Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 918882 (CVE-2023-6345, CVE-2023-6346, CVE-2023-6347, CVE-2023-6348, CVE-2023-6350, CVE-2023-6351) - <www-client/chromium-119.0.6045.199, <www-client/google-chrome-119.0.6045.199 <www-client/microsoft-edge-119.0.2151.97: multiple vulnerabilities
Summary: <www-client/chromium-119.0.6045.199, <www-client/google-chrome-119.0.6045.199...
Status: RESOLVED FIXED
Alias: CVE-2023-6345, CVE-2023-6346, CVE-2023-6347, CVE-2023-6348, CVE-2023-6350, CVE-2023-6351
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal critical
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+]
Keywords: PullRequest
: 918849 (view as bug list)
Depends on: 918884 922189
Blocks:
  Show dependency tree
 
Reported: 2023-11-30 01:51 UTC by Matt Jolly
Modified: 2024-01-31 15:45 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Jolly gentoo-dev 2023-11-30 01:51:12 UTC
The Stable channel has been updated to 119.0.6045.199 for Mac and Linux; This update includes 7 security fixes.

Security Fixes and Rewards

[N/A][1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10
[$31000][1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21
[$10000][1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09
[$7000][1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13[$7000][1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13
[N/A][1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group on 2023-11-24

Google is aware that an exploit for CVE-2023-6345 exists in the wild.
Comment 1 Larry the Git Cow gentoo-dev 2023-11-30 02:08:07 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=abf3aed2c49431d58f896e9ca3f8b26fce383419

commit abf3aed2c49431d58f896e9ca3f8b26fce383419
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2023-11-29 09:30:10 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-11-30 02:04:27 +0000

    www-client/chromium: add 119.0.6045.199
    
    Bug: https://bugs.gentoo.org/918882
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                       |    2 +
 www-client/chromium/chromium-119.0.6045.199.ebuild | 1258 ++++++++++++++++++++
 2 files changed, 1260 insertions(+)
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-11-30 02:09:56 UTC
*** Bug 918849 has been marked as a duplicate of this bug. ***
Comment 3 Hans de Graaff gentoo-dev Security 2023-11-30 07:34:56 UTC
The subject mentions microsoft-edge-119.0.6045.199 as well, but that package has not been bumped or stabled yet.
Comment 4 Larry the Git Cow gentoo-dev 2024-01-31 15:39:57 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa

commit 8064a0b694d29fb2fca491d65494098fb43c2ffa
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-01-31 15:39:13 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-01-31 15:39:35 +0000

    [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/907999
    Bug: https://bugs.gentoo.org/908471
    Bug: https://bugs.gentoo.org/909283
    Bug: https://bugs.gentoo.org/910522
    Bug: https://bugs.gentoo.org/911675
    Bug: https://bugs.gentoo.org/912364
    Bug: https://bugs.gentoo.org/913016
    Bug: https://bugs.gentoo.org/913710
    Bug: https://bugs.gentoo.org/914350
    Bug: https://bugs.gentoo.org/914871
    Bug: https://bugs.gentoo.org/915137
    Bug: https://bugs.gentoo.org/915560
    Bug: https://bugs.gentoo.org/915961
    Bug: https://bugs.gentoo.org/916252
    Bug: https://bugs.gentoo.org/916620
    Bug: https://bugs.gentoo.org/917021
    Bug: https://bugs.gentoo.org/917357
    Bug: https://bugs.gentoo.org/918882
    Bug: https://bugs.gentoo.org/919321
    Bug: https://bugs.gentoo.org/919802
    Bug: https://bugs.gentoo.org/920442
    Bug: https://bugs.gentoo.org/921337
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 229 insertions(+)