Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 930647 (CVE-2024-4058, CVE-2024-4059, CVE-2024-4060) - <www-client/chromium-124.0.6367.78 <www-client/google-chrome-124.0.6367.78 www-client/microsoft-edge, www-client/opera: multiple vulnerabilities
Summary: <www-client/chromium-124.0.6367.78 <www-client/google-chrome-124.0.6367.78 ww...
Alias: CVE-2024-4058, CVE-2024-4059, CVE-2024-4060
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A2 [stable]
Depends on: 930648
  Show dependency tree
Reported: 2024-04-25 02:01 UTC by Matt Jolly
Modified: 2024-04-25 06:31 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Matt Jolly gentoo-dev 2024-04-25 02:01:50 UTC
The Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$16000][332546345] Critical CVE-2024-4058: Type Confusion in ANGLE. Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure on 2024-04-02

[TBD][333182464] High CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik on 2024-04-08

[TBD][333420620] High CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09
Comment 1 Larry the Git Cow gentoo-dev 2024-04-25 06:30:58 UTC
The bug has been referenced in the following commit(s):

commit 929bf6282e44a7230406053927ad2b381c1bf7fd
Author:     Matt Jolly <>
AuthorDate: 2024-04-24 05:46:34 +0000
Commit:     Matt Jolly <>
CommitDate: 2024-04-25 06:28:33 +0000

    www-client/chromium: add 124.0.6367.78
    add ppc64 keyword; up disk space checks.
    Signed-off-by: Matt Jolly <>

 www-client/chromium/Manifest                          |  6 ++----
 ....6312.122.ebuild => chromium-124.0.6367.78.ebuild} | 19 ++++++++-----------
 2 files changed, 10 insertions(+), 15 deletions(-)

commit 297cdf4f0a19ae3758c3430a63984be62beb616a
Author:     Matt Jolly <>
AuthorDate: 2024-04-24 05:24:29 +0000
Commit:     Matt Jolly <>
CommitDate: 2024-04-25 06:28:31 +0000

    www-client/google-chrome: automated update (124.0.6367.78)
    Signed-off-by: Matt Jolly <>

 www-client/google-chrome/Manifest                                       | 2 +-
 ...e-chrome-124.0.6367.60.ebuild => google-chrome-124.0.6367.78.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)