Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 796521 (CVE-2021-30554, CVE-2021-30556, CVE-2021-30557)

Summary: <www-client/chromium-91.0.4472.114 <www-client/google-chrome-91.0.4472.114: Multiple vulnerabilities (CVE-2021-{30554,30556,30557})
Product: Gentoo Security Reporter: Stephan Hartmann (RETIRED) <sultan>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: chromium
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop_17.html
See Also: https://bugs.gentoo.org/show_bug.cgi?id=796338
https://bugs.gentoo.org/show_bug.cgi?id=800181
Whiteboard: A2 [glsa+ cve]
Package list:
www-client/chromium-91.0.4472.114
Runtime testing required: ---

Description Stephan Hartmann (RETIRED) gentoo-dev 2021-06-17 21:08:28 UTC
See ${URL}.

www-client/google-chrome bumped already, but no tarball for www-client/chromium yet.
Comment 1 Agostino Sarubbo gentoo-dev 2021-06-18 09:54:01 UTC
(In reply to Stephan Hartmann from comment #0)

> no tarball for www-client/chromium yet.

it looks to be available now
Comment 2 Larry the Git Cow gentoo-dev 2021-06-18 18:50:18 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc7070d61836d0b805b57bd8a5e0b46c12bb6a64

commit dc7070d61836d0b805b57bd8a5e0b46c12bb6a64
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-06-18 18:49:57 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-06-18 18:50:05 +0000

    www-client/chromium: stable channel bump to 91.0.4472.114
    
    Bug: https://bugs.gentoo.org/796521
    Package-Manager: Portage-3.0.20, Repoman-3.0.2
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                      |   1 +
 www-client/chromium/chromium-91.0.4472.114.ebuild | 944 ++++++++++++++++++++++
 2 files changed, 945 insertions(+)
Comment 3 Agostino Sarubbo gentoo-dev 2021-06-19 18:48:00 UTC
amd64 stable
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-05 03:24:43 UTC
arm64 done

all arches done
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-05 03:29:15 UTC
Request filed
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2021-07-06 03:35:07 UTC
This issue was resolved and addressed in
 GLSA 202107-06 at https://security.gentoo.org/glsa/202107-06
by GLSA coordinator John Helmert III (ajak).
Comment 7 Larry the Git Cow gentoo-dev 2021-07-24 07:44:30 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f8e03ee7aea9890798ea058e60a56dc64d0f0805

commit f8e03ee7aea9890798ea058e60a56dc64d0f0805
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-07-24 07:44:16 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-07-24 07:44:16 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/796521
    Package-Manager: Portage-3.0.20, Repoman-3.0.2
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                      |   1 -
 www-client/chromium/chromium-91.0.4472.114.ebuild | 944 ----------------------
 2 files changed, 945 deletions(-)