From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-2732-1 [email protected] http://www.debian.org/security/ Michael Gilbert
July 31, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-2881 CVE-2013-2882 CVE-2013-2883 CVE-2013-2884
CVE-2013-2885 CVE-2013-2886

Several vulnerabilities have been discovered in the Chromium web browser.

CVE-2013-2881

Karthik Bhargavan discovered a way to bypass the Same Origin Policy
in frame handling.

CVE-2013-2882

Cloudfuzzer discovered a type confusion issue in the V8 javascript
library.

CVE-2013-2883

Cloudfuzzer discovered a use-after-free issue in MutationObserver.

CVE-2013-2884

Ivan Fratric of the Google Security Team discovered a use-after-free
issue in the DOM implementation.

CVE-2013-2885

Ivan Fratric of the Google Security Team discovered a use-after-free
issue in input handling.

CVE-2013-2886

The chrome 28 development team found various issues from internal
fuzzing, audits, and other studies.

For the stable distribution (wheezy), these problems have been fixed in
version 28.0.1500.95-1~deb7u1.

For the testing distribution (jessie), these problems wil be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 28.0.1500.95-1.

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQQcBAEBCgAGBQJR+dsQAAoJELjWss0C1vRzPl0gAJnnwlUpiQLN/n7cg4YNUvfS iFVnVRfOu4ELbBwdHNFi4gZ5pzfDR10E4YmSLechqTW/0pRySYQGKhcXDTq+zHt/ 3V1t9Y+xRQKS1auZqDMqZEdyVMFKsrfd6i1uH+7A+76Xa3wnG3nmyut670VihbXt w5feqXeo6KI/mbFT5XtrLj6nBV+bBRl+VhkXnlQbOKGXGHLpOY5VzmytaU5ZIqFW 7IYmtrMBUbIIwdKG3NfHa+bz9342p9j0f54AKHmMEcCkITzyTaO+k27oZTZd8hS8 u9BlyCNl0Ps4/oiolttTnIFaRl7pmVtycXpqlTWFw/VtYmyQllGLAFA+z57OGC6o C0fhJYTjDAraVqZX0izJrdANeS5VyD+rbYAIfrg1gO60fQopcoTXTJ1qbi+TSwYm PAAkjCPAbsB1yJvLT+ecBqC9cT4os/+GafpUl/griHrGlt9pFgY7aQ6Tqkc5VhVV c+PVPRPJf+LJQBEGgZWgeI89t4IzKN/3ba8vdEgB5gqx28+p91yPLV0HIqEfUkvu WiP9Lky832UpNl3bNZGh32Xjw9wpPszp2N5Imwyt21NU07zL1bLePrkS6e0Nw30M zwu7yN6r5ZnU+kpR/kwi9LmsVzcIrWUH8KSQ5F3rXqiODR2n/Xn6ZbYvw6hMzzOk 2uP8SGESvCfi/lHXqof2dj4TXnHDx/2aufCiRA3Y+qxpj1byt5qnhjx6NDaoMR/0 R0onKGGqv07IcPWxogNe3kQQ+fSNu2YgBLodu96aSgFYeMMnhOkESPsPGLnSy2B6 7vEqF2WH/34mGITfhl8luZ0hyeVDtWwhY34SJHnuHackXa970843w0vPJ3zq2m6x do5QaYwL+3skGwDgn/nRxveqoLPprJH0ToRqhdwvuELZ7uSS4l8jXblc/H/0bLco ZNrQU4T7rE1+bW23wafka75MjVkzNA7eJRFmqR1ds9Y6QwmlrZcE4i5FabF8rZZI V5Bxp+kzxDiYlv+z4vZpDj8ZHBO9OK3Az37mnwAthIjWstjFBNvLhgIAaXFFJ5p1 TwHMvGQyZledPL2mV7vwx6f2gpWPaIlZFm0aCFG0Dr/rzYMKf9V7KZuiVFfAjJUI pQWfO6wbkZU5vmIwudfdgH0C28tDawKy8tYd+7mFBvJZYh4lj+0Wceu37F1oN9Aq asyjyw/ubrqaVgKHeQw3VKxZWr836vrzIrZhUPP/aadejx+ABuBqvIsNRZA8Ei6g AE8FchyWiXFviiWTJmMILNlf6IsvysZbqkDAocUjfqy2QwfnL1CoM5fTcK+8koaA nZmdh50Da2Q9xmsWnJbbk4ANbJP7kkEnbreeifcO1Z97pN4EkwZ16SL4BK0jRAk=
=AyVH
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/51fc4361.ZV0jqT/omLoOTmW2%[email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)