[1466183] High CVE-2023-4068: Type Confusion in V8. Reported by Jerry on 2023-07-20 [1465326] High CVE-2023-4069: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-07-17 [1462951] High CVE-2023-4070: Type Confusion in V8. Reported by Jerry on 2023-07-07 [1458819] High CVE-2023-4071: Heap buffer overflow in Visuals. Reported by Guang and Weipeng Jiang of VRI on 2023-06-28 [1464038] High CVE-2023-4072: Out of bounds read and write in WebGL. Reported by Apple Security Engineering and Architecture (SEAR) on 2023-07-12 [1456243] High CVE-2023-4073: Out of bounds memory access in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-06-20 [1464113] High CVE-2023-4074: Use after free in Blink Task Scheduling. Reported by Anonymous on 2023-07-12 [1457757] High CVE-2023-4075: Use after free in Cast. Reported by Cassidy Kim(@cassidy6564) on 2023-06-25 [1459124] High CVE-2023-4076: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2023-06-29 [1451146] Medium CVE-2023-4077: Insufficient data validation in Extensions. Reported by Anonymous on 2023-06-04 [1461895] Medium CVE-2023-4078: Inappropriate implementation in Extensions. Reported by Anonymous on 2023-07-04
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c6d0a7ad1077da65b2c0c91bcc6261c98e2939d commit 3c6d0a7ad1077da65b2c0c91bcc6261c98e2939d Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-08-04 09:51:07 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2023-08-04 20:21:42 +0000 www-client/chromium: stabilize 115.0.5790.170 for amd64 Bug: https://bugs.gentoo.org/911675 Closes: https://bugs.gentoo.org/911676 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/32169 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/chromium-115.0.5790.170.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=597eeb6775b999045809d747c8968507091c2e25 commit 597eeb6775b999045809d747c8968507091c2e25 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2023-08-07 10:51:50 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2023-08-07 10:52:07 +0000 www-client/chromium: drop 115.0.5790.102 Bug: https://bugs.gentoo.org/911675 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 2 - www-client/chromium/chromium-115.0.5790.102.ebuild | 1269 -------------------- 2 files changed, 1271 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa commit 8064a0b694d29fb2fca491d65494098fb43c2ffa Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 15:39:13 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 15:39:35 +0000 [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907999 Bug: https://bugs.gentoo.org/908471 Bug: https://bugs.gentoo.org/909283 Bug: https://bugs.gentoo.org/910522 Bug: https://bugs.gentoo.org/911675 Bug: https://bugs.gentoo.org/912364 Bug: https://bugs.gentoo.org/913016 Bug: https://bugs.gentoo.org/913710 Bug: https://bugs.gentoo.org/914350 Bug: https://bugs.gentoo.org/914871 Bug: https://bugs.gentoo.org/915137 Bug: https://bugs.gentoo.org/915560 Bug: https://bugs.gentoo.org/915961 Bug: https://bugs.gentoo.org/916252 Bug: https://bugs.gentoo.org/916620 Bug: https://bugs.gentoo.org/917021 Bug: https://bugs.gentoo.org/917357 Bug: https://bugs.gentoo.org/918882 Bug: https://bugs.gentoo.org/919321 Bug: https://bugs.gentoo.org/919802 Bug: https://bugs.gentoo.org/920442 Bug: https://bugs.gentoo.org/921337 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 229 insertions(+)