Bug 866959 - (CVE-2013-6663) VUL-0: chromium stable release 33.0.1750.146
(CVE-2013-6663)
VUL-0: chromium stable release 33.0.1750.146
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 13.1
: P3 - Medium : Major
: ---
Assigned To: Raymond Wooninck
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-03-05 16:28 UTC by Marcus Meissner
Modified: 2015-02-19 02:20 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2014-03-05 16:28:54 UTC
via cve db

http://googlechromereleases.blogspot.de/2014/03/stable-channel-update.html

 Stable Channel Update
The Stable Channel has been updated to 33.0.1750.146 for Windows, Mac, and Linux.

Security Fixes and Rewards

This update includes 19 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$1000][344492] High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG.
[$500][326854] High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani.
[$2000][337882] High CVE-2013-6665: Heap buffer overflow in software rendering. Credit to cloudfuzzer.
[332023] Medium CVE-2013-6666: Chrome allows requests in flash header request. Credit to netfuzzerr.

As usual, our ongoing internal security work responsible for a wide range of fixes:

[348175] CVE-2013-6667: Various fixes from internal audits, fuzzing and other initiatives.
[343964, 344186, 347909] CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10.

Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome
Comment 1 Swamp Workflow Management 2014-03-05 23:00:54 UTC
bugbot adjusting priority
Comment 2 Marcus Meissner 2014-03-26 09:11:28 UTC
ping?
Comment 3 Raymond Wooninck 2014-03-26 09:24:29 UTC
I got a newer one :)  Chromium 33.0.1750.152, which also resolves the following

    * CVE-2014-1713: Use-after-free in Blink bindings
    * CVE-2014-1714: Windows clipboard vulnerability
    * CVE-2014-1705: Memory corruption in V8
    * CVE-2014-1715: Directory traversal issue

and the ones from 33.0.1750.149

    * CVE-2014-1700: Use-after-free in speech
    * CVE-2014-1701: UXSS in events
    * CVE-2014-1702: Use-after-free in web database
    * CVE-2014-1703: Potential sandbox escape due to a
                     use-after-free in web sockets
    * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in
                     version 3.23.17.18


This version is now submitted with maintenance requests 227543 for 12.3 and 227544 for 13.1
Comment 4 Marcus Meissner 2014-03-26 15:47:56 UTC
accepted as maintenance update
Comment 5 Swamp Workflow Management 2014-04-09 17:04:34 UTC
openSUSE-SU-2014:0501-1: An update that fixes 9 vulnerabilities is now available.

Category: security (important)
Bug References: 866959
CVE References: CVE-2014-1700,CVE-2014-1701,CVE-2014-1702,CVE-2014-1703,CVE-2014-1704,CVE-2014-1705,CVE-2014-1713,CVE-2014-1714,CVE-2014-1715
Sources used:
openSUSE 13.1 (src):    chromium-33.0.1750.152-25.2
openSUSE 12.3 (src):    chromium-33.0.1750.152-1.33.2