Gentoo: GLSA-202309-17: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
Summary
Multiple vulnerabilities have been discovered in Chromium and its
derivatives. Please review the CVE identifiers referenced below for
details.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/chromium-113.0.5672.126"
All Google Chrome users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/google-chrome-113.0.5672.126"
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-113.0.1774.50"
Gentoo has discontinued support for www-client/chromium-bin. Users
should unmerge it in favor of the above alternatives:
# emerge --ask --depclean --verbose "www-client/chromium-bin"
References
[ 1 ] CVE-2023-0696
https://nvd.nist.gov/vuln/detail/CVE-2023-0696
[ 2 ] CVE-2023-0697
https://nvd.nist.gov/vuln/detail/CVE-2023-0697
[ 3 ] CVE-2023-0698
https://nvd.nist.gov/vuln/detail/CVE-2023-0698
[ 4 ] CVE-2023-0699
https://nvd.nist.gov/vuln/detail/CVE-2023-0699
[ 5 ] CVE-2023-0700
https://nvd.nist.gov/vuln/detail/CVE-2023-0700
[ 6 ] CVE-2023-0701
https://nvd.nist.gov/vuln/detail/CVE-2023-0701
[ 7 ] CVE-2023-0702
https://nvd.nist.gov/vuln/detail/CVE-2023-0702
[ 8 ] CVE-2023-0703
https://nvd.nist.gov/vuln/detail/CVE-2023-0703
[ 9 ] CVE-2023-0704
https://nvd.nist.gov/vuln/detail/CVE-2023-0704
[ 10 ] CVE-2023-0705
https://nvd.nist.gov/vuln/detail/CVE-2023-0705
[ 11 ] CVE-2023-0927
https://nvd.nist.gov/vuln/detail/CVE-2023-0927
[ 12 ] CVE-2023-0928
https://nvd.nist.gov/vuln/detail/CVE-2023-0928
[ 13 ] CVE-2023-0929
https://nvd.nist.gov/vuln/detail/CVE-2023-0929
[ 14 ] CVE-2023-0930
https://nvd.nist.gov/vuln/detail/CVE-2023-0930
[ 15 ] CVE-2023-0931
https://nvd.nist.gov/vuln/detail/CVE-2023-0931
[ 16 ] CVE-2023-0932
https://nvd.nist.gov/vuln/detail/CVE-2023-0932
[ 17 ] CVE-2023-0933
https://nvd.nist.gov/vuln/detail/CVE-2023-0933
[ 18 ] CVE-2023-0941
https://nvd.nist.gov/vuln/detail/CVE-2023-0941
[ 19 ] CVE-2023-1528
https://nvd.nist.gov/vuln/detail/CVE-2023-1528
[ 20 ] CVE-2023-1529
https://nvd.nist.gov/vuln/detail/CVE-2023-1529
[ 21 ] CVE-2023-1530
https://nvd.nist.gov/vuln/detail/CVE-2023-1530
[ 22 ] CVE-2023-1531
https://nvd.nist.gov/vuln/detail/CVE-2023-1531
[ 23 ] CVE-2023-1532
https://nvd.nist.gov/vuln/detail/CVE-2023-1532
[ 24 ] CVE-2023-1533
https://nvd.nist.gov/vuln/detail/CVE-2023-1533
[ 25 ] CVE-2023-1534
https://nvd.nist.gov/vuln/detail/CVE-2023-1534
[ 26 ] CVE-2023-1810
https://nvd.nist.gov/vuln/detail/CVE-2023-1810
[ 27 ] CVE-2023-1811
https://nvd.nist.gov/vuln/detail/CVE-2023-1811
[ 28 ] CVE-2023-1812
https://nvd.nist.gov/vuln/detail/CVE-2023-1812
[ 29 ] CVE-2023-1813
https://nvd.nist.gov/vuln/detail/CVE-2023-1813
[ 30 ] CVE-2023-1814
https://nvd.nist.gov/vuln/detail/CVE-2023-1814
[ 31 ] CVE-2023-1815
https://nvd.nist.gov/vuln/detail/CVE-2023-1815
[ 32 ] CVE-2023-1816
https://nvd.nist.gov/vuln/detail/CVE-2023-1816
[ 33 ] CVE-2023-1817
https://nvd.nist.gov/vuln/detail/CVE-2023-1817
[ 34 ] CVE-2023-1818
https://nvd.nist.gov/vuln/detail/CVE-2023-1818
[ 35 ] CVE-2023-1819
https://nvd.nist.gov/vuln/detail/CVE-2023-1819
[ 36 ] CVE-2023-1820
https://nvd.nist.gov/vuln/detail/CVE-2023-1820
[ 37 ] CVE-2023-1821
https://nvd.nist.gov/vuln/detail/CVE-2023-1821
[ 38 ] CVE-2023-1822
https://nvd.nist.gov/vuln/detail/CVE-2023-1822
[ 39 ] CVE-2023-1823
https://nvd.nist.gov/vuln/detail/CVE-2023-1823
[ 40 ] CVE-2023-2033
https://nvd.nist.gov/vuln/detail/CVE-2023-2033
[ 41 ] CVE-2023-2133
https://nvd.nist.gov/vuln/detail/CVE-2023-2133
[ 42 ] CVE-2023-2134
https://nvd.nist.gov/vuln/detail/CVE-2023-2134
[ 43 ] CVE-2023-2135
https://nvd.nist.gov/vuln/detail/CVE-2023-2135
[ 44 ] CVE-2023-2136
https://nvd.nist.gov/vuln/detail/CVE-2023-2136
[ 45 ] CVE-2023-2137
https://nvd.nist.gov/vuln/detail/CVE-2023-2137
[ 46 ] CVE-2023-2459
https://nvd.nist.gov/vuln/detail/CVE-2023-2459
[ 47 ] CVE-2023-2460
https://nvd.nist.gov/vuln/detail/CVE-2023-2460
[ 48 ] CVE-2023-2461
https://nvd.nist.gov/vuln/detail/CVE-2023-2461
[ 49 ] CVE-2023-2462
https://nvd.nist.gov/vuln/detail/CVE-2023-2462
[ 50 ] CVE-2023-2463
https://nvd.nist.gov/vuln/detail/CVE-2023-2463
[ 51 ] CVE-2023-2464
https://nvd.nist.gov/vuln/detail/CVE-2023-2464
[ 52 ] CVE-2023-2465
https://nvd.nist.gov/vuln/detail/CVE-2023-2465
[ 53 ] CVE-2023-2466
https://nvd.nist.gov/vuln/detail/CVE-2023-2466
[ 54 ] CVE-2023-2467
https://nvd.nist.gov/vuln/detail/CVE-2023-2467
[ 55 ] CVE-2023-2468
https://nvd.nist.gov/vuln/detail/CVE-2023-2468
[ 56 ] CVE-2023-2721
https://nvd.nist.gov/vuln/detail/CVE-2023-2721
[ 57 ] CVE-2023-2722
https://nvd.nist.gov/vuln/detail/CVE-2023-2722
[ 58 ] CVE-2023-2723
https://nvd.nist.gov/vuln/detail/CVE-2023-2723
[ 59 ] CVE-2023-2724
https://nvd.nist.gov/vuln/detail/CVE-2023-2724
[ 60 ] CVE-2023-2725
https://nvd.nist.gov/vuln/detail/CVE-2023-2725
[ 61 ] CVE-2023-2726
https://nvd.nist.gov/vuln/detail/CVE-2023-2726
[ 62 ] CVE-2023-21720
https://nvd.nist.gov/vuln/detail/CVE-2023-21720
[ 63 ] CVE-2023-21794
https://nvd.nist.gov/vuln/detail/CVE-2023-21794
[ 64 ] CVE-2023-23374
https://nvd.nist.gov/vuln/detail/CVE-2023-23374
[ 65 ] CVE-2023-28261
https://nvd.nist.gov/vuln/detail/CVE-2023-28261
[ 66 ] CVE-2023-28286
https://nvd.nist.gov/vuln/detail/CVE-2023-28286
[ 67 ] CVE-2023-29334
https://nvd.nist.gov/vuln/detail/CVE-2023-29334
[ 68 ] CVE-2023-29350
https://nvd.nist.gov/vuln/detail/CVE-2023-29350
[ 69 ] CVE-2023-29354
https://nvd.nist.gov/vuln/detail/CVE-2023-29354
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202309-17
Concerns
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
Synopsis
Multiple vulnerabilities have been found in Chromium and its
derivatives, the worst of which could result in remote code execution.
Background
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your
devices.
Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.
Affected Packages
Package Vulnerable Unaffected
------------------------- ---------------- -----------------
www-client/chromium < 113.0.5672.126 >= 113.0.5672.126
www-client/chromium-bin < 113.0.5672.126 Vulnerable!
www-client/google-chrome < 113.0.5672.126 >= 113.0.5672.126
www-client/microsoft-edge < 113.0.1774.50 >= 113.0.1774.50
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.