| Summary: | <www-client/chromium-60.0.3112.78: multiple vulnerabilites | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | chromium, orodruinlair |
| Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html | ||
| Whiteboard: | A2 [glsa cve] | ||
| Package list: |
www-client/chromium-60.0.3112.78
|
Runtime testing required: | --- |
| Bug Depends on: | 604420 | ||
| Bug Blocks: | 626394 | ||
|
Description
Mike Gilbert
2017-07-27 20:19:18 UTC
An automated check of this bug failed - repoman reported dependency errors (41 lines truncated):
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: DEPEND: amd64(default/linux/amd64/13.0) ['>=media-libs/openh264-1.6.0:=']
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: RDEPEND: amd64(default/linux/amd64/13.0) ['>=media-libs/openh264-1.6.0:=']
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: DEPEND: amd64(default/linux/amd64/13.0/desktop) ['>=media-libs/openh264-1.6.0:=']
An automated check of this bug failed - repoman reported dependency errors (41 lines truncated):
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: DEPEND: amd64(default/linux/amd64/13.0) ['>=media-libs/openh264-1.6.0:=']
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: RDEPEND: amd64(default/linux/amd64/13.0) ['>=media-libs/openh264-1.6.0:=']
> dependency.bad www-client/chromium/chromium-60.0.3112.78.ebuild: DEPEND: amd64(default/linux/amd64/13.0/desktop) ['>=media-libs/openh264-1.6.0:=']
amd64 stable We have dropped the vulnerable versions, and the x86 stable keyword along with them. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0800f8979f71b727e0604bee486ed5d065379f5b commit 0800f8979f71b727e0604bee486ed5d065379f5b Author: Pawel Hajdan, Jr <phajdan.jr@gentoo.org> Date: Wed Aug 23 21:12:07 2017 +0200 www-client/chromium: remove old This drops stable x86 keywords. The security bug #626382 has not been handled for ~3 weeks. Package-Manager: Portage-2.3.6, Repoman-2.3.1 www-client/chromium/Manifest | 2 - www-client/chromium/chromium-59.0.3071.104.ebuild | 629 --------------------- www-client/chromium/chromium-60.0.3112.40.ebuild | 649 ---------------------- www-client/chromium/metadata.xml | 2 - 4 files changed, 1282 deletions(-) GLSA Request filed. Gentoo Security Padawan ChrisADR This issue was resolved and addressed in GLSA 201709-15 at https://security.gentoo.org/glsa/201709-15 by GLSA coordinator Aaron Bauman (b-man). |
