chromium-browser - several

Several vulnerabilities have been discovered in the Chromium web
browser.

• CVE-2013-2855
  The Developer Tools API in Chromium before 27.0.1453.110 allows
  remote attackers to cause a denial of service (memory corruption) or
  possibly have unspecified other impact via unknown vectors.
• CVE-2013-2856
  Use-after-free vulnerability in Chromium before 27.0.1453.110
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors related to the handling of
  input.
• CVE-2013-2857
  Use-after-free vulnerability in Chromium before 27.0.1453.110
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors related to the handling of
  images.
• CVE-2013-2858
  Use-after-free vulnerability in the HTML5 Audio implementation in
  Chromium before 27.0.1453.110 allows remote attackers to cause
  a denial of service or possibly have unspecified other impact via
  unknown vectors.
• CVE-2013-2859
  Chromium before 27.0.1453.110 allows remote attackers to bypass
  the Same Origin Policy and trigger namespace pollution via
  unspecified vectors.
• CVE-2013-2860
  Use-after-free vulnerability in Chromium before 27.0.1453.110
  allows remote attackers to cause a denial of service or possibly
  have unspecified other impact via vectors involving access to a
  database API by a worker process.
• CVE-2013-2861
  Use-after-free vulnerability in the SVG implementation in Chromium
  before 27.0.1453.110 allows remote attackers to cause a
  denial of service or possibly have unspecified other impact via
  unknown vectors.
• CVE-2013-2862
  Skia, as used in Chromium before 27.0.1453.110, does not
  properly handle GPU acceleration, which allows remote attackers to
  cause a denial of service (memory corruption) or possibly have
  unspecified other impact via unknown vectors.
• CVE-2013-2863
  Chromium before 27.0.1453.110 does not properly handle SSL
  sockets, which allows remote attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors.
• CVE-2013-2865
  Multiple unspecified vulnerabilities in Chromium before
  27.0.1453.110 allow attackers to cause a denial of service or
  possibly have other impact via unknown vectors.

For the stable distribution (wheezy), these problems have been fixed in
version 27.0.1453.110-1~deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 27.0.1453.110-1.

For the unstable distribution (sid), these problems have been fixed in
version 27.0.1453.110-1.

We recommend that you upgrade your chromium-browser packages.