[1299422] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21 [1301320] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28 [1297498] High CVE-2022-0973: Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15 [1291986] High CVE-2022-0974 : Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28 [1295411] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09 [1296866] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13 [1299225] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20 [1299264] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-20 [1302644] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03 [1302157] Medium CVE-2022-0980: Use after free in New Tab Page. Reported by Krace on 2022-03-02
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64b95dbfc502d2140dd35f950118f61528709142 commit 64b95dbfc502d2140dd35f950118f61528709142 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-03-16 14:06:54 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-03-16 14:08:46 +0000 www-client/chromium: stable channel bump to 99.0.4844.74 Bug: https://bugs.gentoo.org/835397 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-99.0.4844.74.ebuild | 1013 ++++++++++++++++++++++ 2 files changed, 1014 insertions(+)
Additional CVE for www-client/microsoft-edge only: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899
Please cleanup, thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=471f34b0c257f3de9c769920b62b5f2861cad5bf commit 471f34b0c257f3de9c769920b62b5f2861cad5bf Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-03-18 18:28:26 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-03-18 18:28:48 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/835397 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 - www-client/chromium/chromium-99.0.4844.51.ebuild | 1013 ---------------------- 2 files changed, 1014 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ceb39717d29853f0d71b17608cd2e0324f48425b commit ceb39717d29853f0d71b17608cd2e0324f48425b Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-03-27 07:48:24 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-03-27 07:48:24 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/835397 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 1 - www-client/chromium/chromium-99.0.4844.74.ebuild | 1013 ---------------------- 2 files changed, 1014 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 14:29:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-14 14:33:57 +0000 [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/773040 Bug: https://bugs.gentoo.org/787950 Bug: https://bugs.gentoo.org/800181 Bug: https://bugs.gentoo.org/810781 Bug: https://bugs.gentoo.org/815397 Bug: https://bugs.gentoo.org/828519 Bug: https://bugs.gentoo.org/829161 Bug: https://bugs.gentoo.org/834477 Bug: https://bugs.gentoo.org/835397 Bug: https://bugs.gentoo.org/835761 Bug: https://bugs.gentoo.org/836011 Bug: https://bugs.gentoo.org/836381 Bug: https://bugs.gentoo.org/836777 Bug: https://bugs.gentoo.org/836830 Bug: https://bugs.gentoo.org/837497 Bug: https://bugs.gentoo.org/838049 Bug: https://bugs.gentoo.org/838433 Bug: https://bugs.gentoo.org/838682 Bug: https://bugs.gentoo.org/841371 Bug: https://bugs.gentoo.org/843035 Bug: https://bugs.gentoo.org/843728 Bug: https://bugs.gentoo.org/847370 Bug: https://bugs.gentoo.org/847613 Bug: https://bugs.gentoo.org/848864 Bug: https://bugs.gentoo.org/851003 Bug: https://bugs.gentoo.org/851009 Bug: https://bugs.gentoo.org/853229 Bug: https://bugs.gentoo.org/853643 Bug: https://bugs.gentoo.org/854372 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 284 insertions(+)
GLSA done, all done.
