Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 689944 (CVE-2019-5847, CVE-2019-5848) - <www-client/chromium-75.0.3770.142: multiple vulnerabilities
Summary: <www-client/chromium-75.0.3770.142: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2019-5847, CVE-2019-5848
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-16 06:19 UTC by Stephan Hartmann
Modified: 2019-08-15 16:03 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-75.0.3770.142
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann 2019-07-16 06:19:57 UTC
See ${URL}

I try to prepare a PR today.

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2019-07-16 15:07:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5aaf9c1bfd391a6e7bb3ddd2d43b5a94c445873c

commit 5aaf9c1bfd391a6e7bb3ddd2d43b5a94c445873c
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2019-07-16 12:40:39 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-07-16 15:07:02 +0000

    www-client/chromium: stable channel bump to 75.0.3770.142
    
    Bug: https://bugs.gentoo.org/689944
    Closes: https://github.com/gentoo/gentoo/pull/12456
    Package-Manager: Portage-2.3.66, Repoman-2.3.11
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 www-client/chromium/Manifest                                            | 2 +-
 .../{chromium-75.0.3770.100-r1.ebuild => chromium-75.0.3770.142.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
Comment 2 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-07-17 10:20:53 UTC
amd64 stable
Comment 3 Larry the Git Cow gentoo-dev 2019-07-17 14:39:44 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b0860b09b2c5c83f52b4308e389521706ec0c19

commit 7b0860b09b2c5c83f52b4308e389521706ec0c19
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2019-07-17 10:45:21 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-07-17 14:39:16 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/689944
    Closes: https://github.com/gentoo/gentoo/pull/12460
    Package-Manager: Portage-2.3.66, Repoman-2.3.11
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 www-client/chromium/Manifest                     |   1 -
 www-client/chromium/chromium-75.0.3770.90.ebuild | 706 -----------------------
 www-client/chromium/files/chromium-75-lss.patch  |  63 --
 3 files changed, 770 deletions(-)
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2019-08-15 16:03:40 UTC
This issue was resolved and addressed in
 GLSA 201908-18 at https://security.gentoo.org/glsa/201908-18
by GLSA coordinator Aaron Bauman (b-man).