Gentoo FoundationMGASA-2014-0183Updated chromium-browser packages fix multiple security vulnerabilities
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.0%
Updated chromium-browser-stable packages fix security vulnerabilities: Multiple vulnerabilities in the V8 JavaScript library, including a UXSS issue (CVE-2014-1716), OOB access (CVE-2014-1717), memory corruption (CVE-2014-1721), and other vulnerabilities fixed in V8 version 3.24.35.22 (CVE-2014-1729). Integer overflow in compositor (CVE-2014-1718). Multiple use-after-free flaws; in web workers (CVE-2014-1719), DOM (CVE-2014-1720), rendering (CVE-2014-1722), speech (CVE-2014-1724), and forms (CVE-2014-1727). Url confusion with RTL characters (CVE-2014-1723). OOB read with window property (CVE-2014-1725). Local cross-origin bypass (CVE-2014-1726). Various fixes from internal audits, fuzzing and other initiatives (CVE-2014-1728).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | chromium-browser-stable | < 34.0.1847.116-2 | chromium-browser-stable-34.0.1847.116-2.mga3 |
| Mageia | 3 | noarch | ninja | < 1.4.0-1 | ninja-1.4.0-1.mga3 |
| Mageia | 3 | noarch | chromium-browser-stable | < 34.0.1847.116-2 | chromium-browser-stable-34.0.1847.116-2.mga3.tainted |
| Mageia | 4 | noarch | chromium-browser-stable | < 34.0.1847.116-2 | chromium-browser-stable-34.0.1847.116-2.mga4 |
| Mageia | 4 | noarch | ninja | < 1.4.0-1 | ninja-1.4.0-1.mga4 |
| Mageia | 4 | noarch | chromium-browser-stable | < 34.0.1847.116-2 | chromium-browser-stable-34.0.1847.116-2.mga4.tainted |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.0%