|Summary:||<www-client/chromium-58.0.3029.81: multiple vulnerabilities (Chrome 58)|
|Product:||Gentoo Security||Reporter:||Thomas Deutschmann <whissi>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Severity:||major||CC:||chromium, floppym, xmw|
|Whiteboard:||A2 [glsa cve]|
|Runtime testing required:||Yes|
Description Thomas Deutschmann 2017-04-19 20:16:04 UTC
From $URL: The Chrome team is delighted to announce the promotion of Chrome 58 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 58.0.3029.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 58. Security Fixes and Rewards ========================== Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 29 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information: High CVE-2017-5057: Type confusion in PDFium. High CVE-2017-5058: Heap use after free in Print Preview. High CVE-2017-5059: Type confusion in Blink. Medium CVE-2017-5060: URL spoofing in Omnibox. Medium CVE-2017-5061: URL spoofing in Omnibox. Medium CVE-2017-5062: Use after free in Chrome Apps. Medium CVE-2017-5063: Heap overflow in Skia. Medium CVE-2017-5064: Use after free in Blink. Medium CVE-2017-5065: Incorrect UI in Blink. Medium CVE-2017-5066: Incorrect signature handing in Networking. Medium CVE-2017-5067: URL spoofing in Omnibox. Low CVE-2017-5069: Cross-origin bypass in Blink.
Comment 1 Mike Gilbert 2017-04-19 22:17:18 UTC
www-client/google-chrome never gets stabilized, so we don't bother filing security bugs for it. Changing the summary to www-client/chromium.
Comment 2 Yury German 2017-04-21 00:26:17 UTC
(In reply to Mike Gilbert from comment #1) > www-client/google-chrome never gets stabilized, so we don't bother filing > security bugs for it. We should still have it in the summary. Reason is that even non-stable packages need clean-up. Even though I know you clean up both.
Comment 3 Mike Gilbert 2017-04-21 00:49:49 UTC
(In reply to Yury German from comment #2) google-chrome distfiles are removed immediately upstream, and the ebuild has RESTRICT="mirror". Any "cleanup" in the Gentoo side is cosmetic, and happens via a scripted update anyway.
Comment 4 Agostino Sarubbo 2017-04-23 10:32:55 UTC
Comment 5 Agostino Sarubbo 2017-04-27 10:42:16 UTC
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Comment 6 Yury German 2017-04-28 01:39:59 UTC
Arches, Thank you for your work. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s).
Comment 7 Mike Gilbert 2017-04-28 14:53:37 UTC
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=650396f9a8fa1c676a608470862bdaa0b33c4d84 commit 650396f9a8fa1c676a608470862bdaa0b33c4d84 Author: Mike Gilbert <email@example.com> Date: Fri Apr 28 10:52:45 2017 -0400 www-client/chromium: remove old Package-Manager: Portage-2.3.5_p31, Repoman-2.3.2_p61 www-client/chromium/Manifest | 3 - www-client/chromium/chromium-57.0.2987.133.ebuild | 645 --------------------- www-client/chromium/chromium-58.0.3029.14.ebuild | 651 --------------------- www-client/chromium/chromium-58.0.3029.19.ebuild | 652 ---------------------- 4 files changed, 1951 deletions(-)