| Summary: | <www-client/chromium-61.0.3163.100: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | chromium |
| Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html | ||
| Whiteboard: | A2 [glsa cve cleanup] | ||
| Package list: |
www-client/chromium-61.0.3163.100
|
Runtime testing required: | --- |
amd64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA Request filed. Gentoo Security Padawan ChrisADR This issue was resolved and addressed in GLSA 201709-25 at https://security.gentoo.org/glsa/201709-25 by GLSA coordinator Aaron Bauman (b-man). |
This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers: - [$7500][765433] High CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet, Microsoft Offensive Security Research and Microsoft ChakraCore team on 2017-09-14 - [$3000][752423] High CVE-2017-5122: Out-of-bounds access in V8. Reported by Choongwoo Han of Naver Corporation on 2017-08-04 - [767508] Various fixes from internal audits, fuzzing and other initiatives