Debian Security Advisory
DSA-2920-1 chromium-browser -- security update
- Date Reported:
- 03 May 2014
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-1730, CVE-2014-1731, CVE-2014-1732, CVE-2014-1733, CVE-2014-1734, CVE-2014-1735, CVE-2014-1736.
- More information:
Several vulnerabilities have been discovered in the chromium web browser.
John Butler discovered a type confusion issue in the WebKit/Blink document object model implementation.
Khalil Zhani discovered a use-after-free issue in the speech recognition feature.
Jed Davis discovered a way to bypass the seccomp-bpf sandbox.
The Google Chrome development team discovered and fixed multiple issues with potential security impact.
For the stable distribution (wheezy), these problems have been fixed in version 34.0.1847.132-1~deb7u1.
For the testing distribution (jessie), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 34.0.1847.132-1.
We recommend that you upgrade your chromium-browser packages.