The Stable channel has been updated to 124.0.6367.155 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][337766133] High CVE-2024-4558: Use after free in ANGLE. Reported by gelatin dessert on 2024-04-29 [TBD][331369797] High CVE-2024-4559: Heap buffer overflow in WebAudio. Reported by Cassidy Kim(@cassidy6564) on 2024-03-26
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ae0cbfdab9788c681adef41259e4482f1a01695 commit 0ae0cbfdab9788c681adef41259e4482f1a01695 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-05-08 06:22:20 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-05-08 07:14:24 +0000 www-client/chromium: add 124.0.6367.155 Bug: https://bugs.gentoo.org/931548 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/chromium/Manifest | 2 + www-client/chromium/chromium-124.0.6367.155.ebuild | 1437 ++++++++++++++++++++ 2 files changed, 1439 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b2b36893a71a3d6ce9d3aaba23c15d68fd095dea commit b2b36893a71a3d6ce9d3aaba23c15d68fd095dea Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-05-08 05:24:41 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-05-08 07:14:20 +0000 www-client/google-chrome: automated update (124.0.6367.155) Bug: https://bugs.gentoo.org/931548 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/google-chrome/Manifest | 2 +- ...chrome-124.0.6367.118.ebuild => google-chrome-124.0.6367.155.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=309ab763e094d02598a970a50a7f0836699fd887 commit 309ab763e094d02598a970a50a7f0836699fd887 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-12-07 10:13:10 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-12-07 10:13:37 +0000 [ GLSA 202412-05 ] Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/924450 Bug: https://bugs.gentoo.org/925161 Bug: https://bugs.gentoo.org/925666 Bug: https://bugs.gentoo.org/926230 Bug: https://bugs.gentoo.org/926869 Bug: https://bugs.gentoo.org/927312 Bug: https://bugs.gentoo.org/927928 Bug: https://bugs.gentoo.org/928462 Bug: https://bugs.gentoo.org/929112 Bug: https://bugs.gentoo.org/930124 Bug: https://bugs.gentoo.org/930647 Bug: https://bugs.gentoo.org/930994 Bug: https://bugs.gentoo.org/931548 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202412-05.xml | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 121 insertions(+)