
Debian has issued an advisory for this on February 16:
http://www.debian.org/security/2014/dsa-2862

Note You need to log in before you can comment on or make changes to this bug.