GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue May 15, 2012 7:26 am Post subject: [ GLSA 201205-01 ] Chromium: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: Chromium: Multiple vulnerabilities (GLSA 201205-01)
Severity: normal
Exploitable: remote
Date: May 15, 2012
Bug(s): #414199
ID: 201205-01
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of
which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected Packages
Package: www-client/chromium
Vulnerable: < 18.0.1025.168
Unaffected: >= 18.0.1025.168
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Chromium. Please review
the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, or a Denial of Service
condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-client/chromium-18.0.1025.168"
|
References
CVE-2011-3078
CVE-2011-3081
CVE-2012-1521
Release Notes 18.0.1025.168
|
|