Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 634664 (CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133) - <www-client/chromium-62.0.3202.62 <www-client/google-chrome-62.0.3202.62 multiple vulnerabilities
Summary: <www-client/chromium-62.0.3202.62 <www-client/google-chrome-62.0.3202.62 mult...
Status: RESOLVED FIXED
Alias: CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-18 17:36 UTC by Mike Gilbert
Modified: 2017-10-23 01:11 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-62.0.3202.62
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2017-10-18 17:36:56 UTC 
This update includes 35 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$7500+$1337][762930] High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07
[$5000][749147] High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26
[$3000][760455] High CVE-2017-5126: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-08-30
[$3000][765384] High CVE-2017-5127: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-09-14
[$3000][765469] High CVE-2017-5128: Heap overflow in WebGL. Reported by Omair on 2017-09-14
[$3000][765495] High CVE-2017-5129: Use after free in WebAudio. Reported by Omair on 2017-09-15
[$3000][718858] High CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by Gaurav Dewan (@007gauravdewan) of Adobe Systems India Pvt. Ltd. on 2017-05-05
[$N/A][722079] High CVE-2017-5130: Heap overflow in libxml2. Reported by Pranjal Jumde (@pjumde) on 2017-05-14
[$5000][744109] Medium CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous on 2017-07-16
[$2000][762106] Medium CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar Nikolic of Cisco Talos on 2017-09-05
[$1000][752003] Medium CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-03
[$1000][756040] Medium CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu (@shhnjk) on 2017-08-16
[$1000][756563] Medium CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-08-17
[$500][739621] Medium CVE-2017-15389: URL spoofing in OmniBox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-07-06
[$500][750239] Medium CVE-2017-15390: URL spoofing in OmniBox. Reported by Haosheng Wang (@gnehsoah) on 2017-07-28
[$500][598265] Low CVE-2017-15391: Extension limitation bypass in Extensions. Reported by João Lucas Melo Brasio (whitehathackers.com.br) on 2016-03-28
[$N/A][714401] Low CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. Reported by Xiaoyin Liu (@general_nfs) on 2017-04-22
[$N/A][732751] Low CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin on 2017-06-13
[$N/A][745580] Low CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam @sudosammy on 2017-07-18
[$N/A][759457] Low CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by Johannes Bergman (johberlvi@) on 2017-08-28
Comment 1 Stabilization helper bot gentoo-dev 2017-10-18 18:00:41 UTC 
An automated check of this bug failed - the following atom is unknown:

www-client/chromium-62.0.3202.62

Please verify the atom list.
Comment 2 Stabilization helper bot gentoo-dev 2017-10-18 19:00:31 UTC 
An automated check of this bug failed - the following atom is unknown:

www-client/chromium-62.0.3202.62

Please verify the atom list.
Comment 3 Stabilization helper bot gentoo-dev 2017-10-18 23:00:31 UTC 
An automated check of this bug failed - the following atom is unknown:

www-client/chromium-62.0.3202.62

Please verify the atom list.
Comment 4 Mike Gilbert gentoo-dev 2017-10-19 15:52:01 UTC 
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9cd550632fe63c4a85f7e663266d45ae3370f268

commit 9cd550632fe63c4a85f7e663266d45ae3370f268
Author: Mike Gilbert <floppym@gentoo.org>
Date:   Thu Oct 19 11:50:10 2017 -0400

    www-client/chromium: depend on >=dev-libs/libxml2-2.9.4-r3

    This version includes backported patches that provide the necessary
    XML_PARSE_NOXXE and XML_PARSE_NOXXE macros.

    Package-Manager: Portage-2.3.11_p4, Repoman-2.3.3_p62

 www-client/chromium/chromium-62.0.3202.62.ebuild | 2 +-
 www-client/chromium/chromium-63.0.3230.0.ebuild  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
Comment 5 Agostino Sarubbo gentoo-dev 2017-10-20 13:01:55 UTC 
amd64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2017-10-23 01:11:45 UTC 
This issue was resolved and addressed in
 GLSA 201710-24 at https://security.gentoo.org/glsa/201710-24
by GLSA coordinator Aaron Bauman (b-man).