Bug 616048 (CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069)

Summary:	<www-client/chromium-58.0.3029.81: multiple vulnerabilities (Chrome 58)
Product:	Gentoo Security	Reporter:	Thomas Deutschmann (RETIRED) <whissi>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	major	CC:	chromium, floppym, xmw
Priority:	Normal	Flags:	stable-bot: sanity-check+
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html
Whiteboard:	A2 [glsa cve]
Package list:	www-client/chromium-58.0.3029.81	Runtime testing required:	Yes

Description Thomas Deutschmann (RETIRED) gentoo-dev

2017-04-19 20:16:04 UTC

From $URL:

The Chrome team is delighted to announce the promotion of Chrome 58 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 58.0.3029.81 contains a number of fixes and improvements -- a list of changes is available in the log.  Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 58.

Security Fixes and Rewards
==========================
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 29 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information:

High CVE-2017-5057: Type confusion in PDFium.
High CVE-2017-5058: Heap use after free in Print Preview.
High CVE-2017-5059: Type confusion in Blink.
Medium CVE-2017-5060: URL spoofing in Omnibox.
Medium CVE-2017-5061: URL spoofing in Omnibox.
Medium CVE-2017-5062: Use after free in Chrome Apps.
Medium CVE-2017-5063: Heap overflow in Skia.
Medium CVE-2017-5064: Use after free in Blink.
Medium CVE-2017-5065: Incorrect UI in Blink.
Medium CVE-2017-5066: Incorrect signature handing in Networking.
Medium CVE-2017-5067: URL spoofing in Omnibox.
Low CVE-2017-5069: Cross-origin bypass in Blink.

Comment 1 Mike Gilbert gentoo-dev

2017-04-19 22:17:18 UTC

www-client/google-chrome never gets stabilized, so we don't bother filing security bugs for it.

Changing the summary to www-client/chromium.

Comment 2 Yury German Gentoo Infrastructure

2017-04-21 00:26:17 UTC

(In reply to Mike Gilbert from comment #1)
> www-client/google-chrome never gets stabilized, so we don't bother filing
> security bugs for it.

We should still have it in the summary. Reason is that even non-stable packages need clean-up. Even though I know you clean up both.

Comment 3 Mike Gilbert gentoo-dev

2017-04-21 00:49:49 UTC

(In reply to Yury German from comment #2)

google-chrome distfiles are removed immediately upstream, and the ebuild has RESTRICT="mirror".

Any "cleanup" in the Gentoo side is cosmetic, and happens via a scripted update anyway.

Comment 4 Agostino Sarubbo gentoo-dev

2017-04-23 10:32:55 UTC

amd64 stable

Comment 5 Agostino Sarubbo gentoo-dev

2017-04-27 10:42:16 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 6 Yury German Gentoo Infrastructure

2017-04-28 01:39:59 UTC

Arches, Thank you for your work.
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).

Comment 7 Mike Gilbert gentoo-dev

2017-04-28 14:53:37 UTC

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=650396f9a8fa1c676a608470862bdaa0b33c4d84

commit 650396f9a8fa1c676a608470862bdaa0b33c4d84
Author: Mike Gilbert <floppym@gentoo.org>
Date:   Fri Apr 28 10:52:45 2017 -0400

    www-client/chromium: remove old

    Package-Manager: Portage-2.3.5_p31, Repoman-2.3.2_p61

 www-client/chromium/Manifest                      |   3 -
 www-client/chromium/chromium-57.0.2987.133.ebuild | 645 ---------------------
 www-client/chromium/chromium-58.0.3029.14.ebuild  | 651 ---------------------
 www-client/chromium/chromium-58.0.3029.19.ebuild  | 652 ----------------------
 4 files changed, 1951 deletions(-)

Comment 8 GLSAMaker/CVETool Bot gentoo-dev

2017-05-07 20:29:02 UTC

This issue was resolved and addressed in
 GLSA 201705-02 at https://security.gentoo.org/glsa/201705-02
by GLSA coordinator Thomas Deutschmann (whissi).