[TAF] wml://security/2011/dsa-2166.wml

To: debian-l10n-russian <debian-l10n-russian@lists.debian.org>
Subject: [TAF] wml://security/2011/dsa-2166.wml
From: Alexander Reshetov <eof@debian-by.org>
Date: Fri, 18 Feb 2011 23:50:39 +0200
Message-id: <[🔎] 20110218215039.GC4956@meissa>
Mail-followup-to: debian-l10n-russian <debian-l10n-russian@lists.debian.org>

<define-tag description>several vulnerabilities</define-tag>
<define-tag moreinfo>

<p>Several vulnerabilities were discovered in the Chromium browser.
The Common Vulnerabilities and Exposures project identifies the
following problems:</p>

<ul>

<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0777";>CVE-2011-0777</a>

  <p>Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote
  attackers to cause a denial of service or possibly have unspecified other
  impact via vectors related to image loading</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0778";>CVE-2011-0778</a>

  <p>Google Chrome before 9.0.597.84 does not properly restrict drag and drop
  operations, which might allow remote attackers to bypass the Same Origin
  Policy via unspecified vectors</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0783";>CVE-2011-0783</a>

  <p>Unspecified vulnerability in Google Chrome before 9.0.597.84 allows
  user-assisted remote attackers to cause a denial of service
  (application crash) via vectors involving a "bad volume setting."</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0983";>CVE-2011-0983</a>

  <p>Google Chrome before 9.0.597.94 does not properly handle anonymous blocks,
  which allows remote attackers to cause a denial of service or possibly have
  unspecified other impact via unknown vectors that lead to a "stale pointer."</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0981";>CVE-2011-0981</a>

  <p>Google Chrome before 9.0.597.94 does not properly perform event handling for
  animations, which allows remote attackers to cause a denial of service or 
  possibly have unspecified other impact via unknown vectors that lead to a
  "stale pointer."</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0984";>CVE-2011-0984</a>

  <p>Google Chrome before 9.0.597.94 does not properly handle plug-ins, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors</p></li>


<li><a href="http://security-tracker.debian.org/tracker/CVE-2011-0985";>CVE-2011-0985</a>

  <p>Google Chrome before 9.0.597.94 does not properly perform process termination
  upon memory exhaustion, which has unspecified impact and remote attack vectors.</p></li>

</ul>

<p>For the stable distribution (squeeze), these problems have been fixed
in version 6.0.472.63~r59945-5+squeeze2</p>

<p>For the testing distribution (wheezy), these problems will be fixed soon.</p>

<p>For the unstable distribution (sid), these problems have been fixed
in version 9.0.597.98~r74359-1</p>

<p>We recommend that you upgrade your chromium-browser packages.</p>

</define-tag>

# do not modify the following line
#include "$(ENGLISHDIR)/security/2011/dsa-2166.data"
# $Id: dsa-2166.wml,v 1.1 2011-02-18 20:16:26 spaillard Exp $

Reply to:

Follow-Ups:
- Re: [TAF] wml://security/2011/dsa-2166.wml
  - From: Alexander Reshetov <eof@debian-by.org>

Prev by Date: [TAF] wml://security/2011/dsa-2165.wml
Next by Date: [TAF] wml://security/2011/dsa-2167.wml
Previous by thread: Re: [DONE] wml://security/2011/dsa-2165.wml
Next by thread: Re: [TAF] wml://security/2011/dsa-2166.wml
Index(es):
- Date
- Thread