Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 724008 (CVE-2020-6465, CVE-2020-6466, CVE-2020-6467, CVE-2020-6468, CVE-2020-6469, CVE-2020-6470, CVE-2020-6471, CVE-2020-6472, CVE-2020-6473, CVE-2020-6474, CVE-2020-6475, CVE-2020-6476, CVE-2020-6477, CVE-2020-6478, CVE-2020-6479, CVE-2020-6480, CVE-2020-6481, CVE-2020-6482, CVE-2020-6483, CVE-2020-6484, CVE-2020-6485, CVE-2020-6486, CVE-2020-6487, CVE-2020-6488, CVE-2020-6489, CVE-2020-6490, CVE-2020-6491) - <www-client/{chromium,google-chrome}-83.0.4103.61: Multiple vulnerabilities (CVE-2020-{6465,6466,6467,6468,6469,6470,6471,6472,6473,6474,6475,6476,6477,6478,6479,6480,6481,6482,6483,6484,6485,6486,6487,6488,6489,6490,6491})
Summary: <www-client/{chromium,google-chrome}-83.0.4103.61: Multiple vulnerabilities (...
Status: RESOLVED FIXED
Alias: CVE-2020-6465, CVE-2020-6466, CVE-2020-6467, CVE-2020-6468, CVE-2020-6469, CVE-2020-6470, CVE-2020-6471, CVE-2020-6472, CVE-2020-6473, CVE-2020-6474, CVE-2020-6475, CVE-2020-6476, CVE-2020-6477, CVE-2020-6478, CVE-2020-6479, CVE-2020-6480, CVE-2020-6481, CVE-2020-6482, CVE-2020-6483, CVE-2020-6484, CVE-2020-6485, CVE-2020-6486, CVE-2020-6487, CVE-2020-6488, CVE-2020-6489, CVE-2020-6490, CVE-2020-6491
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on: icu-67.1-stable 723954
Blocks:
  Show dependency tree
 
Reported: 2020-05-19 18:39 UTC by Stephan Hartmann (RETIRED)
Modified: 2020-06-13 01:02 UTC (History)
1 user (show)

See Also:
Package list:
www-client/chromium-83.0.4103.61 dev-util/gn-0.1726
Runtime testing required: ---
nattka: sanity-check-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann (RETIRED) gentoo-dev 2020-05-19 18:39:02 UTC
See ${URL}.

www-client/{chromium,google-chrome}-83.0.4103.61 are already in the tree.
Comment 1 NATTkA bot gentoo-dev 2020-05-19 19:28:36 UTC
Unable to check for sanity:

> dependent bug #723954 is missing keywords
Comment 2 NATTkA bot gentoo-dev 2020-05-19 19:32:35 UTC
Sanity check failed:

> www-client/chromium-83.0.4103.61
>   bdepend amd64 stable profile default/linux/amd64/17.0 (28 total)
>     >=dev-util/gn-0.1726
>   bdepend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (1 total)
>     >=dev-util/gn-0.1726
Comment 3 NATTkA bot gentoo-dev 2020-05-19 19:40:40 UTC
All sanity-check issues have been resolved
Comment 4 Agostino Sarubbo gentoo-dev 2020-05-24 07:33:01 UTC
amd64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 5 Larry the Git Cow gentoo-dev 2020-05-30 00:19:34 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a984f74a72b698232dd18f11edb3047b79cd7b42

commit a984f74a72b698232dd18f11edb3047b79cd7b42
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2020-05-30 00:19:04 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2020-05-30 00:19:04 +0000

    www-client/chromium: remove old
    
    Bug: https://bugs.gentoo.org/724008
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 www-client/chromium/Manifest                       |   1 -
 www-client/chromium/chromium-81.0.4044.138.ebuild  | 764 ---------------------
 .../chromium/files/chromium-80-gcc-blink.patch     |  45 --
 www-client/chromium/files/chromium-81-gcc-10.patch | 116 ----
 .../chromium/files/chromium-81-gcc-constexpr.patch |  19 -
 .../chromium/files/chromium-81-gcc-noexcept.patch  |  13 -
 www-client/chromium/files/chromium-81-icu67.patch  | 162 -----
 .../chromium/files/chromium-compiler-r11.patch     | 185 -----
 8 files changed, 1305 deletions(-)
Comment 6 NATTkA bot gentoo-dev 2020-06-07 17:20:38 UTC
Unable to check for sanity:

> no match for package: www-client/chromium-83.0.4103.61
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2020-06-13 01:02:43 UTC
This issue was resolved and addressed in
 GLSA 202006-02 at https://security.gentoo.org/glsa/202006-02
by GLSA coordinator Aaron Bauman (b-man).