Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 649800 (CVE-2018-6057, CVE-2018-6058, CVE-2018-6059, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083) - <www-client/chromium-65.0.3325.146 - multiple vulnerabilities
Summary: <www-client/chromium-65.0.3325.146 - multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-6057, CVE-2018-6058, CVE-2018-6059, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-06 22:22 UTC by Mike Gilbert
Modified: 2018-03-13 21:05 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-65.0.3325.146
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2018-03-06 22:22:36 UTC 
This update includes 45 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$5000][758848] High CVE-2018-6058: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25
[$5000][758863] High CVE-2018-6059: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25
[$3000][780919] High CVE-2018-6060: Use after free in Blink. Reported by Omair on 2017-11-02
[$3000][794091] High CVE-2018-6061: Race condition in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-12-12
[$1000][780104] High CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous on 2017-10-31
[$N/A][789959] High CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-11-30
[$N/A][792900] High CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-12-07
[$N/A][798644] High CVE-2018-6064: Type confusion in V8. Reported by lokihardt of Google Project Zero on 2018-01-03
[$N/A][808192] High CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand of Google Project Zero on 2018-02-01
[$4000][799477] Medium CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa on 2018-01-05
[$2000][779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30
[$2000][798933] Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. Reported by Luan Herrera on 2018-01-04
[$1500][799918] Medium CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu & Yangkang(@dnpushme) of Qihoo360 Qex Team on 2018-01-08
[$1000][668645] Medium CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu on 2016-11-25
[$1000][777318] Medium CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous on 2017-10-23
[$1000][791048] Medium CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen of OUSPG on 2017-12-01
[$1000][804118] Medium CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair on 2018-01-20
[$1000][809759] Medium CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi (@qab) on 2018-02-06
[$500][608669] Medium CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti De Ceukelaire (intigriti.com) on 2016-05-03
[$500][758523] Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. Reported by Mateusz Krzeszowiec on 2017-08-24
[$500][778506] Medium CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani on 2017-10-26
[$500][793628] Medium CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani on 2017-12-10
[$TBD][788448] Medium CVE-2018-6079: Information disclosure via texture data in WebGL. Reported by Ivars Atteka on 2017-11-24
[$N/A][792028] Medium CVE-2018-6080: Information disclosure in IPC call. Reported by Gal Beniamini of Google Project Zero on 2017-12-05
[$1000][797525] Low CVE-2018-6081: XSS in interstitials. Reported by Rob Wu on 2017-12-24
[$N/A][767354] Low CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-09-21
[$N/A][771709] Low CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04
Comment 1 Agostino Sarubbo gentoo-dev 2018-03-09 13:48:43 UTC 
I got the same issue reported in bug 646658
Comment 2 Mike Gilbert gentoo-dev 2018-03-09 14:15:38 UTC 
No, in this case the ebuild intentionally forces clang.
Comment 3 Mike Gilbert gentoo-dev 2018-03-09 20:42:13 UTC 
Oh, I see. The ffmpeg build fails. I'll take a look.
Comment 4 Mike Gilbert gentoo-dev 2018-03-09 21:03:45 UTC 
Should be fixed now.
Comment 5 Agostino Sarubbo gentoo-dev 2018-03-10 18:25:26 UTC 
amd64 stable.

Maintainer(s), please cleanup.
Comment 6 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-03-10 18:56:35 UTC 
New GLSA Request filed.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2018-03-13 21:05:28 UTC 
This issue was resolved and addressed in
 GLSA 201803-05 at https://security.gentoo.org/glsa/201803-05
by GLSA coordinator Christopher Diaz Riveros (chrisadr).