chromium-browser - several

Several vulnerabilities have been discovered in the chromium web browser.

• CVE-2013-2931
  The chrome 31 development team found various issues from internal
  fuzzing, audits, and other studies.
• CVE-2013-6621
  Khalil Zhani discovered a use-after-free issue in speech input
  handling.
• CVE-2013-6622
  cloudfuzzer discovered a use-after-free issue in
  HTMLMediaElement.
• CVE-2013-6623
  miaubiz discovered an out-of-bounds read in the Blink/Webkit SVG
  implementation.
• CVE-2013-6624
  Jon Butler discovered a use-after-free issue in id attribute
  strings.
• CVE-2013-6625
  cloudfuzzer discovered a use-after-free issue in the Blink/Webkit
  DOM implementation.
• CVE-2013-6626
  Chamal de Silva discovered an address bar spoofing issue.
• CVE-2013-6627
  skylined discovered an out-of-bounds read in the HTTP stream
  parser.
• CVE-2013-6628
  Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris
  discovered that a different (unverified) certificate could be used
  after successful TLS renegotiation with a valid certificate.
• CVE-2013-6629
  Michal Zalewski discovered an uninitialized memory read in the
  libjpeg and libjpeg-turbo libraries.
• CVE-2013-6630
  Michal Zalewski discovered another uninitialized memory read in
  the libjpeg and libjpeg-turbo libraries.
• CVE-2013-6631
  Patrik HĂśglund discovered a use-free issue in the libjingle
  library.
• CVE-2013-6632
  Pinkie Pie discovered multiple memory corruption issues.

For the stable distribution (wheezy), these problems have been fixed in
version 31.0.1650.57-1~deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 31.0.1650.57-1.

We recommend that you upgrade your chromium-browser packages.