Gentoo Security Advisory GLSA 201205-04 (chromium V8) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201205-04.

Solution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/chromium-19.0.1084.52' All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.9.24.28' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201205-04 http://bugs.gentoo.org/show_bug.cgi?id=417321 http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html

Insight

Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.

Severity

Classification

CVE CVE-2011-3103, CVE-2011-3104, CVE-2011-3105, CVE-2011-3106, CVE-2011-3107, CVE-2011-3108, CVE-2011-3109, CVE-2011-3111, CVE-2011-3115

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200406-03 (sitecopy)
Gentoo Security Advisory GLSA 200403-13 (mplayer)
Gentoo Security Advisory GLSA 200403-02 (Kernel)
Gentoo Security Advisory GLSA 200407-14 (Unreal Tournament)
Gentoo Security Advisory GLSA 200406-22 (Pavuk)

Gentoo Security Advisory GLSA 201205-04 (chromium v8)

Take action and discover your vulnerabilities