http://googlechromereleases.blogspot.com/2015/01/stable-update.html

openSUSE-SU-2015:0441

RHSA-2015:0093

62383

62665

GLSA-201502-13

72288

1031623

https://code.google.com/p/chromium/issues/detail?id=428561

https://codereview.chromium.org/752153005

chromium was updated to version 40.0.2214.111 to fix 31 vulnerabilities.

These security issues were fixed :

  - CVE-2015-1209: Use-after-free in DOM (bnc#916841).

  - CVE-2015-1210: Cross-origin-bypass in V8 bindings     (bnc#916843).

  - CVE-2015-1211: Privilege escalation using service     workers (bnc#916838).

  - CVE-2015-1212: Various fixes from internal audits,     fuzzing and other initiatives (bnc#916840).

  - CVE-2014-7923: Memory corruption in ICU (bnc#914468).

  - CVE-2014-7924: Use-after-free in IndexedDB (bnc#914468).

  - CVE-2014-7925: Use-after-free in WebAudio (bnc#914468).

  - CVE-2014-7926: Memory corruption in ICU (bnc#914468).

  - CVE-2014-7927: Memory corruption in V8 (bnc#914468).

  - CVE-2014-7928: Memory corruption in V8 (bnc#914468).

  - CVE-2014-7930: Use-after-free in DOM (bnc#914468).

  - CVE-2014-7931: Memory corruption in V8 (bnc#914468).

  - CVE-2014-7929: Use-after-free in DOM (bnc#914468).

  - CVE-2014-7932: Use-after-free in DOM (bnc#914468).

  - CVE-2014-7933: Use-after-free in FFmpeg (bnc#914468).

  - CVE-2014-7934: Use-after-free in DOM (bnc#914468).

  - CVE-2014-7935: Use-after-free in Speech (bnc#914468).

  - CVE-2014-7936: Use-after-free in Views (bnc#914468).

  - CVE-2014-7937: Use-after-free in FFmpeg (bnc#914468).

  - CVE-2014-7938: Memory corruption in Fonts (bnc#914468).

  - CVE-2014-7939: Same-origin-bypass in V8 (bnc#914468).

  - CVE-2014-7940: Uninitialized-value in ICU (bnc#914468).

  - CVE-2014-7941: Out-of-bounds read in UI (bnc#914468).

  - CVE-2014-7942: Uninitialized-value in Fonts     (bnc#914468).

  - CVE-2014-7943: Out-of-bounds read in Skia

  - CVE-2014-7944: Out-of-bounds read in PDFium

  - CVE-2014-7945: Out-of-bounds read in PDFium

  - CVE-2014-7946: Out-of-bounds read in Fonts

  - CVE-2014-7947: Out-of-bounds read in PDFium

  - CVE-2014-7948: Caching error in AppCache

  - CVE-2015-1205: Various fixes from internal audits,     fuzzing and other initiatives

These non-security issues were fixed :

  - Fix using 'echo' command in chromium-browser.sh script

The remote host is affected by the vulnerability described in GLSA-201502-13 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker may be able to cause a Denial of Service condition,       gain privileges via a filesystem: URI, or have other unspecified impact.
  Workaround :

    There is no known workaround at this time.

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948)

All Chromium users should upgrade to these updated packages, which contain Chromium version 40.0.2214.91, which corrects these issues.
After installing the update, Chromium must be restarted for the changes to take effect.

The version of Google Chrome installed on the remote Windows host is a version prior to 40.0.2214.91. It is, therefore, affected by vulnerabilities in the following components :

  - AppCache
  - DOM
  - FFmpeg
  - Fonts
  - ICU
  - IndexedDB
  - PDFium
  - Skia
  - Speech
  - UI
  - V8
  - Views
  - WebAudio

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 40.0.2214.91. It is, therefore, affected by vulnerabilities in the following components :

  - AppCache
  - DOM
  - FFmpeg
  - Fonts
  - ICU
  - IndexedDB
  - PDFium
  - Skia
  - Speech
  - UI
  - V8
  - Views
  - WebAudio

Google Chrome Releases reports :

62 security fixes in this release, including :

- [430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.

- [435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.

- [434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.

- [422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.

- [444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.

- [435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.

- [442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.

- [442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.

- [443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.

- [429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.

- [427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.

- [427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.

- [402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.

- [428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.

- [419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.

- [416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.

- [399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.

- [433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.

- [428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.

- [426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.

- [422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.

- [418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.

- [414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.

- [414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.

- [430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.

- [414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.

- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.

- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).

ID	Name	Product	Family	Severity
81692	openSUSE Security Update : chromium (openSUSE-2015-204)	Nessus	SuSE Local Security Checks	high
81396	GLSA-201502-13 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
81035	RHEL 6 : chromium-browser (RHSA-2015:0093)	Nessus	Red Hat Local Security Checks	high
80951	Google Chrome < 40.0.2214.91 Multiple Vulnerabilities	Nessus	Windows	high
80950	Google Chrome < 40.0.2214.91 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
80898	FreeBSD : chromium -- multiple vulnerabilities (e30e0c99-a1b7-11e4-b85c-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high

CVE-2014-7936

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins