| Revision Date: | 2014-06-23 | Version: | 20 |
| Title: | DSA-2307-1 chromium-browser -- several |
| Description: | Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2818 Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. CVE-2011-2800 Google Chrome before allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. CVE-2011-2359 Google Chrome does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. This update blacklists SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2011-2359
CVE-2011-2800
CVE-2011-2818
DSA-2307-1
|
| Platform(s): | Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 6.0
| Product(s): | chromium-browser
|
| Definition Synopsis |
| Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR Debian GNU/kFreeBSD is installed
AND Installed architecture is all
AND chromium-browser DPKG is earlier than 6.0.472.63~r59945-5+squeeze6
|