Chromium: Multiple vulnerabilities — GLSA 201503-12

Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or bypass security restrictions.

Affected packages

www-client/chromium on all architectures
Affected versions < 41.0.2272.76
Unaffected versions >= 41.0.2272.76

Background

Chromium is an open-source web browser project.

Description

Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker may be able to cause a Denial of Service condition, bypass security restrictions, or have other unspecified impact.

Workaround

There is no known workaround at this time.

Resolution

All Chromium users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-client/chromium-41.0.2272.76"
 

References

Release date
March 22, 2015

Latest revision
March 22, 2015: 1

Severity
normal

Exploitable
remote

Bugzilla entries