Gentoo Security Advisory GLSA 201205-04 (chromium V8) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201205-04.

Solution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/chromium-19.0.1084.52' All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.9.24.28' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201205-04 http://bugs.gentoo.org/show_bug.cgi?id=417321 http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html

Insight

Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.

Severity

Classification

CVE CVE-2011-3103, CVE-2011-3104, CVE-2011-3105, CVE-2011-3106, CVE-2011-3107, CVE-2011-3108, CVE-2011-3109, CVE-2011-3111, CVE-2011-3115
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200406-01 (Ethereal)
Gentoo Security Advisory GLSA 200311-02 (Opera)
Gentoo Security Advisory GLSA 200408-22 (mozilla)
Gentoo Security Advisory GLSA 200407-06 (libpng)
Gentoo Security Advisory GLSA 200406-18 (gzip)

Gentoo Security Advisory GLSA 201205-04 (chromium v8)

Take action and discover your vulnerabilities