Upstream has released version 42.0.2311.135 on April 28: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html This fixes two new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates Reproducible: Steps to Reproduce:
URL: (none) => http://lwn.net/Vulnerabilities/642380/Whiteboard: (none) => MGA5TOO, MGA4TOO
For cauldron (MGA5) a freeze push request has been sent. For MGA4, updated packages are available for testing: MGA4 SRPM: chromium-browser-stable-42.0.2311.135-1.mga4.src.rpm RPMS: chromium-browser-stable-42.0.2311.135-1.mga4.i586.rpm chromium-browser-42.0.2311.135-1.mga4.i586.rpm chromium-browser-stable-42.0.2311.135-1.mga4.x86_64.rpm chromium-browser-42.0.2311.135-1.mga4.x86_64.rpm Proposed advisory: Chromium-browser 42.0.2311.135 fixes security issues: a use-after-free in DOM (CVE-2015-1243), and various fixes from internal audits, fuzzing and other initiatives (CVE-2015-1250). References: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1250
CC: (none) => cjwVersion: Cauldron => 4Assignee: cjw => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)
Tested general use mga4-64. Sunspider for javascript, acid3. General browsing OK. Unable to test with my 32 bit system--chromium hasn't run on it in a while, I'm guessing it's the old AMD processor thing....
CC: (none) => wrw105Whiteboard: (none) => mga4-64-ok has_procedure
Tested general usage on Mageia 4 i586, also works fine.
Whiteboard: mga4-64-ok has_procedure => mga4-32-ok mga4-64-ok has_procedure
validating. Ready for push when advisory uploaded to svn.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Well done both. Advisory uploaded.
Whiteboard: mga4-32-ok mga4-64-ok has_procedure => mga4-32-ok mga4-64-ok has_procedure advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0182.html
Status: NEW => RESOLVEDResolution: (none) => FIXED