- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201908-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: Chromium, Google Chrome: Multiple vulnerabilities
     Date: August 15, 2019
     Bugs: #684238, #684272, #687732, #688072, #689944, #691098, #691682
       ID: 201908-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could allow remote attackers to execute arbitrary
code.

Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Affected packages
================
    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-client/chromium      < 76.0.3809.100        >= 76.0.3809.100 
  2  www-client/google-chrome
                              < 76.0.3809.100        >= 76.0.3809.100 
    -------------------------------------------------------------------
     2 affected packages

Description
==========
Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the referenced CVE identifiers and Google Chrome
Releases for details.

Impact
=====
Please review the referenced CVE identifiers for details.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v ">=www-client/chromium-76.0.3809.100"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync
  # emerge -a --oneshot -v ">=www-client/google-chrome-76.0.3809.100"

References
=========
[  1 ] CVE-2019-5805
       https://nvd.nist.gov/vuln/detail/CVE-2019-5805
[  2 ] CVE-2019-5806
       https://nvd.nist.gov/vuln/detail/CVE-2019-5806
[  3 ] CVE-2019-5807
       https://nvd.nist.gov/vuln/detail/CVE-2019-5807
[  4 ] CVE-2019-5808
       https://nvd.nist.gov/vuln/detail/CVE-2019-5808
[  5 ] CVE-2019-5809
       https://nvd.nist.gov/vuln/detail/CVE-2019-5809
[  6 ] CVE-2019-5810
       https://nvd.nist.gov/vuln/detail/CVE-2019-5810
[  7 ] CVE-2019-5811
       https://nvd.nist.gov/vuln/detail/CVE-2019-5811
[  8 ] CVE-2019-5812
       https://nvd.nist.gov/vuln/detail/CVE-2019-5812
[  9 ] CVE-2019-5813
       https://nvd.nist.gov/vuln/detail/CVE-2019-5813
[ 10 ] CVE-2019-5814
       https://nvd.nist.gov/vuln/detail/CVE-2019-5814
[ 11 ] CVE-2019-5815
       https://nvd.nist.gov/vuln/detail/CVE-2019-5815
[ 12 ] CVE-2019-5816
       https://nvd.nist.gov/vuln/detail/CVE-2019-5816
[ 13 ] CVE-2019-5817
       https://nvd.nist.gov/vuln/detail/CVE-2019-5817
[ 14 ] CVE-2019-5818
       https://nvd.nist.gov/vuln/detail/CVE-2019-5818
[ 15 ] CVE-2019-5819
       https://nvd.nist.gov/vuln/detail/CVE-2019-5819
[ 16 ] CVE-2019-5820
       https://nvd.nist.gov/vuln/detail/CVE-2019-5820
[ 17 ] CVE-2019-5821
       https://nvd.nist.gov/vuln/detail/CVE-2019-5821
[ 18 ] CVE-2019-5822
       https://nvd.nist.gov/vuln/detail/CVE-2019-5822
[ 19 ] CVE-2019-5823
       https://nvd.nist.gov/vuln/detail/CVE-2019-5823
[ 20 ] CVE-2019-5828
       https://nvd.nist.gov/vuln/detail/CVE-2019-5828
[ 21 ] CVE-2019-5829
       https://nvd.nist.gov/vuln/detail/CVE-2019-5829
[ 22 ] CVE-2019-5830
       https://nvd.nist.gov/vuln/detail/CVE-2019-5830
[ 23 ] CVE-2019-5831
       https://nvd.nist.gov/vuln/detail/CVE-2019-5831
[ 24 ] CVE-2019-5832
       https://nvd.nist.gov/vuln/detail/CVE-2019-5832
[ 25 ] CVE-2019-5833
       https://nvd.nist.gov/vuln/detail/CVE-2019-5833
[ 26 ] CVE-2019-5834
       https://nvd.nist.gov/vuln/detail/CVE-2019-5834
[ 27 ] CVE-2019-5835
       https://nvd.nist.gov/vuln/detail/CVE-2019-5835
[ 28 ] CVE-2019-5836
       https://nvd.nist.gov/vuln/detail/CVE-2019-5836
[ 29 ] CVE-2019-5837
       https://nvd.nist.gov/vuln/detail/CVE-2019-5837
[ 30 ] CVE-2019-5838
       https://nvd.nist.gov/vuln/detail/CVE-2019-5838
[ 31 ] CVE-2019-5839
       https://nvd.nist.gov/vuln/detail/CVE-2019-5839
[ 32 ] CVE-2019-5840
       https://nvd.nist.gov/vuln/detail/CVE-2019-5840
[ 33 ] CVE-2019-5842
       https://nvd.nist.gov/vuln/detail/CVE-2019-5842
[ 34 ] CVE-2019-5847
       https://nvd.nist.gov/vuln/detail/CVE-2019-5847
[ 35 ] CVE-2019-5848
       https://nvd.nist.gov/vuln/detail/CVE-2019-5848
[ 36 ] CVE-2019-5850
       https://nvd.nist.gov/vuln/detail/CVE-2019-5850
[ 37 ] CVE-2019-5851
       https://nvd.nist.gov/vuln/detail/CVE-2019-5851
[ 38 ] CVE-2019-5852
       https://nvd.nist.gov/vuln/detail/CVE-2019-5852
[ 39 ] CVE-2019-5853
       https://nvd.nist.gov/vuln/detail/CVE-2019-5853
[ 40 ] CVE-2019-5854
       https://nvd.nist.gov/vuln/detail/CVE-2019-5854
[ 41 ] CVE-2019-5855
       https://nvd.nist.gov/vuln/detail/CVE-2019-5855
[ 42 ] CVE-2019-5856
       https://nvd.nist.gov/vuln/detail/CVE-2019-5856
[ 43 ] CVE-2019-5857
       https://nvd.nist.gov/vuln/detail/CVE-2019-5857
[ 44 ] CVE-2019-5858
       https://nvd.nist.gov/vuln/detail/CVE-2019-5858
[ 45 ] CVE-2019-5859
       https://nvd.nist.gov/vuln/detail/CVE-2019-5859
[ 46 ] CVE-2019-5860
       https://nvd.nist.gov/vuln/detail/CVE-2019-5860
[ 47 ] CVE-2019-5861
       https://nvd.nist.gov/vuln/detail/CVE-2019-5861
[ 48 ] CVE-2019-5862
       https://nvd.nist.gov/vuln/detail/CVE-2019-5862
[ 49 ] CVE-2019-5863
       https://nvd.nist.gov/vuln/detail/CVE-2019-5863
[ 50 ] CVE-2019-5864
       https://nvd.nist.gov/vuln/detail/CVE-2019-5864
[ 51 ] CVE-2019-5865
       https://nvd.nist.gov/vuln/detail/CVE-2019-5865
[ 52 ] CVE-2019-5867
       https://nvd.nist.gov/vuln/detail/CVE-2019-5867
[ 53 ] CVE-2019-5868
       https://nvd.nist.gov/vuln/detail/CVE-2019-5868

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201908-18

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
======
Copyright 2019 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5/

Gentoo: GLSA-201908-18: Chromium, Google Chrome: Multiple vulnerabilities

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code

Summary

Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details.

Resolution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-76.0.3809.100"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge -a --oneshot -v ">=www-client/google-chrome-76.0.3809.100"

References

[ 1 ] CVE-2019-5805 https://nvd.nist.gov/vuln/detail/CVE-2019-5805 [ 2 ] CVE-2019-5806 https://nvd.nist.gov/vuln/detail/CVE-2019-5806 [ 3 ] CVE-2019-5807 https://nvd.nist.gov/vuln/detail/CVE-2019-5807 [ 4 ] CVE-2019-5808 https://nvd.nist.gov/vuln/detail/CVE-2019-5808 [ 5 ] CVE-2019-5809 https://nvd.nist.gov/vuln/detail/CVE-2019-5809 [ 6 ] CVE-2019-5810 https://nvd.nist.gov/vuln/detail/CVE-2019-5810 [ 7 ] CVE-2019-5811 https://nvd.nist.gov/vuln/detail/CVE-2019-5811 [ 8 ] CVE-2019-5812 https://nvd.nist.gov/vuln/detail/CVE-2019-5812 [ 9 ] CVE-2019-5813 https://nvd.nist.gov/vuln/detail/CVE-2019-5813 [ 10 ] CVE-2019-5814 https://nvd.nist.gov/vuln/detail/CVE-2019-5814 [ 11 ] CVE-2019-5815 https://nvd.nist.gov/vuln/detail/CVE-2019-5815 [ 12 ] CVE-2019-5816 https://nvd.nist.gov/vuln/detail/CVE-2019-5816 [ 13 ] CVE-2019-5817 https://nvd.nist.gov/vuln/detail/CVE-2019-5817 [ 14 ] CVE-2019-5818 https://nvd.nist.gov/vuln/detail/CVE-2019-5818 [ 15 ] CVE-2019-5819 https://nvd.nist.gov/vuln/detail/CVE-2019-5819 [ 16 ] CVE-2019-5820 https://nvd.nist.gov/vuln/detail/CVE-2019-5820 [ 17 ] CVE-2019-5821 https://nvd.nist.gov/vuln/detail/CVE-2019-5821 [ 18 ] CVE-2019-5822 https://nvd.nist.gov/vuln/detail/CVE-2019-5822 [ 19 ] CVE-2019-5823 https://nvd.nist.gov/vuln/detail/CVE-2019-5823 [ 20 ] CVE-2019-5828 https://nvd.nist.gov/vuln/detail/CVE-2019-5828 [ 21 ] CVE-2019-5829 https://nvd.nist.gov/vuln/detail/CVE-2019-5829 [ 22 ] CVE-2019-5830 https://nvd.nist.gov/vuln/detail/CVE-2019-5830 [ 23 ] CVE-2019-5831 https://nvd.nist.gov/vuln/detail/CVE-2019-5831 [ 24 ] CVE-2019-5832 https://nvd.nist.gov/vuln/detail/CVE-2019-5832 [ 25 ] CVE-2019-5833 https://nvd.nist.gov/vuln/detail/CVE-2019-5833 [ 26 ] CVE-2019-5834 https://nvd.nist.gov/vuln/detail/CVE-2019-5834 [ 27 ] CVE-2019-5835 https://nvd.nist.gov/vuln/detail/CVE-2019-5835 [ 28 ] CVE-2019-5836 https://nvd.nist.gov/vuln/detail/CVE-2019-5836 [ 29 ] CVE-2019-5837 https://nvd.nist.gov/vuln/detail/CVE-2019-5837 [ 30 ] CVE-2019-5838 https://nvd.nist.gov/vuln/detail/CVE-2019-5838 [ 31 ] CVE-2019-5839 https://nvd.nist.gov/vuln/detail/CVE-2019-5839 [ 32 ] CVE-2019-5840 https://nvd.nist.gov/vuln/detail/CVE-2019-5840 [ 33 ] CVE-2019-5842 https://nvd.nist.gov/vuln/detail/CVE-2019-5842 [ 34 ] CVE-2019-5847 https://nvd.nist.gov/vuln/detail/CVE-2019-5847 [ 35 ] CVE-2019-5848 https://nvd.nist.gov/vuln/detail/CVE-2019-5848 [ 36 ] CVE-2019-5850 https://nvd.nist.gov/vuln/detail/CVE-2019-5850 [ 37 ] CVE-2019-5851 https://nvd.nist.gov/vuln/detail/CVE-2019-5851 [ 38 ] CVE-2019-5852 https://nvd.nist.gov/vuln/detail/CVE-2019-5852 [ 39 ] CVE-2019-5853 https://nvd.nist.gov/vuln/detail/CVE-2019-5853 [ 40 ] CVE-2019-5854 https://nvd.nist.gov/vuln/detail/CVE-2019-5854 [ 41 ] CVE-2019-5855 https://nvd.nist.gov/vuln/detail/CVE-2019-5855 [ 42 ] CVE-2019-5856 https://nvd.nist.gov/vuln/detail/CVE-2019-5856 [ 43 ] CVE-2019-5857 https://nvd.nist.gov/vuln/detail/CVE-2019-5857 [ 44 ] CVE-2019-5858 https://nvd.nist.gov/vuln/detail/CVE-2019-5858 [ 45 ] CVE-2019-5859 https://nvd.nist.gov/vuln/detail/CVE-2019-5859 [ 46 ] CVE-2019-5860 https://nvd.nist.gov/vuln/detail/CVE-2019-5860 [ 47 ] CVE-2019-5861 https://nvd.nist.gov/vuln/detail/CVE-2019-5861 [ 48 ] CVE-2019-5862 https://nvd.nist.gov/vuln/detail/CVE-2019-5862 [ 49 ] CVE-2019-5863 https://nvd.nist.gov/vuln/detail/CVE-2019-5863 [ 50 ] CVE-2019-5864 https://nvd.nist.gov/vuln/detail/CVE-2019-5864 [ 51 ] CVE-2019-5865 https://nvd.nist.gov/vuln/detail/CVE-2019-5865 [ 52 ] CVE-2019-5867 https://nvd.nist.gov/vuln/detail/CVE-2019-5867 [ 53 ] CVE-2019-5868 https://nvd.nist.gov/vuln/detail/CVE-2019-5868

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201908-18

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
Severity: High
Title: Chromium, Google Chrome: Multiple vulnerabilities
Date: August 15, 2019
Bugs: #684238, #684272, #687732, #688072, #689944, #691098, #691682
ID: 201908-18

Synopsis

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.

Background

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 76.0.3809.100 >= 76.0.3809.100 2 www-client/google-chrome < 76.0.3809.100 >= 76.0.3809.100 ------------------------------------------------------------------- 2 affected packages

Impact

===== Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved