Debian 9859 Published by

The following two security updates has been released for Debian: [DSA 2798-1] curl security update and [DSA 2797-1] chromium-browser security update



[DSA 2798-1] curl security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2798-1 security@debian.org
http://www.debian.org/security/ Michael Gilbert
November 17, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : curl
Vulnerability : unchecked ssl certificate host name
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-4545

Scott Cantor discovered that curl, a file retrieval tool, would disable
the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting
was disabled. This would also disable ssl certificate host name checks
when it should have only disabled verification of the certificate trust
chain.

The default configuration for the curl package is not affected by this
issue since CURLOPT_SSLVERIFYPEER is enabled by default.

For the oldstable distribution (squeeze), this problem has been fixed in
version 7.21.0-2.1+squeeze5.

For the stable distribution (wheezy), this problem has been fixed in
version 7.26.0-1+wheezy5.

For the testing (jessie) and unstable (sid) distributions, this problem
has been fixed in version 7.33.0-1.

We recommend that you upgrade your curl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
[DSA 2797-1] chromium-browser security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2797-1 security@debian.org
http://www.debian.org/security/ Michael Gilbert
November 16, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-2931 CVE-2013-6621 CVE-2013-6622 CVE-2013-6623
CVE-2013-6624 CVE-2013-6625 CVE-2013-6626 CVE-2013-6627
CVE-2013-6628 CVE-2013-6629 CVE-2013-6630 CVE-2013-6631
CVE-2013-6632

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2013-2931

The chrome 31 development team found various issues from internal
fuzzing, audits, and other studies.

CVE-2013-6621

Khalil Zhani discovered a use-after-free issue in speech input
handling.

CVE-2013-6622

cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.

CVE-2013-6623

miaubiz discovered an out-of-bounds read in the Blink/Webkit SVG
implementation.

CVE-2013-6624

Jon Butler discovered a use-after-free issue in id attribute strings.

CVE-2013-6625

cloudfuzzer discovered a use-after-free issue in the Blink/Webkit
DOM implementation.

CVE-2013-6626

Chamal de Silva discovered an address bar spoofing issue.

CVE-2013-6627

skylined discovered an out-of-bounds read in the HTTP stream parser.

CVE-2013-6628

Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris
discovered that a different (unverified) certificate could be used
after successful TLS renegotiation with a valid certificate.

CVE-2013-6629

Michal Zalewski discovered an uninitialized memory read in the
libjpeg and libjpeg-turbo libraries.

CVE-2013-6630

Michal Zalewski discovered another uninitialized memory read in
the libjpeg and libjpeg-turbo libraries.

CVE-2013-6631

Patrik Höglund discovered a use-free issue in the libjingle library.

CVE-2013-6632

Pinkie Pie discovered multiple memory corruption issues.

For the stable distribution (wheezy), these problems have been fixed in
version 31.0.1650.57-1~deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 31.0.1650.57-1.

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/