Chromium: Multiple vulnerabilities — GLSA 201506-04

Multiple vulnerabilities have been fixed in Chromium, the worst of which can cause arbitrary remote code execution.

Affected packages

Background

Chromium is an open-source web browser project.

Description

Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker can cause arbitrary remote code execution, Denial of Service or bypass of security mechanisms.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-client/chromium-43.0.2357.65"
 

References

• CVE-2015-1233
• CVE-2015-1234
• CVE-2015-1235
• CVE-2015-1236
• CVE-2015-1237
• CVE-2015-1238
• CVE-2015-1240
• CVE-2015-1241
• CVE-2015-1242
• CVE-2015-1243
• CVE-2015-1244
• CVE-2015-1245
• CVE-2015-1246
• CVE-2015-1247
• CVE-2015-1248
• CVE-2015-1250
• CVE-2015-1251
• CVE-2015-1252
• CVE-2015-1253
• CVE-2015-1254
• CVE-2015-1255
• CVE-2015-1256
• CVE-2015-1257
• CVE-2015-1258
• CVE-2015-1259
• CVE-2015-1260
• CVE-2015-1262
• CVE-2015-1263
• CVE-2015-1264
• CVE-2015-1265

Release date
June 23, 2015

Latest revision
June 23, 2015: 1

Severity
normal

Exploitable
remote

Bugzilla entries

• 545300
• 546728
• 548108
• 549944