CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
89.3%
Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling (CVE-2013-2881). Cloudfuzzer discovered a type confusion issue in the V8 javascript library (CVE-2013-2882). Cloudfuzzer discovered a use-after-free issue in MutationObserver (CVE-2013-2883). Ivan Fratric of the Google Security Team discovered a use-after-free issue in the DOM implementation (CVE-2013-2884). Ivan Fratric of the Google Security Team discovered a use-after-free issue in input handling (CVE-2013-2885). The chrome 28 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2886). This update provides version 28.0.1500.95, which fixes these issues. Additionally, Google Sync should now work (mga#9851), and playing of media files with certain codecs, such as mp3, should now work with the tainted build (mga#10828) in Mageia 3.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 2 | noarch | chromium-browser-stable | < 28.0.1500.95-1 | chromium-browser-stable-28.0.1500.95-1.mga2 |
Mageia | 3 | noarch | chromium-browser-stable | < 28.0.1500.95-1 | chromium-browser-stable-28.0.1500.95-1.mga3 |
Mageia | 3 | noarch | chromium-browser-stable | < 28.0.1500.95-1 | chromium-browser-stable-28.0.1500.95-1.mga3.tainted |