[CentOS] And then there was one (browser)

Thu Feb 6 16:41:43 UTC 2014
Phelps, Matt <mphelps at cfa.harvard.edu>

On Thu, Feb 6, 2014 at 11:12 AM, Fabian Arrotin
<fabian.arrotin at arrfab.net>wrote:

> On 06/02/14 16:26, Phelps, Matt wrote:
> > On Wed, Feb 5, 2014 at 12:30 AM, Robert Arkiletian <robark at gmail.com>
> wrote:
> >
> >> new potential remote code exploit in Chromium flash.
> >>
> http://googlechromereleases.blogspot.ca/2014/02/stable-channel-update.html
> >>
> >> Doesn't look like these repos are being updated.
> >> http://people.redhat.com/tpopela/rpms/
> >> http://people.centos.org/hughesjr/chromium/6/
> >>
> >> Any info on this issue would be welcome.
> >>
> >
> >
> > Yes, please. Can the CentOS folks check with their newly minted Red Hat
> > brethren on this issue?
> >
> > This is getting critical for us. We have over a hundred CO6 desktops that
> > are currently running an insecure version of chromium. The security
> people
> > are all over us on this!
> >
> > We need to run chrome/chromium in order to manage our Google Apps for
> > Government deployment (for over 1000 users). It doesn't work right with
> > firefox.
> >
> > If we need to apply pressure elsewhere, please let us know where to
> direct
> > our fury.
> >
>
> ... to Google ? (especially because it's *their* browser to support
> *their* Google Apps ....)
>
>
Of course we already have notified Google.

I was hoping for a little more granularity. Google is a large place; as is
Red Hat I know. There was word that Red Hat was working with Google on a
solution, and I was hoping to hear if there was any movement.

I can't ask Red Hat since we don't pay for it, but perhaps the new CentOS
relationship with them can offer a channel of communication for the
Community.



-- 
Matt Phelps
System Administrator, Computation Facility
Harvard - Smithsonian Center for Astrophysics
mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu