Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 677066 (CVE-2019-5754, CVE-2019-5755, CVE-2019-5756, CVE-2019-5757, CVE-2019-5758, CVE-2019-5759, CVE-2019-5760, CVE-2019-5761, CVE-2019-5762, CVE-2019-5763, CVE-2019-5764, CVE-2019-5765, CVE-2019-5766, CVE-2019-5767, CVE-2019-5768, CVE-2019-5769, CVE-2019-5770, CVE-2019-5771, CVE-2019-5772, CVE-2019-5773, CVE-2019-5774, CVE-2019-5775, CVE-2019-5776, CVE-2019-5777, CVE-2019-5778, CVE-2019-5779, CVE-2019-5780, CVE-2019-5781, CVE-2019-5782, CVE-2019-5783, CVE-2019-5784, CVE-2019-5785) - <www-client/chromium-72.0.3626.96 - multiple vulnerabilities
Summary: <www-client/chromium-72.0.3626.96 - multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2019-5754, CVE-2019-5755, CVE-2019-5756, CVE-2019-5757, CVE-2019-5758, CVE-2019-5759, CVE-2019-5760, CVE-2019-5761, CVE-2019-5762, CVE-2019-5763, CVE-2019-5764, CVE-2019-5765, CVE-2019-5766, CVE-2019-5767, CVE-2019-5768, CVE-2019-5769, CVE-2019-5770, CVE-2019-5771, CVE-2019-5772, CVE-2019-5773, CVE-2019-5774, CVE-2019-5775, CVE-2019-5776, CVE-2019-5777, CVE-2019-5778, CVE-2019-5779, CVE-2019-5780, CVE-2019-5781, CVE-2019-5782, CVE-2019-5783, CVE-2019-5784, CVE-2019-5785
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-02-01 18:42 UTC by Ulenrich
Modified: 2020-06-04 03:26 UTC (History)
2 users (show)

See Also:
Package list:
www-client/chromium-72.0.3626.96
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ulenrich 2019-02-01 18:42:06 UTC
google-72.0.3626.81 update seems to solve a number of security related issues, see:

https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html
Comment 1 Stephan Hartmann (RETIRED) gentoo-dev 2019-02-07 15:41:38 UTC
Copy from chromium-72.0.3626.28-r1.ebuild works, however chromium-webrtc-includes.patch needs small update:

--- a/chromium-webrtc-includes.patch	2018-12-25 22:49:12.000000000 -0000
+++ b/chromium-webrtc-includes.patch	2019-02-07 14:23:43.790542446 -0000
@@ -11793,7 +11793,7 @@
 index e7c5c77..2002230 100644
 --- a/pc/webrtcsdp_unittest.cc
 +++ b/pc/webrtcsdp_unittest.cc
-@@ -8,23 +8,37 @@
+@@ -8,25 +8,38 @@
   *  be found in the AUTHORS file in the root of the source tree.
   */
  
@@ -11831,7 +11831,8 @@
 +#include "rtc_base/sslfingerprint.h"
  #include "rtc_base/stringencode.h"
  #include "rtc_base/stringutils.h"
-+#include "test/gtest.h"
+ #include "test/gmock.h"
+ #include "test/gtest.h"
  
  #ifdef WEBRTC_ANDROID
  #include "pc/test/androidtestinitializer.h"
Comment 2 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-02-10 07:28:20 UTC
amd64 stable
Comment 3 Stephan Hartmann (RETIRED) gentoo-dev 2019-02-10 16:24:56 UTC
@floopym: You deleted chromium-72.72.0.3626.96 too ...
Comment 4 Mike Gilbert gentoo-dev 2019-02-10 18:19:40 UTC
(In reply to Stephan Hartmann from comment #3)

Oops! Thanks for pointing that out.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2019-03-28 02:23:33 UTC
This issue was resolved and addressed in
 GLSA 201903-23 at https://security.gentoo.org/glsa/201903-23
by GLSA coordinator Aaron Bauman (b-man).