| Summary: | <www-client/chromium-79.0.3945.117: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stephan Hartmann (RETIRED) <sultan> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | chromium |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | Flags: | stable-bot:
sanity-check+
|
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html | ||
| See Also: | https://github.com/gentoo/gentoo/pull/14300 | ||
| Whiteboard: | A2 [glsa+ cve] | ||
| Package list: |
=www-client/chromium-79.0.3945.117
|
Runtime testing required: | --- |
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=21013331897b12e00f9d1ad963259679121bb91d commit 21013331897b12e00f9d1ad963259679121bb91d Author: Stephan Hartmann <stha09@googlemail.com> AuthorDate: 2020-01-08 15:26:01 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-01-09 16:05:30 +0000 www-client/chromium: stable channel bump to 79.0.3945.117 Bug: https://bugs.gentoo.org/704960 Package-Manager: Portage-2.3.76, Repoman-2.3.16 Signed-off-by: Stephan Hartmann <stha09@googlemail.com> Signed-off-by: Mike Gilbert <floppym@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/14281 www-client/chromium/Manifest | 1 + www-client/chromium/chromium-79.0.3945.117.ebuild | 736 ++++++++++++++++++++++ 2 files changed, 737 insertions(+) amd64 stable. Maintainer(s), please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6aa36e5c42c800d041c8d07e18595b6c9f6d8ad5 commit 6aa36e5c42c800d041c8d07e18595b6c9f6d8ad5 Author: Stephan Hartmann <stha09@googlemail.com> AuthorDate: 2020-01-10 19:27:47 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-01-10 20:21:58 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/704960 Package-Manager: Portage-2.3.76, Repoman-2.3.16 Signed-off-by: Stephan Hartmann <stha09@googlemail.com> Signed-off-by: Mike Gilbert <floppym@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/14300 www-client/chromium/Manifest | 1 - www-client/chromium/chromium-79.0.3945.88.ebuild | 736 ----------------------- 2 files changed, 737 deletions(-) For the bin package www-client/google-chrome-79.0.3945.117 this works as a simple bump rename of the old ebuild as I have tested (tested run of the application also) successfully with my local overlay: --- # emerge -1p www-client/google-chrome These are the packages that would be merged, in order: Calculating dependencies ..... ...... . ... done! [ebuild R ] www-client/google-chrome-79.0.3945.117::local USE="(-selinux)" L10N="-am -ar -bg -bn -ca -cs -da de -el -en-GB -es -es-419 -et -fa -fi -fil -fr -gu -he -hi -hr -hu -id -it -ja -kn -ko -lt -lv -ml -mr -ms -nb -nl -pl -pt-BR -pt-PT -ro -ru -sk -sl -sr -sv -sw -ta -te -th -tr -uk -vi -zh-CN -zh-TW" 0 KiB Total: 1 package (1 reinstall), Size of downloads: 0 KiB --- Do we have to open an extra security bug for this bump to happen? Added to an existing GLSA request. This issue was resolved and addressed in GLSA 202003-08 at https://security.gentoo.org/glsa/202003-08 by GLSA coordinator Thomas Deutschmann (whissi). |
See ${URL} Reproducible: Always