Gentoo Security Advisory GLSA 201204-03 (chromium) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201204-03.

Solution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/chromium-18.0.1025.151' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201204-03 http://bugs.gentoo.org/show_bug.cgi?id=410963 http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

Insight

Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code.

Severity

Classification

CVE	CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200404-15 (xchat)
Gentoo Security Advisory GLSA 200406-02 (tripwire)
Gentoo Security Advisory GLSA 200407-22 (dev-db/phpmyadmin)
Gentoo Security Advisory GLSA 200405-07 (Exim)
Gentoo Security Advisory GLSA 200408-03 (libpng)

Take action and discover your vulnerabilities