Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 647636 (CVE-2018-6056) - <www-client/chromium-64.0.3282.167: Incorrect derived class instantiation vulnerability
Summary: <www-client/chromium-64.0.3282.167: Incorrect derived class instantiation vul...
Status: RESOLVED FIXED
Alias: CVE-2018-6056
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: B1 [glsa+ cve]
Keywords:
Depends on:
Blocks: CVE-2018-6031, CVE-2018-6032, CVE-2018-6033, CVE-2018-6034, CVE-2018-6035, CVE-2018-6036, CVE-2018-6037, CVE-2018-6038, CVE-2018-6039, CVE-2018-6040, CVE-2018-6041, CVE-2018-6042, CVE-2018-6043, CVE-2018-6045, CVE-2018-6046, CVE-2018-6047, CVE-2018-6048, CVE-2018-6049, CVE-2018-6050, CVE-2018-6051, CVE-2018-6052, CVE-2018-6053, CVE-2018-6054
  Show dependency tree
 
Reported: 2018-02-14 17:55 UTC by GLSAMaker/CVETool Bot
Modified: 2018-02-19 23:22 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-64.0.3282.167
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-14 17:55:21 UTC 
CVE-2018-6056 (https://nvd.nist.gov/vuln/detail/CVE-2018-6056):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
Comment 1 Mike Gilbert gentoo-dev 2018-02-14 20:09:16 UTC 
Please stabilize.
Comment 2 Larry the Git Cow gentoo-dev 2018-02-16 15:45:28 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05053a3e0286c1882bdca0de8cf68ece2ee3e75e

commit 05053a3e0286c1882bdca0de8cf68ece2ee3e75e
Author:     Richard Freeman <rich0@gentoo.org>
AuthorDate: 2018-02-16 15:45:08 +0000
Commit:     Richard Freeman <rich0@gentoo.org>
CommitDate: 2018-02-16 15:45:08 +0000

    www-client/chromium: amd64 stable
    
    Bug: https://bugs.gentoo.org/647636
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 www-client/chromium/chromium-64.0.3282.167.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2018-02-19 23:22:27 UTC 
This issue was resolved and addressed in
 GLSA 201802-02 at https://security.gentoo.org/glsa/201802-02
by GLSA coordinator Christopher Diaz Riveros (chrisadr).