Mehrere Probleme in Chromium
ID: | 201502-13 |
Distribution: | Gentoo |
Plattformen: | Keine Angabe |
Datum: | Mi, 18. Februar 2015, 07:06 |
Referenzen: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7923
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7925 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7926 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7927 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7929 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7930 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7931 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7932 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7933 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7934 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7935 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7936 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7942 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7943 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7944 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1359 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1360 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1361 |
Applikationen: | Chromium |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --C2qNCIj8DCiHIILP596vj2EQEFFNTPMe1 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201502-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 17, 2015 Bugs: #537366, #539094 ID: 201502-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges. Background ========== Chromium is an open-source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 40.0.2214.111 >= 40.0.2214.111 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker may be able to cause a Denial of Service condition, gain privileges via a filesystem: URI, or have other unspecified impact. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-40.0.2214.111" References ========== [ 1 ] CVE-2014-7923 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7923 [ 2 ] CVE-2014-7924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7924 [ 3 ] CVE-2014-7925 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7925 [ 4 ] CVE-2014-7926 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7926 [ 5 ] CVE-2014-7927 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7927 [ 6 ] CVE-2014-7928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7928 [ 7 ] CVE-2014-7929 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7929 [ 8 ] CVE-2014-7930 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7930 [ 9 ] CVE-2014-7931 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7931 [ 10 ] CVE-2014-7932 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7932 [ 11 ] CVE-2014-7933 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7933 [ 12 ] CVE-2014-7934 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7934 [ 13 ] CVE-2014-7935 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7935 [ 14 ] CVE-2014-7936 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7936 [ 15 ] CVE-2014-7937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7937 [ 16 ] CVE-2014-7938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7938 [ 17 ] CVE-2014-7939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7939 [ 18 ] CVE-2014-7940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7940 [ 19 ] CVE-2014-7941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7941 [ 20 ] CVE-2014-7942 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7942 [ 21 ] CVE-2014-7943 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7943 [ 22 ] CVE-2014-7944 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7944 [ 23 ] CVE-2014-7945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7945 [ 24 ] CVE-2014-7946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7946 [ 25 ] CVE-2014-7947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7947 [ 26 ] CVE-2014-7948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7948 [ 27 ] CVE-2014-9646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9646 [ 28 ] CVE-2014-9647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9647 [ 29 ] CVE-2014-9648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9648 [ 30 ] CVE-2015-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1205 [ 31 ] CVE-2015-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1209 [ 32 ] CVE-2015-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1210 [ 33 ] CVE-2015-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1211 [ 34 ] CVE-2015-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1212 [ 35 ] CVE-2015-1346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1346 [ 36 ] CVE-2015-1359 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1359 [ 37 ] CVE-2015-1360 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1360 [ 38 ] CVE-2015-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1361 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201502-13.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --C2qNCIj8DCiHIILP596vj2EQEFFNTPMe1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJU47q4AAoJEP7VAChXwav6aL4IALtHX9N9mN8gGddmMdQrmQL1 DQz/wPxdRHnTuNMKsF0KbxGHM1vzGkYJqUBVzg649wKdZcJ/2wLsgjBUpcY6ooyE OQCrXVJrm2Z3tySpz7p2uner6ajo4A7/nNH1jOQAvpL53cHXGuSBV8KRDMGPUyfK 7rfHocBANGmr0dwPP1FwhcjHYqwJJMznoOFqwsDPa+/KSVRf/u5zEfF1R/Xc1YFA E08Y7kh+T8LvgAlP8vMIZVfox0DA6hgyHl5HtnXtpEms4Q3v7wbqrvO9J+BEUnI1 tNigWUGubZOiztOTkrj6zo9FQqAapM94dE8bamRMlSGBz3adg+xqOYGFZqBmhwA= =6HDY -----END PGP SIGNATURE----- --C2qNCIj8DCiHIILP596vj2EQEFFNTPMe1-- |