Chromium: Multiple vulnerabilities — GLSA 201502-13

Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges.

Affected packages

Background

Chromium is an open-source web browser project.

Description

Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker may be able to cause a Denial of Service condition, gain privileges via a filesystem: URI, or have other unspecified impact.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-client/chromium-40.0.2214.111"
 

References

• CVE-2014-7923
• CVE-2014-7924
• CVE-2014-7925
• CVE-2014-7926
• CVE-2014-7927
• CVE-2014-7928
• CVE-2014-7929
• CVE-2014-7930
• CVE-2014-7931
• CVE-2014-7932
• CVE-2014-7933
• CVE-2014-7934
• CVE-2014-7935
• CVE-2014-7936
• CVE-2014-7937
• CVE-2014-7938
• CVE-2014-7939
• CVE-2014-7940
• CVE-2014-7941
• CVE-2014-7942
• CVE-2014-7943
• CVE-2014-7944
• CVE-2014-7945
• CVE-2014-7946
• CVE-2014-7947
• CVE-2014-7948
• CVE-2014-9646
• CVE-2014-9647
• CVE-2014-9648
• CVE-2015-1205
• CVE-2015-1209
• CVE-2015-1210
• CVE-2015-1211
• CVE-2015-1212
• CVE-2015-1346
• CVE-2015-1359
• CVE-2015-1360
• CVE-2015-1361

Release date
February 17, 2015

Latest revision
February 17, 2015: 1

Severity
normal

Exploitable
remote

Bugzilla entries

• 537366
• 539094