The Stable channel has been updated to 125.0.6422.76 for Linux which will roll out over the coming days/weeks. This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$11000][336012573] High CVE-2024-5157: Use after free in Scheduling. Reported by Looben Yang on 2024-04-21 [$10000][338908243] High CVE-2024-5158: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-05-06 [$5000][335613092] High CVE-2024-5159: Heap buffer overflow in ANGLE. Reported by David Sievers (@loknop) on 2024-04-18 [TBD][338161969] High CVE-2024-5160: Heap buffer overflow in Dawn. Reported by wgslfuzz on 2024-05-01
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=03fea126119189e9b63f216aaf4cc3ed27191a81 commit 03fea126119189e9b63f216aaf4cc3ed27191a81 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-05-22 04:34:59 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-05-22 07:12:33 +0000 www-client/chromium: add 125.0.6422.76 Bug: https://bugs.gentoo.org/932394 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-125.0.6422.76.ebuild | 1453 +++++++++++++++++++++ 2 files changed, 1454 insertions(+)
Google chrome was updated in d0158f1a2ec44f65063f4679b37c5285642d632e but I transposed digits in the bug number.
