Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Aaron Bauman <bman@g.o>
To: gentoo-announce@l.g.o
Subject: [gentoo-announce] [ GLSA 201908-18 ] Chromium, Google Chrome: Multiple vulnerabilities
Date: Thu, 15 Aug 2019 16:38:16
Message-Id: 20190815160256.GM861995@bubba.lan
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 201908-18
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 https://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: High
8 Title: Chromium, Google Chrome: Multiple vulnerabilities
9 Date: August 15, 2019
10 Bugs: #684238, #684272, #687732, #688072, #689944, #691098, #691682
11 ID: 201908-18
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities have been found in Chromium and Google Chrome,
19 the worst of which could allow remote attackers to execute arbitrary
20 code.
21
22 Background
23 ==========
24
25 Chromium is an open-source browser project that aims to build a safer,
26 faster, and more stable way for all users to experience the web.
27
28 Google Chrome is one fast, simple, and secure browser for all your
29 devices.
30
31 Affected packages
32 =================
33
34 -------------------------------------------------------------------
35 Package / Vulnerable / Unaffected
36 -------------------------------------------------------------------
37 1 www-client/chromium < 76.0.3809.100 >= 76.0.3809.100
38 2 www-client/google-chrome
39 < 76.0.3809.100 >= 76.0.3809.100
40 -------------------------------------------------------------------
41 2 affected packages
42
43 Description
44 ===========
45
46 Multiple vulnerabilities have been discovered in Chromium and Google
47 Chrome. Please review the referenced CVE identifiers and Google Chrome
48 Releases for details.
49
50 Impact
51 ======
52
53 Please review the referenced CVE identifiers for details.
54
55 Workaround
56 ==========
57
58 There is no known workaround at this time.
59
60 Resolution
61 ==========
62
63 All Chromium users should upgrade to the latest version:
64
65 # emerge --sync
66 # emerge --ask --oneshot -v ">=www-client/chromium-76.0.3809.100"
67
68 All Google Chrome users should upgrade to the latest version:
69
70 # emerge --sync
71 # emerge -a --oneshot -v ">=www-client/google-chrome-76.0.3809.100"
72
73 References
74 ==========
75
76 [ 1 ] CVE-2019-5805
77 https://nvd.nist.gov/vuln/detail/CVE-2019-5805
78 [ 2 ] CVE-2019-5806
79 https://nvd.nist.gov/vuln/detail/CVE-2019-5806
80 [ 3 ] CVE-2019-5807
81 https://nvd.nist.gov/vuln/detail/CVE-2019-5807
82 [ 4 ] CVE-2019-5808
83 https://nvd.nist.gov/vuln/detail/CVE-2019-5808
84 [ 5 ] CVE-2019-5809
85 https://nvd.nist.gov/vuln/detail/CVE-2019-5809
86 [ 6 ] CVE-2019-5810
87 https://nvd.nist.gov/vuln/detail/CVE-2019-5810
88 [ 7 ] CVE-2019-5811
89 https://nvd.nist.gov/vuln/detail/CVE-2019-5811
90 [ 8 ] CVE-2019-5812
91 https://nvd.nist.gov/vuln/detail/CVE-2019-5812
92 [ 9 ] CVE-2019-5813
93 https://nvd.nist.gov/vuln/detail/CVE-2019-5813
94 [ 10 ] CVE-2019-5814
95 https://nvd.nist.gov/vuln/detail/CVE-2019-5814
96 [ 11 ] CVE-2019-5815
97 https://nvd.nist.gov/vuln/detail/CVE-2019-5815
98 [ 12 ] CVE-2019-5816
99 https://nvd.nist.gov/vuln/detail/CVE-2019-5816
100 [ 13 ] CVE-2019-5817
101 https://nvd.nist.gov/vuln/detail/CVE-2019-5817
102 [ 14 ] CVE-2019-5818
103 https://nvd.nist.gov/vuln/detail/CVE-2019-5818
104 [ 15 ] CVE-2019-5819
105 https://nvd.nist.gov/vuln/detail/CVE-2019-5819
106 [ 16 ] CVE-2019-5820
107 https://nvd.nist.gov/vuln/detail/CVE-2019-5820
108 [ 17 ] CVE-2019-5821
109 https://nvd.nist.gov/vuln/detail/CVE-2019-5821
110 [ 18 ] CVE-2019-5822
111 https://nvd.nist.gov/vuln/detail/CVE-2019-5822
112 [ 19 ] CVE-2019-5823
113 https://nvd.nist.gov/vuln/detail/CVE-2019-5823
114 [ 20 ] CVE-2019-5828
115 https://nvd.nist.gov/vuln/detail/CVE-2019-5828
116 [ 21 ] CVE-2019-5829
117 https://nvd.nist.gov/vuln/detail/CVE-2019-5829
118 [ 22 ] CVE-2019-5830
119 https://nvd.nist.gov/vuln/detail/CVE-2019-5830
120 [ 23 ] CVE-2019-5831
121 https://nvd.nist.gov/vuln/detail/CVE-2019-5831
122 [ 24 ] CVE-2019-5832
123 https://nvd.nist.gov/vuln/detail/CVE-2019-5832
124 [ 25 ] CVE-2019-5833
125 https://nvd.nist.gov/vuln/detail/CVE-2019-5833
126 [ 26 ] CVE-2019-5834
127 https://nvd.nist.gov/vuln/detail/CVE-2019-5834
128 [ 27 ] CVE-2019-5835
129 https://nvd.nist.gov/vuln/detail/CVE-2019-5835
130 [ 28 ] CVE-2019-5836
131 https://nvd.nist.gov/vuln/detail/CVE-2019-5836
132 [ 29 ] CVE-2019-5837
133 https://nvd.nist.gov/vuln/detail/CVE-2019-5837
134 [ 30 ] CVE-2019-5838
135 https://nvd.nist.gov/vuln/detail/CVE-2019-5838
136 [ 31 ] CVE-2019-5839
137 https://nvd.nist.gov/vuln/detail/CVE-2019-5839
138 [ 32 ] CVE-2019-5840
139 https://nvd.nist.gov/vuln/detail/CVE-2019-5840
140 [ 33 ] CVE-2019-5842
141 https://nvd.nist.gov/vuln/detail/CVE-2019-5842
142 [ 34 ] CVE-2019-5847
143 https://nvd.nist.gov/vuln/detail/CVE-2019-5847
144 [ 35 ] CVE-2019-5848
145 https://nvd.nist.gov/vuln/detail/CVE-2019-5848
146 [ 36 ] CVE-2019-5850
147 https://nvd.nist.gov/vuln/detail/CVE-2019-5850
148 [ 37 ] CVE-2019-5851
149 https://nvd.nist.gov/vuln/detail/CVE-2019-5851
150 [ 38 ] CVE-2019-5852
151 https://nvd.nist.gov/vuln/detail/CVE-2019-5852
152 [ 39 ] CVE-2019-5853
153 https://nvd.nist.gov/vuln/detail/CVE-2019-5853
154 [ 40 ] CVE-2019-5854
155 https://nvd.nist.gov/vuln/detail/CVE-2019-5854
156 [ 41 ] CVE-2019-5855
157 https://nvd.nist.gov/vuln/detail/CVE-2019-5855
158 [ 42 ] CVE-2019-5856
159 https://nvd.nist.gov/vuln/detail/CVE-2019-5856
160 [ 43 ] CVE-2019-5857
161 https://nvd.nist.gov/vuln/detail/CVE-2019-5857
162 [ 44 ] CVE-2019-5858
163 https://nvd.nist.gov/vuln/detail/CVE-2019-5858
164 [ 45 ] CVE-2019-5859
165 https://nvd.nist.gov/vuln/detail/CVE-2019-5859
166 [ 46 ] CVE-2019-5860
167 https://nvd.nist.gov/vuln/detail/CVE-2019-5860
168 [ 47 ] CVE-2019-5861
169 https://nvd.nist.gov/vuln/detail/CVE-2019-5861
170 [ 48 ] CVE-2019-5862
171 https://nvd.nist.gov/vuln/detail/CVE-2019-5862
172 [ 49 ] CVE-2019-5863
173 https://nvd.nist.gov/vuln/detail/CVE-2019-5863
174 [ 50 ] CVE-2019-5864
175 https://nvd.nist.gov/vuln/detail/CVE-2019-5864
176 [ 51 ] CVE-2019-5865
177 https://nvd.nist.gov/vuln/detail/CVE-2019-5865
178 [ 52 ] CVE-2019-5867
179 https://nvd.nist.gov/vuln/detail/CVE-2019-5867
180 [ 53 ] CVE-2019-5868
181 https://nvd.nist.gov/vuln/detail/CVE-2019-5868
182
183 Availability
184 ============
185
186 This GLSA and any updates to it are available for viewing at
187 the Gentoo Security Website:
188
189 https://security.gentoo.org/glsa/201908-18
190
191 Concerns?
192 =========
193
194 Security is a primary focus of Gentoo Linux and ensuring the
195 confidentiality and security of our users' machines is of utmost
196 importance to us. Any security concerns should be addressed to
197 security@g.o or alternatively, you may file a bug at
198 https://bugs.gentoo.org.
199
200 License
201 =======
202
203 Copyright 2019 Gentoo Foundation, Inc; referenced text
204 belongs to its owner(s).
205
206 The contents of this document are licensed under the
207 Creative Commons - Attribution / Share Alike license.
208
209 https://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups