Debian Security Advisory
DSA-3267-1 chromium-browser -- security update
- Date Reported:
- 22 May 2015
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259, CVE-2015-1260, CVE-2015-1261, CVE-2015-1262, CVE-2015-1263, CVE-2015-1264, CVE-2015-1265.
- More information:
Several vulnerabilities were discovered in the chromium web browser.
SkyLined discovered a use-after-free issue in speech recognition.
An out-of-bounds write issue was discovered that could be used to escape from the sandbox.
A cross-origin bypass issue was discovered in the DOM parser.
A cross-origin bypass issue was discovered in the DOM editing feature.
Khalil Zhani discovered a use-after-free issue in WebAudio.
Atte Kettunen discovered a use-after-free issue in the SVG implementation.
miaubiz discovered an overflow issue in the SVG implementation.
cloudfuzzer discovered an invalid size parameter used in the libvpx library.
Atte Kettunen discovered an uninitialized memory issue in the pdfium library.
Khalil Zhani discovered multiple use-after-free issues in chromium's interface to the WebRTC library.
Juho Nurminen discovered a URL bar spoofing issue.
miaubiz discovered the use of an uninitialized class member in font handling.
Mike Ruddy discovered that downloading the spellcheck dictionary was not done over HTTPS.
K0r3Ph1L discovered a cross-site scripting issue that could be triggered by bookmarking a site.
The chrome 43 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the libv8 library, version 126.96.36.199.
For the stable distribution (jessie), these problems have been fixed in version 43.0.2357.65-1~deb8u1.
For the testing distribution (stretch), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 43.0.2357.65-1.
We recommend that you upgrade your chromium-browser packages.