15611 – chromium-browser-stable new security issues fixed in 41.0.2272.118

Bug 15611 - chromium-browser-stable new security issues fixed in 41.0.2272.118

Summary: chromium-browser-stable new security issues fixed in 41.0.2272.118

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/638902/
Whiteboard:	MGA4-64-OK has_procedure MGA4-32-OK a...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2015-04-01 20:28 CEST by David Walser
Modified:	2015-04-10 00:45 CEST (History)
CC List:	4 users (show)

See Also:
Source RPM:	chromium-browser-stable-41.0.2272.101-1.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-04-01 20:28:17 CEST

Upstream has released version 41.0.2272.118 on April 1:
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html

This fixes several new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Reproducible: 

Steps to Reproduce:

David Walser 2015-04-01 20:28:23 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-04-04 17:23:37 CEST

Updated packages uploaded for Mageia 4 and Cauldron by Christiaan.

Advisory:
========================

Updated chromium-browser-stable packages fix security vulnerabilities:

Google Chrome before 41.0.2272.118 does not properly handle the interaction of
IPC, the Gamepad API, and Google V8, which allows remote attackers to execute
arbitrary code via unspecified vectors (CVE-2015-1233).

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google
Chrome before 41.0.2272.118 allows remote attackers to cause a denial of
service (buffer overflow) or possibly have unspecified other impact by
manipulating OpenGL ES commands (CVE-2015-1234).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1234
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html
========================

Updated packages in core/updates_testing:
========================
chromium-browser-41.0.2272.118-1.mga4
chromium-browser-stable-41.0.2272.118-1.mga4

from chromium-browser-stable-41.0.2272.118-1.mga4.src.rpm

CC: (none) => cjw
Version: Cauldron => 4
Assignee: cjw => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 2 Shlomi Fish 2015-04-05 18:19:17 CEST

Browsing works on a Mageia 4 x86-64 VBox VM : I tried DuckDuckGo, Wikipedia, my personal web site, and an HTML 5 game. Marking a MGA4-64-OK. Procedure is just to test general browsing.

CC: (none) => shlomif
Whiteboard: (none) => MGA4-64-OK has_procedure

Comment 3 Shlomi Fish 2015-04-05 18:29:24 CEST

It seems to work fine on Mageia 4 32-bits/i586 as well.

Whiteboard: MGA4-64-OK has_procedure => MGA4-64-OK has_procedure MGA4-32-OK

Comment 4 David Walser 2015-04-06 18:57:22 CEST

RedHat has issued an advisory for this today (April 6):
https://rhn.redhat.com/errata/RHSA-2015-0778.html

URL: (none) => http://lwn.net/Vulnerabilities/638902/

Comment 5 Bill Wilkinson 2015-04-07 05:16:05 CEST

tested mga4-64.

General browsing, sunspider for javascript, acid3 for rendering, all OK

Validating.  Ready for push when advisory uploaded.

Keywords: (none) => validated_update
CC: (none) => wrw105, sysadmin-bugs

Comment 6 claire robinson 2015-04-07 14:41:06 CEST

Advisory uploaded.

Whiteboard: MGA4-64-OK has_procedure MGA4-32-OK => MGA4-64-OK has_procedure MGA4-32-OK advisory

Comment 7 Mageia Robot 2015-04-10 00:45:09 CEST

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0141.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.