Debian Security Advisory
DSA-2862-1 chromium-browser -- several vulnerabilities
- Date Reported:
- 16 Feb 2014
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2013-6641, CVE-2013-6643, CVE-2013-6644, CVE-2013-6645, CVE-2013-6646, CVE-2013-6649, CVE-2013-6650.
- More information:
Several vulnerabilities have been discovered in the chromium web browser.
Atte Kettunen discovered a use-after-free issue in Blink/Webkit form elements.
Joao Lucas Melo Brasio discovered a Google account information disclosure issue related to the one-click sign-on feature.
The chrome development team discovered and fixed multiple issues with potential security impact.
Khalil Zhani discovered a use-after-free issue related to speech input.
Colin Payne discovered a use-after-free issue in the web workers implementation.
Atte Kettunen discovered a use-after-free issue in the Blink/Webkit SVG implementation.
For the stable distribution (wheezy), these problems have been fixed in version 32.0.1700.123-1~deb7u1.
For the testing distribution (jessie), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 32.0.1700.123-1.
We recommend that you upgrade your chromium-browser packages.