Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 691098 (CVE-2019-5850, CVE-2019-5851, CVE-2019-5852, CVE-2019-5853, CVE-2019-5854, CVE-2019-5855, CVE-2019-5856, CVE-2019-5857, CVE-2019-5858, CVE-2019-5859, CVE-2019-5860, CVE-2019-5861, CVE-2019-5862, CVE-2019-5863, CVE-2019-5864, CVE-2019-5865) - <www-client/chromium-76.0.3809.87: multiple vulnerabilities
Summary: <www-client/chromium-76.0.3809.87: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2019-5850, CVE-2019-5851, CVE-2019-5852, CVE-2019-5853, CVE-2019-5854, CVE-2019-5855, CVE-2019-5856, CVE-2019-5857, CVE-2019-5858, CVE-2019-5859, CVE-2019-5860, CVE-2019-5861, CVE-2019-5862, CVE-2019-5863, CVE-2019-5864, CVE-2019-5865
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-31 06:54 UTC by Stephan Hartmann
Modified: 2019-08-15 16:03 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-76.0.3809.87 amd64
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann gentoo-dev 2019-07-31 06:54:58 UTC
See ${URL}

www-client/chromium-76.0.3809.87 was bumped yesterday. If noone complains then I would like to give it 2 more days of testing before stabilization.

Reproducible: Always
Comment 1 Matt Turner gentoo-dev 2019-08-02 16:40:25 UTC
amd64 stable
Comment 2 Larry the Git Cow gentoo-dev 2019-08-02 20:42:37 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=428b14974c57a82ac01c21b8b9ed1bf2bd93b184

commit 428b14974c57a82ac01c21b8b9ed1bf2bd93b184
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2019-08-02 16:52:43 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-08-02 20:42:17 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/691098
    Closes: https://github.com/gentoo/gentoo/pull/12600
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 www-client/chromium/Manifest                       |   1 -
 www-client/chromium/chromium-75.0.3770.142.ebuild  | 708 ---------------------
 .../chromium/files/chromium-75-fix-gn-gen.patch    |  27 -
 .../chromium/files/chromium-75-gcc-angle-fix.patch |  20 -
 www-client/chromium/files/chromium-75-llvm8.patch  |  17 -
 .../chromium/files/chromium-75-noexcept.patch      | 101 ---
 .../files/chromium-75-post-task-crash.patch        |  52 --
 .../chromium/files/chromium-75-unique_ptr.patch    |  31 -
 .../chromium/files/chromium-compiler-r9.patch      | 196 ------
 9 files changed, 1153 deletions(-)
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2019-08-15 16:03:48 UTC
This issue was resolved and addressed in
 GLSA 201908-18 at https://security.gentoo.org/glsa/201908-18
by GLSA coordinator Aaron Bauman (b-man).