Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 838433 (CVE-2022-1364) - <www-client/chromium-100.0.4896.127 <www-client/google-chrome-100.0.4896.127: Multiple vulnerabilities
Summary: <www-client/chromium-100.0.4896.127 <www-client/google-chrome-100.0.4896.127:...
Status: RESOLVED FIXED
Alias: CVE-2022-1364
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+]
Keywords:
Depends on: 838436
Blocks: CVE-2022-29144
  Show dependency tree
 
Reported: 2022-04-15 08:56 UTC by Stephan Hartmann (RETIRED)
Modified: 2022-08-14 14:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann (RETIRED) gentoo-dev 2022-04-15 08:56:55 UTC
[1315901] High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2022-04-13

Google is aware that an exploit for CVE-2022-1364 exists in the wild.
Comment 1 Larry the Git Cow gentoo-dev 2022-04-15 09:21:42 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d30584fc65bbc6eb9ccae6350a1859a794cf87d

commit 8d30584fc65bbc6eb9ccae6350a1859a794cf87d
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2022-04-15 09:21:24 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2022-04-15 09:21:37 +0000

    www-client/chromium: stable channel bump to 100.0.4896.127
    
    Bug: https://bugs.gentoo.org/838433
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                       |    1 +
 www-client/chromium/chromium-100.0.4896.127.ebuild | 1028 ++++++++++++++++++++
 2 files changed, 1029 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2022-04-16 20:39:20 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c54f0bcfbf53a0c260081ec948358853b51c52d0

commit c54f0bcfbf53a0c260081ec948358853b51c52d0
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2022-04-16 20:38:56 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2022-04-16 20:38:56 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/838433
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                      |    1 -
 www-client/chromium/chromium-100.0.4896.88.ebuild | 1028 ---------------------
 2 files changed, 1029 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 04:58:53 UTC
GLSA request filed
Comment 4 Larry the Git Cow gentoo-dev 2022-08-14 14:34:24 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5

commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-14 14:29:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-14 14:33:57 +0000

    [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/773040
    Bug: https://bugs.gentoo.org/787950
    Bug: https://bugs.gentoo.org/800181
    Bug: https://bugs.gentoo.org/810781
    Bug: https://bugs.gentoo.org/815397
    Bug: https://bugs.gentoo.org/828519
    Bug: https://bugs.gentoo.org/829161
    Bug: https://bugs.gentoo.org/834477
    Bug: https://bugs.gentoo.org/835397
    Bug: https://bugs.gentoo.org/835761
    Bug: https://bugs.gentoo.org/836011
    Bug: https://bugs.gentoo.org/836381
    Bug: https://bugs.gentoo.org/836777
    Bug: https://bugs.gentoo.org/836830
    Bug: https://bugs.gentoo.org/837497
    Bug: https://bugs.gentoo.org/838049
    Bug: https://bugs.gentoo.org/838433
    Bug: https://bugs.gentoo.org/838682
    Bug: https://bugs.gentoo.org/841371
    Bug: https://bugs.gentoo.org/843035
    Bug: https://bugs.gentoo.org/843728
    Bug: https://bugs.gentoo.org/847370
    Bug: https://bugs.gentoo.org/847613
    Bug: https://bugs.gentoo.org/848864
    Bug: https://bugs.gentoo.org/851003
    Bug: https://bugs.gentoo.org/851009
    Bug: https://bugs.gentoo.org/853229
    Bug: https://bugs.gentoo.org/853643
    Bug: https://bugs.gentoo.org/854372
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 284 insertions(+)
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 14:37:56 UTC
GLSA done, all done.