Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 858104 (CVE-2022-2295, CVE-2022-2296)

Summary: <www-client/chromium-103.0.5060.114 <www-client/google-chrome-103.0.5060.114: Multiple vulnerabilities
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: chromium
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=866332
Whiteboard: A2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 858788    
Bug Blocks: 861764    

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-07-15 02:41:57 UTC
https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html

 Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$TBD][1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01

[$7500][1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16

[$3000][1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-07-15 02:48:35 UTC
Working on Chromium. google-chrome done.
Comment 2 Larry the Git Cow gentoo-dev 2022-07-15 04:54:34 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f192ebd258a3d865c570094a386712e3a09d662

commit 1f192ebd258a3d865c570094a386712e3a09d662
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-07-15 04:50:18 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-07-15 04:53:45 +0000

    www-client/chromium: add 103.0.5060.114
    
    Bug: https://bugs.gentoo.org/858104
    Closes: https://bugs.gentoo.org/854981
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                       |    1 +
 www-client/chromium/chromium-103.0.5060.114.ebuild | 1114 ++++++++++++++++++++
 2 files changed, 1115 insertions(+)
Comment 3 Joonas Niilola gentoo-dev 2022-07-15 05:26:10 UTC
Seeing the concerns in our forums, a question: is chromium-bin's "build recipe" public so anyone could bump it while the maintainer is away?

(Also this security bug should probably extend to chromium-bin too)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-15 16:03:33 UTC
Good point, thanks!
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-07-20 03:56:16 UTC
(In reply to Joonas Niilola from comment #3)
> Seeing the concerns in our forums, a question: is chromium-bin's "build
> recipe" public so anyone could bump it while the maintainer is away?
> 
> (Also this security bug should probably extend to chromium-bin too)

AFAIK no, but if someone finds it/is aware, do share.

The various binary browsers however *do* have scripts in https://gitweb.gentoo.org/proj/chromium-tools.git/.
Comment 6 Larry the Git Cow gentoo-dev 2022-07-20 03:57:15 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ed5d19dabaccd4243802aa0da959784f6c5627e

commit 7ed5d19dabaccd4243802aa0da959784f6c5627e
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-07-20 03:56:55 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-07-20 03:56:55 +0000

    www-client/chromium: drop 103.0.5060.53
    
    Bug: https://bugs.gentoo.org/858104
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                      |    1 -
 www-client/chromium/chromium-103.0.5060.53.ebuild | 1114 ---------------------
 2 files changed, 1115 deletions(-)
Comment 7 Larry the Git Cow gentoo-dev 2022-08-21 06:13:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=cc821fda3ee186d2bcc82c6163599beb50f2302d

commit cc821fda3ee186d2bcc82c6163599beb50f2302d
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-21 06:11:41 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-21 06:12:55 +0000

    [ GLSA 202208-35 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/858104
    Bug: https://bugs.gentoo.org/859442
    Bug: https://bugs.gentoo.org/863512
    Bug: https://bugs.gentoo.org/864723
    Bug: https://bugs.gentoo.org/865501
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202208-35.xml | 126 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 126 insertions(+)
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-08-21 06:14:12 UTC
GLSA done, all done.