Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 710760 (CVE-2020-6407, CVE-2020-6418) - <www-client/{chromium,google-chrome}-80.0.3987.122: multiple vulnerabilities (CVE-2020-{6407,6418})
Summary: <www-client/{chromium,google-chrome}-80.0.3987.122: multiple vulnerabilities ...
Status: RESOLVED FIXED
Alias: CVE-2020-6407, CVE-2020-6418
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+ cve]
Keywords:
: 710776 (view as bug list)
Depends on: CVE-2020-10531
Blocks:
  Show dependency tree
 
Reported: 2020-02-25 07:38 UTC by Stephan Hartmann
Modified: 2020-03-13 03:19 UTC (History)
3 users (show)

See Also:
Package list:
www-client/chromium-80.0.3987.122
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann gentoo-dev 2020-02-25 07:38:59 UTC
See ${URL}

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2020-02-25 15:22:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0f3c3a9f2c158caaf710a4b581c0a0835fe3e8e

commit c0f3c3a9f2c158caaf710a4b581c0a0835fe3e8e
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2020-02-25 11:33:39 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2020-02-25 15:21:47 +0000

    www-client/chromium: stable channel bump to 80.0.3987.122
    
    Bug: https://bugs.gentoo.org/710760
    Package-Manager: Portage-2.3.84, Repoman-2.3.20
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>
    Closes: https://github.com/gentoo/gentoo/pull/14772

 www-client/chromium/Manifest                                            | 2 +-
 .../{chromium-80.0.3987.116.ebuild => chromium-80.0.3987.122.ebuild}    | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
Comment 2 Joonas Niilola gentoo-dev 2020-02-26 06:31:48 UTC
*** Bug 710776 has been marked as a duplicate of this bug. ***
Comment 3 Joonas Niilola gentoo-dev 2020-02-26 06:35:17 UTC
Doesn't this affect google-chrome as well?
Current package in tree: 80.0.3987.116
Comment 4 Ian Kumlien 2020-02-27 14:14:59 UTC
Yes, it affects google chrome, and my google-chrome bug was merged with this one.

So #710776 isn't solved and shouldn't have been merged with this one...
Comment 5 Agostino Sarubbo gentoo-dev 2020-02-27 15:09:27 UTC
amd64 stable.

Maintainer(s), please cleanup.
Comment 6 Larry the Git Cow gentoo-dev 2020-02-28 19:41:09 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53214591636f7e86b5c45c2387ac7413826ea454

commit 53214591636f7e86b5c45c2387ac7413826ea454
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2020-02-27 18:04:27 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2020-02-28 19:40:45 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/710760
    Package-Manager: Portage-2.3.84, Repoman-2.3.20
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>
    Closes: https://github.com/gentoo/gentoo/pull/14792

 www-client/chromium/Manifest                      |   1 -
 www-client/chromium/chromium-80.0.3987.100.ebuild | 738 ----------------------
 2 files changed, 739 deletions(-)
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2020-03-01 17:55:22 UTC
CVE-2020-6418 (https://nvd.nist.gov/vuln/detail/CVE-2020-6418):
  Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a
  remote attacker to potentially exploit heap corruption via a crafted HTML
  page.

CVE-2020-6407 (https://nvd.nist.gov/vuln/detail/CVE-2020-6407):
  Out of bounds memory access in streams in Google Chrome prior to
  80.0.3987.122 allowed a remote attacker to potentially exploit heap
  corruption via a crafted HTML page.
Comment 8 Thomas Deutschmann gentoo-dev Security 2020-03-01 17:56:04 UTC
New GLSA request filed.

Repository is clean.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2020-03-13 03:19:24 UTC
This issue was resolved and addressed in
 GLSA 202003-08 at https://security.gentoo.org/glsa/202003-08
by GLSA coordinator Thomas Deutschmann (whissi).