This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$15000][1410191] High CVE-2023-2929: Out of bounds write in Swiftshader. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-01-25 [$10000][1443401] High CVE-2023-2930: Use after free in Extensions. Reported by asnine on 2023-05-08 [$9000][1444238] High CVE-2023-2931: Use after free in PDF. Reported by Huyna at Viettel Cyber Security on 2023-05-10 [$9000][1444581] High CVE-2023-2932: Use after free in PDF. Reported by Huyna at Viettel Cyber Security on 2023-05-11 [$9000][1445426] High CVE-2023-2933: Use after free in PDF. Reported by Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong on 2023-05-15 [$NA][1429720] High CVE-2023-2934: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero on 2023-04-01 [$NA][1440695] High CVE-2023-2935: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-04-27 [$NA][1443452] High CVE-2023-2936: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-05-08 [$4000][1413813] Medium CVE-2023-2937: Inappropriate implementation in Picture In Picture. Reported by NDevTK on 2023-02-08 [$4000][1416350] Medium CVE-2023-2938: Inappropriate implementation in Picture In Picture. Reported by Alesandro Ortiz on 2023-02-15 [$3000][1427431] Medium CVE-2023-2939: Insufficient data validation in Installer. Reported by ycdxsb from VARAS@IIE on 2023-03-24 [$2000][1426807] Medium CVE-2023-2940: Inappropriate implementation in Downloads. Reported by Axel Chong on 2023-03-22 [$500][1430269] Low CVE-2023-2941: Inappropriate implementation in Extensions API. Reported by Jasper Rebane on 2023-04-04
.. and https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$NA][1450481] High CVE-2023-3079: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-06-01
Interested contributors should read https://marc.info/?l=gentoo-dev&m=168514558017036&w=2.
Edge fixes are in 114.0.1823.37.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f747a372822f32bb299dc401b548db527c9a20f1 commit f747a372822f32bb299dc401b548db527c9a20f1 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-06-07 14:31:31 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-06-10 05:09:01 +0000 www-client/chromium: add 114.0.5735.110 Add myself as a maintainer Bug: https://bugs.gentoo.org/907999 Closes: https://bugs.gentoo.org/906911 Closes: https://bugs.gentoo.org/906962 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/31344 Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 2 + www-client/chromium/chromium-114.0.5735.110.ebuild | 1268 ++++++++++++++++++++ .../chromium/files/chromium-114-compiler.patch | 171 +++ www-client/chromium/files/chromium-114-gcc12.patch | 30 + .../chromium/files/chromium-114-sigsegv-dom.patch | 73 ++ www-client/chromium/metadata.xml | 8 + 6 files changed, 1552 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebec648b4cea8be5043ecdd97b4dedaa9b6f2313 commit ebec648b4cea8be5043ecdd97b4dedaa9b6f2313 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2023-06-29 14:53:34 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2023-06-29 14:53:34 +0000 www-client/chromium: drop 113.0.5672.126 Bug: https://bugs.gentoo.org/907999 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 2 - www-client/chromium/chromium-113.0.5672.126.ebuild | 1265 -------------------- 2 files changed, 1267 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa commit 8064a0b694d29fb2fca491d65494098fb43c2ffa Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 15:39:13 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 15:39:35 +0000 [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907999 Bug: https://bugs.gentoo.org/908471 Bug: https://bugs.gentoo.org/909283 Bug: https://bugs.gentoo.org/910522 Bug: https://bugs.gentoo.org/911675 Bug: https://bugs.gentoo.org/912364 Bug: https://bugs.gentoo.org/913016 Bug: https://bugs.gentoo.org/913710 Bug: https://bugs.gentoo.org/914350 Bug: https://bugs.gentoo.org/914871 Bug: https://bugs.gentoo.org/915137 Bug: https://bugs.gentoo.org/915560 Bug: https://bugs.gentoo.org/915961 Bug: https://bugs.gentoo.org/916252 Bug: https://bugs.gentoo.org/916620 Bug: https://bugs.gentoo.org/917021 Bug: https://bugs.gentoo.org/917357 Bug: https://bugs.gentoo.org/918882 Bug: https://bugs.gentoo.org/919321 Bug: https://bugs.gentoo.org/919802 Bug: https://bugs.gentoo.org/920442 Bug: https://bugs.gentoo.org/921337 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 229 insertions(+)
