[1285234] High CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07 [1299287] High CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21 [1301873] High CVE-2022-1307: Inappropriate implementation in full screen. Reported by Irvan Kurniawan (sourc7) on 2022-03-01 [1283050] High CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci @sametbekmezci on 2021-12-28 [1106456] High CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17 [1307610] High CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on 2022-03-18 [1310717] High CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28 [1311701] High CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30 [1270539] Medium CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16 [1304658] Medium CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46b47cf67a730b7a66359dd47a52f20ca0520225 commit 46b47cf67a730b7a66359dd47a52f20ca0520225 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-04-12 11:20:23 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-04-12 11:20:47 +0000 www-client/chromium: stable channel bump to 100.0.4896.88 Bug: https://bugs.gentoo.org/838049 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-100.0.4896.88.ebuild | 1028 +++++++++++++++++++++ 2 files changed, 1029 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a1cd0dee5803c21ad6a24f1c7ab5ffc633c7c4a2 commit a1cd0dee5803c21ad6a24f1c7ab5ffc633c7c4a2 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-04-16 20:38:14 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-04-16 20:38:14 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/838049 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 - www-client/chromium/chromium-100.0.4896.75.ebuild | 1026 --------------------- 2 files changed, 1027 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 14:29:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-14 14:33:57 +0000 [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/773040 Bug: https://bugs.gentoo.org/787950 Bug: https://bugs.gentoo.org/800181 Bug: https://bugs.gentoo.org/810781 Bug: https://bugs.gentoo.org/815397 Bug: https://bugs.gentoo.org/828519 Bug: https://bugs.gentoo.org/829161 Bug: https://bugs.gentoo.org/834477 Bug: https://bugs.gentoo.org/835397 Bug: https://bugs.gentoo.org/835761 Bug: https://bugs.gentoo.org/836011 Bug: https://bugs.gentoo.org/836381 Bug: https://bugs.gentoo.org/836777 Bug: https://bugs.gentoo.org/836830 Bug: https://bugs.gentoo.org/837497 Bug: https://bugs.gentoo.org/838049 Bug: https://bugs.gentoo.org/838433 Bug: https://bugs.gentoo.org/838682 Bug: https://bugs.gentoo.org/841371 Bug: https://bugs.gentoo.org/843035 Bug: https://bugs.gentoo.org/843728 Bug: https://bugs.gentoo.org/847370 Bug: https://bugs.gentoo.org/847613 Bug: https://bugs.gentoo.org/848864 Bug: https://bugs.gentoo.org/851003 Bug: https://bugs.gentoo.org/851009 Bug: https://bugs.gentoo.org/853229 Bug: https://bugs.gentoo.org/853643 Bug: https://bugs.gentoo.org/854372 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 284 insertions(+)
GLSA done, all done.
