[Pkg-chromium-maint] Bug#797323: chromium: Chromium is vulnerable to the logjam attack

Pierre Rudloff contact at rudloff.pro
Sat Aug 29 14:29:06 UTC 2015 

Package: chromium
Version: 44.0.2403.89-1~deb8u1
Severity: normal
Tags: upstream

Hello,

The version of Chromium packaged in stable is still vulnerable to the Logjam
attack.
It can be tested here:
https://weakdh.org/
https://www.ssllabs.com/ssltest/viewMyClient.html

Regards,



-- System Information:
Debian Release: 8.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  libasound2           1.0.28-1
ii  libatk1.0-0          2.14.0-1
ii  libc6                2.19-18
ii  libcairo2            1.14.0-2.1
ii  libcups2             1.7.5-11+deb8u1
ii  libdbus-1-3          1.8.18-0+deb8u1
ii  libexpat1            2.1.0-6+deb8u1
ii  libfontconfig1       2.11.0-6.3
ii  libfreetype6         2.5.2-3
ii  libgdk-pixbuf2.0-0   2.31.1-2+deb8u2
ii  libglib2.0-0         2.42.1-1
ii  libgnome-keyring0    3.12.0-1+b1
ii  libgtk2.0-0          2.24.25-3
ii  libharfbuzz0b        0.9.35-2
ii  libjpeg62-turbo      1:1.3.1-12
ii  libnspr4             2:4.10.7-1
ii  libnspr4-0d          2:4.10.7-1
ii  libnss3              2:3.17.2-1.1+deb8u1
ii  libpango-1.0-0       1.36.8-3
ii  libpangocairo-1.0-0  1.36.8-3
ii  libpci3              1:3.2.1-3
ii  libspeechd2          0.8-7
ii  libspeex1            1.2~rc1.2-1
ii  libsrtp0             1.4.5~20130609~dfsg-1.1
ii  libstdc++6           4.9.2-10
ii  libx11-6             2:1.6.2-3
ii  libxcomposite1       1:0.4.4-1
ii  libxcursor1          1:1.1.14-1+b1
ii  libxdamage1          1:1.1.4-2+b1
ii  libxext6             2:1.3.3-1
ii  libxfixes3           1:5.0.1-2+b2
ii  libxi6               2:1.7.4-1+b2
ii  libxml2              2.9.1+dfsg1-5
ii  libxrandr2           2:1.4.2-1+b1
ii  libxrender1          1:0.9.8-1+b1
ii  libxslt1.1           1.1.28-2+b2
ii  libxss1              1:1.2.2-1
ii  libxtst6             2:1.2.2-1+b1
ii  x11-utils            7.7+2
ii  xdg-utils            1.1.0~rc1+git20111210-7.4

chromium recommends no packages.

Versions of packages chromium suggests:
pn  chromium-inspector  <none>
ii  chromium-l10n       44.0.2403.89-1~deb8u1

-- no debconf information

More information about the Pkg-chromium-maint mailing list