Bug 930994 (CVE-2024-4331, CVE-2024-4368)

Summary:	<www-client/chromium-124.0.6367.118 <www-client/google-chrome-124.0.6367.118, <www-client/microsoft-edge-124.0.2478.80, <www-client/opera-110.0.5130.35: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	Matt Jolly <kangie>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	chromium, kangie
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html
Whiteboard:	A2 [glsa+]
Package list:		Runtime testing required:	---
Bug Depends on:	931008
Bug Blocks:

Description Matt Jolly gentoo-dev

2024-05-01 02:10:45 UTC

The Stable channel has been updated to 124.0.6367.118 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

This update includes 2 security fixes.

[$3000][335003891] High CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-04-16

[TBD][333508731] High CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09

Comment 1 Larry the Git Cow gentoo-dev

2024-05-01 06:38:14 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b713f450c90088dbe4cfb26716c445b70c187d8

commit 0b713f450c90088dbe4cfb26716c445b70c187d8
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-05-01 02:33:03 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-05-01 06:38:05 +0000

    www-client/chromium: add 124.0.6367.118
    
    Bug: https://bugs.gentoo.org/930994
    Closes: https://bugs.gentoo.org/930854
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/chromium/Manifest                       |    2 +
 www-client/chromium/chromium-124.0.6367.118.ebuild | 1437 ++++++++++++++++++++
 2 files changed, 1439 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e66d0505071fdb07078b0628cdd151c93116fcaa

commit e66d0505071fdb07078b0628cdd151c93116fcaa
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-05-01 02:11:23 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-05-01 06:38:01 +0000

    www-client/google-chrome: automated update (124.0.6367.118)
    
    Bug: https://bugs.gentoo.org/930994
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/google-chrome/Manifest                                       | 2 +-
 ...-chrome-124.0.6367.78.ebuild => google-chrome-124.0.6367.118.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)

Comment 2 Larry the Git Cow gentoo-dev

2024-12-07 10:13:46 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=309ab763e094d02598a970a50a7f0836699fd887

commit 309ab763e094d02598a970a50a7f0836699fd887
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-12-07 10:13:10 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-12-07 10:13:37 +0000

    [ GLSA 202412-05 ] Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/924450
    Bug: https://bugs.gentoo.org/925161
    Bug: https://bugs.gentoo.org/925666
    Bug: https://bugs.gentoo.org/926230
    Bug: https://bugs.gentoo.org/926869
    Bug: https://bugs.gentoo.org/927312
    Bug: https://bugs.gentoo.org/927928
    Bug: https://bugs.gentoo.org/928462
    Bug: https://bugs.gentoo.org/929112
    Bug: https://bugs.gentoo.org/930124
    Bug: https://bugs.gentoo.org/930647
    Bug: https://bugs.gentoo.org/930994
    Bug: https://bugs.gentoo.org/931548
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202412-05.xml | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 121 insertions(+)