Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 922903 (CVE-2024-0804, CVE-2024-0805, CVE-2024-0806, CVE-2024-0807, CVE-2024-0808, CVE-2024-0809, CVE-2024-0810, CVE-2024-0811, CVE-2024-0812, CVE-2024-0813, CVE-2024-0814)

Summary: <www-client/chromium-121.0.6167.85 <www-client/google-chrome-121.0.6167.85 <www-client/microsoft-edge-121.0.2277.83: Multiple vulnerabilities
Product: Gentoo Security Reporter: Matt Jolly <kangie>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: ajak, chromium, kangie
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/35001
Whiteboard: A3 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 922982, 927746    
Bug Blocks:    

Description Matt Jolly gentoo-dev 2024-01-25 12:53:30 UTC
The Stable channel has been updated to 121.0.6167.85 for Mac and Linux

This update includes 17 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$11000][1505080] High CVE-2024-0807: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25

[$9000][1484394] High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19

[$6000][1504936] High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane (rebane2001) on 2023-11-24

[$2000][1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools. Reported by Shaheen Fazim on 2023-10-26

[$1000][1463935] Medium CVE-2024-0814: Incorrect security UI in Payments. Reported by Muneaki Nishimura (nishimunea) on 2023-07-11

[$1000][1477151] Medium CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01 on 2023-08-30

[$1000][1505176] Medium CVE-2024-0806: Use after free in Passwords. Reported by 18楼梦想改造家 on 2023-11-25

[TBD][1514925] Medium CVE-2024-0805: Inappropriate implementation in Downloads. Reported by Om Apip on 2024-01-01

[TBD][1515137] Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India)  on 2024-01-03

[N/A][1494490] Low CVE-2024-0811: Inappropriate implementation in Extensions API. Reported by Jann Horn of Google Project Zero on 2023-10-21

[TBD][1497985] Low CVE-2024-0809: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-10-31

As usual, our ongoing internal security work was responsible for a wide range of fixes:

    [1520680] Various fixes from internal audits, fuzzing and other initiatives
Comment 1 Larry the Git Cow gentoo-dev 2024-01-27 07:34:14 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=854bb6e5e3268bdfbfc94fbdfdfe234afbcbe16c

commit 854bb6e5e3268bdfbfc94fbdfdfe234afbcbe16c
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2023-12-09 00:45:06 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-27 07:31:57 +0000

    www-client/chromium: add 121.0.6167.85
    
    This update includes a number of changes:
    
    - Rust is now a mandatory part of the build
    - The start of an implementation that enables the use of the bundled
      toolchain. It likely requires aditional work before it is useful.
    - Libxml dependency updated to >= 2.12.0
    - Dropped legacy gcc fixes
    
    Bug: https://bugs.gentoo.org/922903
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                      |    3 +
 www-client/chromium/chromium-121.0.6167.85.ebuild | 1342 +++++++++++++++++++++
 www-client/chromium/metadata.xml                  |    1 +
 3 files changed, 1346 insertions(+)
Comment 2 François Valenduc 2024-01-27 09:58:49 UTC
What about unmasking the profiler use flag of rust which is needed to build this version ?
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-27 10:11:26 UTC
(In reply to François Valenduc from comment #2)
> What about unmasking the profiler use flag of rust which is needed to build
> this version ?

We already did:

commit 84db944af3d5e48473c5b59b25fd9b14fe6d2cba
Author: Matt Jolly <Matt.Jolly@footclan.ninja>
Date:   Sat Jan 27 18:18:46 2024 +1000

    profiles/base: unmask dev-lang/rust[profiler] for stable

    The profiler is required to build chromium >=121.

    With the initial justification for masking the USE being
    somewhat flimsy, in the absence of rust maintainers to
    tell us otherwise we'll unmask it for stable
    and deal with any consequences.

    Bug: https://bugs.gentoo.org/922982
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Closes: https://github.com/gentoo/gentoo/pull/35039
    Signed-off-by: Sam James <sam@gentoo.org>

Please file new bugs for issues though.
Comment 4 Larry the Git Cow gentoo-dev 2024-02-19 06:11:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=7a125f7a086a739d056063da56386fef4fe01284

commit 7a125f7a086a739d056063da56386fef4fe01284
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-02-19 05:58:06 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-02-19 06:10:22 +0000

    [ GLSA 202402-23 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/922062
    Bug: https://bugs.gentoo.org/922340
    Bug: https://bugs.gentoo.org/922903
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202402-23.xml | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 84 insertions(+)