GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Tue Apr 10, 2012 10:26 pm Post subject: [ GLSA 201204-03 ] Chromium: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Chromium: Multiple vulnerabilities (GLSA 201204-03)
Severity: normal
Exploitable: remote
Date: April 10, 2012
Bug(s): #410963
ID: 201204-03
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of
which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected Packages
Package: www-client/chromium
Vulnerable: < 18.0.1025.151
Unaffected: >= 18.0.1025.151
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Chromium. Please review
the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
or bypass of the same origin policy.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-client/chromium-18.0.1025.151"
|
References
CVE-2011-3066
CVE-2011-3067
CVE-2011-3068
CVE-2011-3069
CVE-2011-3070
CVE-2011-3071
CVE-2011-3072
CVE-2011-3073
CVE-2011-3074
CVE-2011-3075
CVE-2011-3076
CVE-2011-3077
Release Notes 18.0.1025.151
|
|
News & Announcements
