The Stable channel has been updated to 130.0.6723.58 for Linux. This update includes 17 security fixes. [$36000][367755363] High CVE-2024-9954: Use after free in AI. Reported by DarkNavy on 2024-09-18 [$6000][370133761] Medium CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous on 2024-09-29 [$6000][370482421] Medium CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter on 2024-09-30 [$5000][358151317] Medium CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-08-08 [$5000][40076120] Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001) on 2023-11-02 [$4000][368672129] Medium CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S on 2024-09-21 [$2000][354748063] Medium CVE-2024-9960: Use after free in Dawn. Reported by Anonymous on 2024-07-23 [$2000][357776197] Medium CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-08-06 [$1000][364508693] Medium CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-09-04 [TBD][328278718] Medium CVE-2024-9963: Insufficient data validation in Downloads. Reported by Anonymous on 2024-03-06 [$3000][361711121] Low CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh on 2024-08-23 [$1000][352651673] Low CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim on 2024-07-12 [$1000][364773822] Low CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen on 2024-09-05
Might be a while for Chromium; Google's CI has been failing for days. https://groups.google.com/a/chromium.org/g/chromium-packagers/c/9X0k0IXCkKY
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2f9fe78e9c3310cae4c81c8a50e8fb8e8891cd44 commit 2f9fe78e9c3310cae4c81c8a50e8fb8e8891cd44 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-10-17 18:08:58 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-10-17 18:25:46 +0000 www-client/google-chrome: automated update (130.0.6723.58) Bug: https://bugs.gentoo.org/941600 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/google-chrome/Manifest | 2 +- ...-chrome-129.0.6668.100.ebuild => google-chrome-130.0.6723.58.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8193542153403e450b913dd937a82399aedc013b commit 8193542153403e450b913dd937a82399aedc013b Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-10-17 10:50:59 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-10-17 18:25:46 +0000 www-client/chromium: add 130.0.6723.58 Bug: https://bugs.gentoo.org/941600 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/chromium/Manifest | 4 + www-client/chromium/chromium-130.0.6723.58.ebuild | 1562 +++++++++++++++++++++ 2 files changed, 1566 insertions(+)
CI still failing, no tarballs have been published since the 21st I have reached out to the release manager for 130. It seems unlikely that we'll see anything for several days.