From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-2939-1 [email protected] http://www.debian.org/security/ Michael Gilbert
May 31, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2014-1743 CVE-2014-1744 CVE-2014-1745 CVE-2014-1746
CVE-2014-1747 CVE-2014-1748 CVE-2014-1749 CVE-2014-3152

Several vulnerabilities were discovered in the chromium web browser.

CVE-2014-1743

cloudfuzzer discovered a use-after-free issue in the Blink/Webkit
document object model implementation.

CVE-2014-1744

Aaron Staple discovered an integer overflow issue in audio input
handling.

CVE-2014-1745

Atte Kettunen discovered a use-after-free issue in the Blink/Webkit
scalable vector graphics implementation.

CVE-2014-1746

Holger Fuhrmannek discovered an out-of-bounds read issue in the URL
protocol implementation for handling media.

CVE-2014-1747

packagesu discovered a cross-site scripting issue involving
malformed MHTML files.

CVE-2014-1748

Jordan Milne discovered a user interface spoofing issue.

CVE-2014-1749

The Google Chrome development team discovered and fixed multiple
issues with potential security impact.

CVE-2014-3152

An integer underflow issue was discovered in the v8 javascript
library.

For the stable distribution (wheezy), these problems have been fixed in
version 35.0.1916.114-1~deb7u2.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 35.0.1916.114-1.

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJTiYO1AAoJELjWss0C1vRz2cMf/ixDiv7EKNOdYllZu0pGCtPu wQ2G+zBv3EIV4vsmXzhp4sQS2hK2U4FLtCJz8lR3tSjOYkVca4sEAdKIp7kpsVMM OONydls7xoiJGgUT5DU38SFHXtJ9svhx54ENY+1MY7+DZerfRqTWt7Hl87G2Tw0M VctpPkY6z93qlREF2RQTnuMYiBzpK5cuwqRbvbgZHODYDoDb1PnIsV+g9kIha4I+ XE4zC2GAsQnf3StxEZXY+SQ/Xoqr+LDaMo1xq2mJ/8X+SERlMPEWOZXtFn4OMO51 C7WO3jwSvZcHqpj/85milzUafkYb/C8URpXb6QdOape5Sga7zTVHHxP06VAcG5Rs 9ZndOqPb6D8dchCBOGdM7cNZ/8vWyn01kT6XgWwySq1EsF1hA6oX9FWtteijpOpX 9SxtDhQTcb/oUKjWYoc7czudBl85y9ZBUVEmh7AoOrsiMbM/TT3p71+z0zAPILV9 ksbn5eLgzMY4dXr2CO4FjnCztx6Nq1QSP2sWa7x/bnHHc3KFI7UirlGRpa6Ke417 q0Mj2BnlQCli684dffV66jYUrr/6OamzJr8LzR1iM4/UWRkN5rmm6diSqm0CXPTn Mfo/7Qe8g2gr6jKibb9ZOBy/pmwvLgnslvWpkk8LbvgrNVrizbl6zoWc7B/Gh/Z2 xBXkVEwptEltAeShDBvroAnLFbBlEV6TqncF1+evJKA4c8vcbBkjQMHVJ720V4jE c9YbQGQnegOLwODHQujYYoQpu4xhBZir/Kzl3dcBLDTLTrb/+MqyGaHyNMl9XU83 dYJGh05pTnvwwsOZzJz7G78ZTWkw5ocpuj6a/lQGTK6nW5XD+UScgV5c1qCxLOw7 fqmYripUx7uFPf7Fz85XZNGVO+GU7rKV7M4np2MzvsGOavo3VJKBnx//vJd3CDsu R88G0rGFPzKCKjYMMkHjC+A5tls2SHH+nzUm7ZV8gknMGJX7YgvDIg4Tg8qsKLQj uktm9VDUa3whrT3AdCSjw/Fjr70S/J96ZF59s4qfZmqqNEQ0xs3gYX9is9ufNI+8 fPUHv0bogLmngZjulfulmrsX/Ai5bpnSph2gG6uIks5d82iQrco9cS87/rd1hovK ZNV7jJlQE6t1bB2A8JH/UZn3l+yy/guanKdGwiJOZT4UMqY/hurfZDfFKHIBejZl 03D3Gxd7oGi31nO7EvXGRjLm0xw0dNN+CBzRsxrRu2WPbbWh2OWwr9UrcEF3jdqR 7dBA/UVCEKloOEZuu2H3vrko1mhewy4C7aAvQS2ZWBzUp8weQ9NZl9bR8KimcsSH xM6qzuZhfH1xY+sYfROnuoyuQK4edf5rssE4jowL3CzHAiFLw8fL9//xlbZRqTw=
=Tlbj
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)