The Stable channel has been updated to 121.0.6167.139 for Mac and Linux and 121.0.6167.139/140 to Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. [$5000][1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14 [$3000][1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29 [N/A][1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c534f7c02676ff0c1fa09cc2ded67086433da5b commit 9c534f7c02676ff0c1fa09cc2ded67086433da5b Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2024-01-31 04:49:07 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-31 09:41:22 +0000 www-client/google-chrome: automated update (121.0.6167.139) Bug: https://bugs.gentoo.org/923370 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> www-client/google-chrome/Manifest | 2 +- ...-chrome-121.0.6167.85.ebuild => google-chrome-121.0.6167.139.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a5cbf7bd7a2f58ec7e0c83901872e32bdbef7e9 commit 7a5cbf7bd7a2f58ec7e0c83901872e32bdbef7e9 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2024-01-30 11:13:59 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-31 09:41:21 +0000 www-client/chromium: add 121.0.6167.139 This ebuild adds support for building with a reduced patchset, using the Google toolchain. It's not going to be nearly as flexible as using the system toolchain, but will help to future-proof us against the use of prerelease clang or rust features in a stable ebuild. Bug: https://bugs.gentoo.org/923370 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 5 + www-client/chromium/chromium-121.0.6167.139.ebuild | 1367 ++++++++++++++++++++ .../chromium/files/chromium-119-minizip-cast.patch | 23 + 3 files changed, 1395 insertions(+)
Still waiting on Edge, fixed version seems to be 121.0.2277.98.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ffe70d93abab6b76f6a66ab104d842e14c394eaa commit ffe70d93abab6b76f6a66ab104d842e14c394eaa Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2024-02-06 00:42:12 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-02-06 03:24:56 +0000 www-client/microsoft-edge: automated bump (121.0.2277.106) Bug: https://bugs.gentoo.org/923370 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> www-client/microsoft-edge/Manifest | 1 + .../microsoft-edge-121.0.2277.106.ebuild | 127 +++++++++++++++++++++ 2 files changed, 128 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=740dc4866007470583ed2d85ce5153ba32f0f7b1 commit 740dc4866007470583ed2d85ce5153ba32f0f7b1 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-02-14 13:09:20 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-02-14 13:10:42 +0000 www-client/opera: automated bump (107.0.5045.21) Bug: https://bugs.gentoo.org/923370 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/opera/Manifest | 1 + www-client/opera/opera-107.0.5045.21.ebuild | 170 ++++++++++++++++++++++++++++ 2 files changed, 171 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7a125f7a086a739d056063da56386fef4fe01284 commit 7a125f7a086a739d056063da56386fef4fe01284 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-19 05:58:06 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2024-02-19 06:10:22 +0000 [ GLSA 202402-23 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/922062 Bug: https://bugs.gentoo.org/922340 Bug: https://bugs.gentoo.org/922903 Bug: https://bugs.gentoo.org/923370 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202402-23.xml | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+)
