This update includes 20 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][1487110] Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27 [$5000][1062251] Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17 [$5000][1414936] Medium CVE-2023-5484: Inappropriate implementation in Navigation. Reported by Thomas Orlita on 2023-02-11 [$2000][1476952] Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30 [$1000][1425355] Medium CVE-2023-5483: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-03-17 [$1000][1458934] Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28 [$1000][1474253] Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20 [$1000][1483194] Medium CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car] on 2023-09-15 [$500][1471253] Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09 [$6000][1395164] Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02 [$3000][1472404] Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-08-12 [$3000][1472558] Low CVE-2023-5477: Inappropriate implementation in Installer. Reported by Bahaa Naamneh of Crosspoint Labs on 2023-08-13 [$1000][1357442] Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29 [$1000][1484000] Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18
Please bump to 118.0.5993.70. Note that some extra stuff is needed: [17:49:08] <sultan> Kangie: Yesterdays stable cut of M118 missed three patches [17:49:31] <sultan> https://chromium.googlesource.com/chromium/src/+/60e39e7dbe956ab78ef3745981cc05e16683d934 (probably not critical) [17:49:57] <sultan> https://chromium-review.googlesource.com/c/chromium/src/+/4926575 (critical) [17:50:41] <sultan> https://pdfium.googlesource.com/pdfium/+/e3593d6470b21372772459968aec121dcc6d885d (looks like Windows only) [17:53:01] <sultan> Hope that helps.
*** Bug 915584 has been marked as a duplicate of this bug. ***
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3fb0eea1ee35033113d7af9c3d629f91814c2db2 commit 3fb0eea1ee35033113d7af9c3d629f91814c2db2 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-10-11 10:45:09 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-12 06:23:34 +0000 www-client/chromium: add 118.0.5993.70 Bug: https://bugs.gentoo.org/915560 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 3 + www-client/chromium/chromium-118.0.5993.70.ebuild | 1221 +++++++++++++++++++++ 2 files changed, 1224 insertions(+)
google-chrome still needs doing
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=313e9df7edaacb617dd623309b594ec720033460 commit 313e9df7edaacb617dd623309b594ec720033460 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-10-12 06:58:13 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-12 10:42:39 +0000 www-plugins/chrome-binary-plugins: automated update (118.0.5993.70) Bug: https://bugs.gentoo.org/915560 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/33308 Signed-off-by: Sam James <sam@gentoo.org> www-plugins/chrome-binary-plugins/Manifest | 2 +- ...117.0.5938.149.ebuild => chrome-binary-plugins-118.0.5993.70.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc18e39ea86af9528193a81a06501a695a91e6ac commit cc18e39ea86af9528193a81a06501a695a91e6ac Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-10-12 06:58:09 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-12 10:42:35 +0000 www-client/google-chrome: automated update (118.0.5993.70) Bug: https://bugs.gentoo.org/915560 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> www-client/google-chrome/Manifest | 2 +- ...-chrome-117.0.5938.149.ebuild => google-chrome-118.0.5993.70.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa commit 8064a0b694d29fb2fca491d65494098fb43c2ffa Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 15:39:13 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 15:39:35 +0000 [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907999 Bug: https://bugs.gentoo.org/908471 Bug: https://bugs.gentoo.org/909283 Bug: https://bugs.gentoo.org/910522 Bug: https://bugs.gentoo.org/911675 Bug: https://bugs.gentoo.org/912364 Bug: https://bugs.gentoo.org/913016 Bug: https://bugs.gentoo.org/913710 Bug: https://bugs.gentoo.org/914350 Bug: https://bugs.gentoo.org/914871 Bug: https://bugs.gentoo.org/915137 Bug: https://bugs.gentoo.org/915560 Bug: https://bugs.gentoo.org/915961 Bug: https://bugs.gentoo.org/916252 Bug: https://bugs.gentoo.org/916620 Bug: https://bugs.gentoo.org/917021 Bug: https://bugs.gentoo.org/917357 Bug: https://bugs.gentoo.org/918882 Bug: https://bugs.gentoo.org/919321 Bug: https://bugs.gentoo.org/919802 Bug: https://bugs.gentoo.org/920442 Bug: https://bugs.gentoo.org/921337 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 229 insertions(+)
