Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 942503 (CVE-2024-10487, CVE-2024-10488)

Summary: <www-client/chromium-130.0.6723.91, <www-client/google-chrome-130.0.6723.91, <www-client/microsoft-edge-130.0.2849.68, <www-client/opera-115.0.5322.77: multiple vulnerabilities
Product: Gentoo Security Reporter: Matt Jolly <kangie>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: chromium, kangie
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html
Whiteboard: A2 [stable?]
Package list:
Runtime testing required: ---

Description Matt Jolly gentoo-dev 2024-10-30 06:54:05 UTC 
The Stable channel has been updated to 130.0.6723.91 for Linux.

This update includes 2 security fixes.

[TBD][375123371] Critical CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture (SEAR) on 2024-10-23

[TBD][374310077] High CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-10-18
Comment 1 Larry the Git Cow gentoo-dev 2024-10-30 06:54:57 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a0339bde91a70306e9c6c1ce6a668a62f0666a43

commit a0339bde91a70306e9c6c1ce6a668a62f0666a43
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-10-30 06:36:55 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-10-30 06:50:32 +0000

    www-client/google-chrome: automated update (130.0.6723.91)
    
    Bug: https://bugs.gentoo.org/942503
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/google-chrome/Manifest                                       | 2 +-
 ...e-chrome-130.0.6723.69.ebuild => google-chrome-130.0.6723.91.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
Comment 2 Larry the Git Cow gentoo-dev 2024-10-31 08:16:58 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2812e86ce3c13d64120fd9e3cfcb0f06188ab030

commit 2812e86ce3c13d64120fd9e3cfcb0f06188ab030
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-10-31 08:12:49 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-10-31 08:15:21 +0000

    www-client/chromium: add 130.0.6723.91
    
    Bug: https://bugs.gentoo.org/942503
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/chromium/Manifest                      |    2 +
 www-client/chromium/chromium-130.0.6723.91.ebuild | 1482 +++++++++++++++++++++
 2 files changed, 1484 insertions(+)