Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 923370 (CVE-2024-1059, CVE-2024-1060, CVE-2024-1077)

Summary: <www-client/chromium-121.0.6167.139 <www-client/google-chrome-121.0.6167.139 www-client/microsoft-edge: Multiple vulnerabilities
Product: Gentoo Security Reporter: Matt Jolly <kangie>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: ajak, chromium
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html
See Also: https://github.com/gentoo/gentoo/pull/35111
https://github.com/gentoo/gentoo/pull/35199
Whiteboard: A2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 923438, 927746    
Bug Blocks:    

Description Matt Jolly gentoo-dev 2024-01-31 06:48:01 UTC
The Stable channel has been updated to 121.0.6167.139 for Mac and Linux and 121.0.6167.139/140 to Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the log.

[$5000][1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14
[$3000][1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29
[N/A][1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13
Comment 1 Larry the Git Cow gentoo-dev 2024-01-31 09:42:29 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c534f7c02676ff0c1fa09cc2ded67086433da5b

commit 9c534f7c02676ff0c1fa09cc2ded67086433da5b
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2024-01-31 04:49:07 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-31 09:41:22 +0000

    www-client/google-chrome: automated update (121.0.6167.139)
    
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/google-chrome/Manifest                                       | 2 +-
 ...-chrome-121.0.6167.85.ebuild => google-chrome-121.0.6167.139.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a5cbf7bd7a2f58ec7e0c83901872e32bdbef7e9

commit 7a5cbf7bd7a2f58ec7e0c83901872e32bdbef7e9
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2024-01-30 11:13:59 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-31 09:41:21 +0000

    www-client/chromium: add 121.0.6167.139
    
    This ebuild adds support for building with a reduced patchset,
    using the Google toolchain. It's not going to be nearly as flexible
    as using the system toolchain, but will help to future-proof us against
    the use of prerelease clang or rust features in a stable ebuild.
    
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                       |    5 +
 www-client/chromium/chromium-121.0.6167.139.ebuild | 1367 ++++++++++++++++++++
 .../chromium/files/chromium-119-minizip-cast.patch |   23 +
 3 files changed, 1395 insertions(+)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2024-02-03 20:31:51 UTC
Still waiting on Edge, fixed version seems to be 121.0.2277.98.
Comment 3 Larry the Git Cow gentoo-dev 2024-02-06 03:26:57 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ffe70d93abab6b76f6a66ab104d842e14c394eaa

commit ffe70d93abab6b76f6a66ab104d842e14c394eaa
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2024-02-06 00:42:12 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-02-06 03:24:56 +0000

    www-client/microsoft-edge: automated bump (121.0.2277.106)
    
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/microsoft-edge/Manifest                 |   1 +
 .../microsoft-edge-121.0.2277.106.ebuild           | 127 +++++++++++++++++++++
 2 files changed, 128 insertions(+)
Comment 4 Larry the Git Cow gentoo-dev 2024-02-14 13:11:58 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=740dc4866007470583ed2d85ce5153ba32f0f7b1

commit 740dc4866007470583ed2d85ce5153ba32f0f7b1
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-02-14 13:09:20 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-02-14 13:10:42 +0000

    www-client/opera: automated bump (107.0.5045.21)
    
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/opera/Manifest                   |   1 +
 www-client/opera/opera-107.0.5045.21.ebuild | 170 ++++++++++++++++++++++++++++
 2 files changed, 171 insertions(+)
Comment 5 Larry the Git Cow gentoo-dev 2024-02-19 06:10:58 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=7a125f7a086a739d056063da56386fef4fe01284

commit 7a125f7a086a739d056063da56386fef4fe01284
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-02-19 05:58:06 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-02-19 06:10:22 +0000

    [ GLSA 202402-23 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/922062
    Bug: https://bugs.gentoo.org/922340
    Bug: https://bugs.gentoo.org/922903
    Bug: https://bugs.gentoo.org/923370
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202402-23.xml | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 84 insertions(+)