Upstream has released version 42.0.2311.90 on April 14: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html This fixes several new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
RedHat has issued an advisory for this today (April 16): https://rhn.redhat.com/errata/RHSA-2015-0816.html
URL: (none) => http://lwn.net/Vulnerabilities/640604/
Updated packages are ready for testing: MGA4 Source RPM: chromium-browser-stable-42.0.2311.90-1.mga4.src.rpm Binary RPMS: chromium-browser-stable-42.0.2311.90-1.mga4.i586.rpm chromium-browser-42.0.2311.90-1.mga4.i586.rpm chromium-browser-stable-42.0.2311.90-1.mga4.x86_64.rpm chromium-browser-42.0.2311.90-1.mga4.x86_64.rpm Proposed advisory: Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser (CVE-2015-1235), a cross-origin-bypass in Blink (CVE-2015-1236), a use-after-free in IPC (CVE-2015-1237), an out-of-bounds write in Skia (CVE-2015-1238), an out-of-bounds read in WebGL (CVE-2015-1240), Tap-Jacking (CVE-2015-1241), type confusion in V8 (CVE-2015-1242), HSTS bypass in WebSockets (CVE-2015-1244), a use-after-free in PDFium (CVE-2015-1245), an out-of-bounds read in Blink (CVE-2015-1246), scheme issues in OpenSearch, (CVE-2015-1247), and a SafeBrowsing bypass (CVE-2015-1248). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1248 http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html
Version: Cauldron => 4Assignee: cjw => qa-bugs
CC: (none) => cjw
Whiteboard: MGA5TOO, MGA4TOO => (none)
chromium-browser-stable runs fine on an MGA4 x86-64 VM: google, duckduckgo, wikipedia , html5games.com , YouTube and Jamendo all run fine. Putting MGA4-64-OK
CC: (none) => shlomifWhiteboard: (none) => MGA4-64-OK has_procedure
(In reply to Shlomi Fish from comment #3) > chromium-browser-stable runs fine on an MGA4 x86-64 VM: google, duckduckgo, > wikipedia , html5games.com , YouTube and Jamendo all run fine. Putting > MGA4-64-OK It also runs fine on MGA4-32-OK .
Whiteboard: MGA4-64-OK has_procedure => MGA4-64-OK has_procedure MGA4-32-OK
David, do you want to flesh out the advisory?
Not really, but it is missing CVE-2015-1249, so that needs to be added. OpenSuSE has issued an advisory for this today (April 22): http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html I noticed that they have some additional CVEs listed, CVE-2015-333[3-6]. I'm not sure where they got those from. Christiaan, can you update the advisory?
Oops, here's an updated advisory. To add the other suse CVEs I'd have to check sources but no time for that now (NaCl doesn't apply AFAIK). Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser (CVE-2015-1235), a cross-origin-bypass in Blink (CVE-2015-1236), a use-after-free in IPC (CVE-2015-1237), an out-of-bounds write in Skia (CVE-2015-1238), an out-of-bounds read in WebGL (CVE-2015-1240), Tap-Jacking (CVE-2015-1241), type confusion in V8 (CVE-2015-1242), HSTS bypass in WebSockets (CVE-2015-1244), a use-after-free in PDFium (CVE-2015-1245), an out-of-bounds read in Blink (CVE-2015-1246), scheme issues in OpenSearch, (CVE-2015-1247), and a SafeBrowsing bypass (CVE-2015-1248). Also included are various fixes from internal audits, fuzzing and other initiatives (CVE-2015-1249), and multiple vulnerabilities in V8 have been fixed at the tip of the 4.2 branch (currently 4.2.77.14) (CVE-2015-3333). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3333 http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html
LWN reference for CVE-2015-233[3-6]: http://lwn.net/Vulnerabilities/641428/
Validating. Advisory from comment 7 uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA4-64-OK has_procedure MGA4-32-OK => MGA4-64-OK has_procedure MGA4-32-OK advisoryCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0164.html
Status: NEW => RESOLVEDResolution: (none) => FIXED