chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser.

• CVE-2013-6653
  Khalil Zhani discovered a use-after-free issue in chromium’s web
  contents color chooser.
• CVE-2013-6654
  TheShow3511 discovered an issue in SVG handling.
• CVE-2013-6655
  cloudfuzzer discovered a use-after-free issue in dom event handling.
• CVE-2013-6656
  NeexEmil discovered an information leak in the XSS auditor.
• CVE-2013-6657
  NeexEmil discovered a way to bypass the Same Origin policy in the
  XSS auditor.
• CVE-2013-6658
  cloudfuzzer discovered multiple use-after-free issues surrounding
  the updateWidgetPositions function.
• CVE-2013-6659
  Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that
  it was possible to trigger an unexpected certificate chain during
  TLS renegotiation.
• CVE-2013-6660
  bishopjeffreys discovered an information leak in the drag and drop
  implementation.
• CVE-2013-6661
  The Google Chrome team discovered and fixed multiple issues in
  version 33.0.1750.117.
• CVE-2013-6663
  Atte Kettunen discovered a use-after-free issue in SVG handling.
• CVE-2013-6664
  Khalil Zhani discovered a use-after-free issue in the speech
  recognition feature.
• CVE-2013-6665
  cloudfuzzer discovered a buffer overflow issue in the software
  renderer.
• CVE-2013-6666
  netfuzzer discovered a restriction bypass in the Pepper Flash
  plugin.
• CVE-2013-6667
  The Google Chrome team discovered and fixed multiple issues in
  version 33.0.1750.146.
• CVE-2013-6668
  Multiple vulnerabilities were fixed in version 3.24.35.10 of
  the V8 javascript library.
• CVE-2014-1700
  Chamal de Silva discovered a use-after-free issue in speech
  synthesis.
• CVE-2014-1701
  aidanhs discovered a cross-site scripting issue in event handling.
• CVE-2014-1702
  Colin Payne discovered a use-after-free issue in the web database
  implementation.
• CVE-2014-1703
  VUPEN discovered a use-after-free issue in web sockets that
  could lead to a sandbox escape.
• CVE-2014-1704
  Multiple vulnerabilities were fixed in version 3.23.17.18 of
  the V8 javascript library.
• CVE-2014-1705
  A memory corruption issue was discovered in the V8 javascript
  library.
• CVE-2014-1713
  A use-after-free issue was discovered in the AttributeSetter
  function.
• CVE-2014-1715
  A directory traversal issue was found and fixed.

For the stable distribution (wheezy), these problems have been fixed in
version 33.0.1750.152-1~deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 33.0.1750.152-1.

We recommend that you upgrade your chromium-browser packages.