| Summary: | <www-client/chromium-86.0.4240.183 <www-client/google-chrome-86.0.4240.183: Multiple vulnerabilities (CVE-2020-{16004,16005,16006,16008,16009}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stephan Hartmann (RETIRED) <sultan> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | chromium |
| Priority: | Normal | Keywords: | CC-ARCHES |
| Version: | unspecified | Flags: | nattka:
sanity-check-
|
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html | ||
| Whiteboard: | A2 [glsa cve] | ||
| Package list: |
www-client/chromium-86.0.4240.183
|
Runtime testing required: | --- |
Tarball is up. DIST chromium-86.0.4240.183.tar.xz 825615220 BLAKE2B 72cf9099de420b1cb2af8841a4f7c430ad137a81d0cecb3130549a8bb15e66b1c13d4ff462c6b9e2682f269e1efd24d77416071fe4785481dfd97cac0a740661 SHA512 25d46413a39c0181ee400bcc9cf9ba4a83b4b000c4dcee5a8d471f5ddf21b80b010e6887cf387722278144657fd5f77e8ca4002b9d4f738853473bc79c776cc1 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2689264e3d86e40b0bb252d97eb18e20393b361a commit 2689264e3d86e40b0bb252d97eb18e20393b361a Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2020-11-03 17:21:27 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2020-11-03 17:21:41 +0000 www-client/chromium: stable channel bump to 86.0.4240.183 Bug: https://bugs.gentoo.org/752375 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-86.0.4240.183.ebuild | 892 ++++++++++++++++++++++ 2 files changed, 893 insertions(+) amd64 done arm64 done The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9d3828e988df46b3997c07504bc18dd6e78a1777 commit 9d3828e988df46b3997c07504bc18dd6e78a1777 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2020-11-06 18:07:54 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2020-11-06 18:09:00 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/752375 Bug: https://bugs.gentoo.org/750854 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 3 - .../chromium/chromium-86.0.4240.111-r1.ebuild | 892 --------------------- www-client/chromium/chromium-86.0.4240.75.ebuild | 889 -------------------- 3 files changed, 1784 deletions(-) Unable to check for sanity:
> no match for package: www-client/chromium-86.0.4240.183
|
See ${URL}. CVE-2020-16007: Ignored, because we don't use installer and looks Windows specific. https://chromium-review.googlesource.com/c/chromium/src/+/2484651 CVE-2020-16011: Windows-only problem https://chromium-review.googlesource.com/c/chromium/src/+/2513345