Bug 893720 - VUL-0: chromium: updated release 37.0.2062.94
VUL-0: chromium: updated release 37.0.2062.94
: 891717 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Major
: ---
Assigned To: Raymond Wooninck
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2014-08-27 07:29 UTC by Alexander Bergmann
Modified: 2015-11-02 15:51 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2014-08-27 07:29:22 UTC

Tuesday, August 26, 2014

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including:

 - DirectWrite support on Windows for improved font rendering
 - A number of new apps/extension APIs
 - Lots of under the hood changes for stability and performance

A full list of changes is available in the log:


This update includes 50 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.

We would also like to thank Collin Payne, Christoph Diehl, Sebastian Mauer, Atte Kettunen, and cloudfuzzer for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $8000 in additional rewards were issued.

As usual, our ongoing internal security work responsible for a wide range of fixes:
CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).

Many of the above bugs were detected using AddressSanitizer.


Alex Mineer
Google Chrome
Comment 1 Swamp Workflow Management 2014-08-27 22:00:12 UTC
bugbot adjusting priority
Comment 2 Bernhard Wiedemann 2014-09-03 15:00:29 UTC
This is an autogenerated message for OBS integration:
This bug (893720) was mentioned in
https://build.opensuse.org/request/show/247427 Factory / chromium
https://build.opensuse.org/request/show/247429 12.3 / chromium
https://build.opensuse.org/request/show/247430 13.1 / chromium
Comment 3 Raymond Wooninck 2014-09-03 15:02:23 UTC
Maintenance updates submitted.  This also would enable ARM builds again.
Comment 4 Raymond Wooninck 2014-09-03 15:04:01 UTC
*** Bug 891717 has been marked as a duplicate of this bug. ***
Comment 5 Marcus Meissner 2014-09-03 15:18:21 UTC
accepted and building.
Comment 6 Swamp Workflow Management 2014-09-22 13:04:32 UTC
openSUSE-SU-2014:1151-1: An update that fixes 9 vulnerabilities is now available.

Category: security (important)
Bug References: 893720
CVE References: CVE-2014-3168,CVE-2014-3169,CVE-2014-3170,CVE-2014-3171,CVE-2014-3172,CVE-2014-3173,CVE-2014-3174,CVE-2014-3176,CVE-2014-3177
Sources used:
openSUSE 13.1 (src):    chromium-37.0.2062.94-50.1
openSUSE 12.3 (src):    chromium-37.0.2062.94-1.55.3
Comment 7 Swamp Workflow Management 2015-11-02 15:51:27 UTC
openSUSE-RU-2015:1861-1: An update that has one recommended fix can now be installed.

Category: recommended (moderate)
Bug References: 893720
CVE References: 
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    chromium-41.0.2272.101-2.1, ninja-1.5.3-2.1, perl-Switch-2.17-2.1