[$7000][1454086] High CVE-2023-3727: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-06-12 [$7000][1457421] High CVE-2023-3728: Use after free in WebRTC. Reported by Zhenghang Xiao (@Kipreyyy) on 2023-06-23 [$2000][1453465] High CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel on 2023-06-09 [$NA][1450899] High CVE-2023-3732: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero on 2023-06-02 [$5000][1450203] Medium CVE-2023-3733: Inappropriate implementation in WebApp Installs. Reported by Ahmed ElMasry on 2023-05-31 [$5000][1450376] Medium CVE-2023-3734: Inappropriate implementation in Picture In Picture. Reported by Thomas Orlita on 2023-06-01 [$2000][1394410] Medium CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts. Reported by Ahmed ElMasry on 2022-11-29 [$2000][1434438] Medium CVE-2023-3736: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien) on 2023-04-19 [$2000][1446754] Medium CVE-2023-3737: Inappropriate implementation in Notifications. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2023-05-19 [$1000][1434330] Medium CVE-2023-3738: Inappropriate implementation in Autofill. Reported by Hafiizh on 2023-04-18 [$1000][1405223] Low CVE-2023-3740: Insufficient validation of untrusted input in Themes. Reported by Fardeen Siddiqui on 2023-01-06
115.0.5790.98 has been promoted from beta->stable channel. Please update the subslot in the ebuild, then stable (later?) when ready.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6498096f6532c3de0c3455ac2346af50cd29b78b commit 6498096f6532c3de0c3455ac2346af50cd29b78b Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-07-19 15:23:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-07-19 20:41:07 +0000 www-client/chromium: 115.0.5790.98 slot as stable - update HOMEPAGE - add 115 ppc patches Bug: https://bugs.gentoo.org/910522 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/31958 Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-115.0.5790.98.ebuild | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d47c4cddd04cb8291036653bc1be540414978d31 commit d47c4cddd04cb8291036653bc1be540414978d31 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2023-08-03 18:28:18 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2023-08-03 18:31:34 +0000 www-client/chromium: drop 114.0.5735.198 Bug: https://bugs.gentoo.org/910522 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 3 - www-client/chromium/chromium-114.0.5735.198.ebuild | 1270 -------------------- .../files/chromium-109-system-openh264.patch | 20 - ...ium-113-gcc-13-0001-vulkanmemoryallocator.patch | 10 - .../files/chromium-113-swiftshader-cstdint.patch | 40 - .../chromium/files/chromium-114-compiler.patch | 171 --- .../chromium/files/chromium-114-iwyu-gcc-13.patch | 75 -- .../chromium/files/chromium-114-sigsegv-dom.patch | 73 -- 8 files changed, 1662 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa commit 8064a0b694d29fb2fca491d65494098fb43c2ffa Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 15:39:13 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 15:39:35 +0000 [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907999 Bug: https://bugs.gentoo.org/908471 Bug: https://bugs.gentoo.org/909283 Bug: https://bugs.gentoo.org/910522 Bug: https://bugs.gentoo.org/911675 Bug: https://bugs.gentoo.org/912364 Bug: https://bugs.gentoo.org/913016 Bug: https://bugs.gentoo.org/913710 Bug: https://bugs.gentoo.org/914350 Bug: https://bugs.gentoo.org/914871 Bug: https://bugs.gentoo.org/915137 Bug: https://bugs.gentoo.org/915560 Bug: https://bugs.gentoo.org/915961 Bug: https://bugs.gentoo.org/916252 Bug: https://bugs.gentoo.org/916620 Bug: https://bugs.gentoo.org/917021 Bug: https://bugs.gentoo.org/917357 Bug: https://bugs.gentoo.org/918882 Bug: https://bugs.gentoo.org/919321 Bug: https://bugs.gentoo.org/919802 Bug: https://bugs.gentoo.org/920442 Bug: https://bugs.gentoo.org/921337 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 229 insertions(+)
