[1366813] High CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. on 2022-09-22 [1366399] High CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek on 2022-09-21
Still waiting on Edge, I guess?
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1e8098ff475a9a3db44bf6f5d659ea97784f3deb commit 1e8098ff475a9a3db44bf6f5d659ea97784f3deb Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-10-09 16:51:43 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-10-09 16:51:50 +0000 www-client/chromium: drop 106.0.5249.61, 106.0.5249.91 Bug: https://bugs.gentoo.org/873817 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 2 - www-client/chromium/chromium-106.0.5249.61.ebuild | 1189 --------------------- www-client/chromium/chromium-106.0.5249.91.ebuild | 1189 --------------------- 3 files changed, 2380 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=dfce1d922a94358986e3eff8611ec64f6ed883e9 commit dfce1d922a94358986e3eff8611ec64f6ed883e9 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 01:11:15 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:40:15 +0000 [ GLSA 202210-16 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/873217 Bug: https://bugs.gentoo.org/873817 Bug: https://bugs.gentoo.org/874855 Bug: https://bugs.gentoo.org/876855 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-16.xml | 106 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+)
GLSA released, all done!