N/A - DSA-3148

Executive Summary

Summary
Title	chromium-browser end of life

Informations
Name	DSA-3148	First vendor Publication	2015-01-31
Vendor	Debian	Last vendor Modification	2015-01-31
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	Not Defined	Attack Range	Not Defined
Cvss Impact Score	Not Defined	Attack Complexity	Not Defined
Cvss Expoit Score	Not Defined	Authentication	Not Defined
Calculate full CVSS 2.0 Vectors scores

Detail

Security support for the chromium web browser is now discontinued for the stable distribution (wheezy). Chromium upstream stopped supporting wheezy's build environment (gcc 4.7, make, etc.), so there is no longer any practical way to continue building security updates.

Chromium users that desire continued security updates are encouraged to upgrade early to the upcoming stable release (jessie), Debian 8.

An alternative is to switch to the iceweasel web browser, which will continue to recieve security updates in wheezy for some time.

Note that until the official release happens, chromium package updates for jessie may have a larger than usual delay due to possible bugs and testing migration rules.

Also, there will be no more DSAs announcing chromium package updates until jessie becomes officially released.

Instructions for upgrading from Debian 7 to 8 are available at: https://www.debian.org/releases/jessie/amd64/release-notes/ch-upgrading.en.html

Media for installing Debian 8 from scratch are also available (the release candidate media, jessie_di_rc1, are recommended): http://www.debian.org/devel/debian-installer http://cdimage.debian.org/cdimage/jessie_di_rc1