Summary: | <www-client/{chromium,google-chrome}-80.0.3987.122: multiple vulnerabilities (CVE-2020-{6407,6418}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stephan Hartmann (RETIRED) <sultan> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | chromium, ian.kumlien, mpagano |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html | ||
See Also: | https://github.com/gentoo/gentoo/pull/14792 | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
www-client/chromium-80.0.3987.122
|
Runtime testing required: | --- |
Bug Depends on: | 710758 | ||
Bug Blocks: |
Description
Stephan Hartmann (RETIRED)
2020-02-25 07:38:59 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0f3c3a9f2c158caaf710a4b581c0a0835fe3e8e commit c0f3c3a9f2c158caaf710a4b581c0a0835fe3e8e Author: Stephan Hartmann <stha09@googlemail.com> AuthorDate: 2020-02-25 11:33:39 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-02-25 15:21:47 +0000 www-client/chromium: stable channel bump to 80.0.3987.122 Bug: https://bugs.gentoo.org/710760 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Stephan Hartmann <stha09@googlemail.com> Signed-off-by: Mike Gilbert <floppym@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/14772 www-client/chromium/Manifest | 2 +- .../{chromium-80.0.3987.116.ebuild => chromium-80.0.3987.122.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) *** Bug 710776 has been marked as a duplicate of this bug. *** Doesn't this affect google-chrome as well? Current package in tree: 80.0.3987.116 Yes, it affects google chrome, and my google-chrome bug was merged with this one. So #710776 isn't solved and shouldn't have been merged with this one... amd64 stable. Maintainer(s), please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53214591636f7e86b5c45c2387ac7413826ea454 commit 53214591636f7e86b5c45c2387ac7413826ea454 Author: Stephan Hartmann <stha09@googlemail.com> AuthorDate: 2020-02-27 18:04:27 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-02-28 19:40:45 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/710760 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Stephan Hartmann <stha09@googlemail.com> Signed-off-by: Mike Gilbert <floppym@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/14792 www-client/chromium/Manifest | 1 - www-client/chromium/chromium-80.0.3987.100.ebuild | 738 ---------------------- 2 files changed, 739 deletions(-) CVE-2020-6418 (https://nvd.nist.gov/vuln/detail/CVE-2020-6418): Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6407 (https://nvd.nist.gov/vuln/detail/CVE-2020-6407): Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. New GLSA request filed. Repository is clean. This issue was resolved and addressed in GLSA 202003-08 at https://security.gentoo.org/glsa/202003-08 by GLSA coordinator Thomas Deutschmann (whissi). |