Oval Definition:oval:com.redhat.rhsa:def:20141894
Revision Date:2014-11-24Version:601
Title:RHSA-2014:1894: chromium-browser security update (Important)
Description:Chromium is an open-source web browser, powered by WebKit (Blink).

  • Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2014-7904, CVE-2014-7906, CVE-2014-7907, CVE-2014-7910, CVE-2014-7908, CVE-2014-7909)

  • A flaw was found in the way Chromium parsed certain URL values. A malicious attacker could use this flaw to perform phishing attacks. (CVE-2014-7899)

    All Chromium users should upgrade to these updated packages, which contain Chromium version 39.0.2171.65, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2014-7899
    CVE-2014-7904
    CVE-2014-7906
    CVE-2014-7907
    CVE-2014-7908
    CVE-2014-7909
    CVE-2014-7910
    RHSA-2014:1894-00
    Platform(s):Supplementary for Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • chromium-browser is earlier than 0:39.0.2171.65-2.el6_6
  • AND chromium-browser is signed with Red Hat redhatrelease2 key
  • AND Package Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
    • BACK