MGASA-2013-0249

Advisory lineage Upstream: 6 Downstream: 0
Published: 17 Aug 2013, 08:39
Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

17 Aug 2013, 08:39
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated

Description

Updated chromium-browser-stable packages fix security vulnerabilities Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling (CVE-2013-2881). Cloudfuzzer discovered a type confusion issue in the V8 javascript library (CVE-2013-2882). Cloudfuzzer discovered a use-after-free issue in MutationObserver (CVE-2013-2883). Ivan Fratric of the Google Security Team discovered a use-after-free issue in the DOM implementation (CVE-2013-2884). Ivan Fratric of the Google Security Team discovered a use-after-free issue in input handling (CVE-2013-2885). The chrome 28 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2886). This update provides version 28.0.1500.95, which fixes these issues. Additionally, Google Sync should now work (mga#9851), and playing of media files with certain codecs, such as mp3, should now work with the tainted build (mga#10828) in Mageia 3.

Affected Systems

  • mageiachromium-browser-stable

    < 28.0.1500.95-1.mga2

  • mageiachromium-browser-stable

    < 28.0.1500.95-1.mga3 | < 28.0.1500.95-1.mga3.tainted

References (6)