Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing commands. CVE-2013-6636 Bas Venis discovered an address bar spoofing issue. CVE-2013-6637 The chrome 31 development team discovered and fixed multiple issues with potential security impact. CVE-2013-6638 Jakob Kummerow of the Chromium project discovered a buffer overflow in the v8 javascript library. CVE-2013-6639 Jakob Kummerow of the Chromium project discovered an out-of-bounds write in the v8 javascript library. CVE-2013-6640 Jakob Kummerow of the Chromium project discovered an out-of-bounds read in the v8 javascript library.

For the stable distribution (wheezy), these problems have been fixed in version 31.0.1650.63-1~deb7u1. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 31.0.1650.63-1. We recommend that you upgrade your chromium-browser packages.

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web.

chromium-browser on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2013/dsa-2811.html

---

Updated on 2015-03-25