Debian: DSA-2811-1: chromium-browser security update
Debian: DSA-2811-1: chromium-browser security update
Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634
- ------------------------------------------------------------------------- Debian Security Advisory DSA-2811-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Michael Gilbert December 07, 2013 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-6634 CVE-2013-6635 CVE-2013-6636 CVE-2013-6637 CVE-2013-6638 CVE-2013-6639 CVE-2013-6640 Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing commands. CVE-2013-6636 Bas Venis discovered an address bar spoofing issue. CVE-2013-6637 The chrome 31 development team discovered and fixed multiple issues with potential security impact. CVE-2013-6638 Jakob Kummerow of the Chromium project discoved a buffer overflow in the v8 javascript library. CVE-2013-6639 Jakob Kummerow of the Chromium project discoved an out-of-bounds write in the v8 javascript library. CVE-2013-6640 Jakob Kummerow of the Chromium project discoved an out-of-bounds read in the v8 javascript library. For the stable distribution (wheezy), these problems have been fixed in version 31.0.1650.63-1~deb7u1. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 31.0.1650.63-1. We recommend that you upgrade your chromium-browser packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.