chromium-browser - several

Several vulnerabilities have been discovered in the Chromium web browser.
Multiple use-after-free, out-of-bounds read, memory safety, and
cross-site scripting issues were discovered and corrected.

• CVE-2013-2837
  Use-after-free vulnerability in the SVG implementation allows remote
  attackers to cause a denial of service or possibly have unspecified
  other impact via unknown vectors.
• CVE-2013-2838
  Google V8, as used in Chromium before 27.0.1453.93, allows
  remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors.
• CVE-2013-2839
  Chromium before 27.0.1453.93 does not properly perform a cast
  of an unspecified variable during handling of clipboard data, which
  allows remote attackers to cause a denial of service or possibly
  have other impact via unknown vectors.
• CVE-2013-2840
  Use-after-free vulnerability in the media loader in Chromium
  before 27.0.1453.93 allows remote attackers to cause a denial of
  service or possibly have unspecified other impact via unknown
  vectors, a different vulnerability than CVE-2013-2846.
• CVE-2013-2841
  Use-after-free vulnerability in Chromium before 27.0.1453.93
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors related to the handling of
  Pepper resources.
• CVE-2013-2842
  Use-after-free vulnerability in Chromium before 27.0.1453.93
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors related to the handling of
  widgets.
• CVE-2013-2843
  Use-after-free vulnerability in Chromium before 27.0.1453.93
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors related to the handling of
  speech data.
• CVE-2013-2844
  Use-after-free vulnerability in the Cascading Style Sheets (CSS)
  implementation in Chromium before 27.0.1453.93 allows remote
  attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to style resolution.
• CVE-2013-2845
  The Web Audio implementation in Chromium before 27.0.1453.93
  allows remote attackers to cause a denial of service (memory
  corruption) or possibly have unspecified other impact via unknown
  vectors.
• CVE-2013-2846
  Use-after-free vulnerability in the media loader in Chromium
  before 27.0.1453.93 allows remote attackers to cause a denial of
  service or possibly have unspecified other impact via unknown
  vectors, a different vulnerability than CVE-2013-2840.
• CVE-2013-2847
  Race condition in the workers implementation in Chromium before
  27.0.1453.93 allows remote attackers to cause a denial of service
  (use-after-free and application crash) or possibly have unspecified
  other impact via unknown vectors.
• CVE-2013-2848
  The XSS Auditor in Chromium before 27.0.1453.93 might allow
  remote attackers to obtain sensitive information via unspecified
  vectors.
• CVE-2013-2849
  Multiple cross-site scripting (XSS) vulnerabilities in Chromium
  before 27.0.1453.93 allow user-assisted remote attackers to inject
  arbitrary web script or HTML via vectors involving a (1)
  drag-and-drop or (2) copy-and-paste operation.

For the oldstable distribution (squeeze), the security support window
for Chromium has ended. Users of Chromium on oldstable are very highly
encouraged to upgrade to the current stable Debian release (wheezy).
Chromium security support for wheezy will last until the next stable
release (jessie), which is expected to happen sometime in 2015.

For the stable distribution (wheezy), these problems have been fixed in
version 27.0.1453.93-1~deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 27.0.1453.93-1.

We recommend that you upgrade your chromium-browser packages.