MGASA-2012-0177
| Date: | July 21st, 2012 |
| Affected releases: | 1, 2 |
Description:
This security update to the chromium-browser and the v8 standalone
javascript processor corrects the following security issues.
[129898] High CVE-2012-2842: Use-after-free in counter handling.
Credit to miaubiz.
[130595] High CVE-2012-2843: Use-after-free in layout height tracking.
Credit to miaubiz.
[133450] High CVE-2012-2844: Bad object access with JavaScript in PDF.
Credit to Alexey Samsonov of Google.
[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie
Bursztein of Google.
[120222] High CVE-2012-2817: Use-after-free in table section handling.
Credit to miaubiz.
[120944] High CVE-2012-2818: Use-after-free in counter layout.
Credit to miaubiz.
[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken
“gets” Russell of the Chromium development community.
[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling.
Credit to Atte Kettunen of OUSPG.
[122925] Medium CVE-2012-2821: Autofill display problem. Credit to
“simonbrown60”.
[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in
PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany,
Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
[124356] High CVE-2012-2823: Use-after-free in SVG resource handling.
Credit to miaubiz.
[125374] High CVE-2012-2824: Use-after-free in SVG painting.
Credit to miaubiz.
[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion
Credit to Google Chrome Security Team (Inferno).
[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz
Jurczyk of Google Security Team with contributions by Gynvael Coldwind of
Google Security Team and Google Chrome Security Team (Chris Evans).
[129947] High CVE-2012-2829: Use-after-free in first-letter handling.
Credit to miaubiz.
[129951] High CVE-2012-2830: Wild pointer in array value setting.
Credit to miaubiz.
[130356] High CVE-2012-2831: Use-after-free in SVG reference handling.
Credit to miaubiz.
[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec.
Credit to Mateusz Jurczyk of Google Security Team with contributions
by Gynvael Coldwind of Google Security Team.
[132156] High CVE-2012-2833: Buffer overflow in PDF JS API.
Credit to Mateusz Jurczyk of Google Security Team.
[132779] High CVE-2012-2834: Integer overflow in Matroska container.
Credit to Jüri Aedla.
Updated Packages:
Mageia 1:
chromium-browser-stable-20.0.1132.57-2.1.mga1
v8-3.12.7-0.1.mga1
v8-devel-3.12.7-0.1.mga1
Mageia 2:
chromium-browser-stable-20.0.1132.57-2.1.mga2
v8-3.12.7-0.1.mga2
v8-devel-3.12.7-0.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2834
https://bugs.mageia.org/show_bug.cgi?id=6679
