Gentoo: GLSA-202412-05: Chromium, Google Chrome, Microsoft Edge. Opera: Security Advisory Updates
gentoo
December 7, 2024
Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.
Summary
Multiple vulnerabilities have been discovered in Chromium and its
derivatives. Please review the CVE identifiers referenced below for
details.
Topics Covered
Resolution
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-124.0.6367.155"
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-124.0.6367.155 "
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-124.0.2478.97"
All Oprea users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/opera-110.0.5130.35"
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-124.0.6367.155"
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-124.0.6367.155 "
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-124.0.2478.97"
All Oprea users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/opera-110.0.5130.35"
References
[ 1 ] CVE-2024-1669 https://nvd.nist.gov/vuln/detail/CVE-2024-1669 [ 2 ] CVE-2024-1670 https://nvd.nist.gov/vuln/detail/CVE-2024-1670 [ 3 ] CVE-2024-1671 https://nvd.nist.gov/vuln/detail/CVE-2024-1671 [ 4 ] CVE-2024-1672 https://nvd.nist.gov/vuln/detail/CVE-2024-1672 [ 5 ] CVE-2024-1673 https://nvd.nist.gov/vuln/detail/CVE-2024-1673 [ 6 ] CVE-2024-1674 https://nvd.nist.gov/vuln/detail/CVE-2024-1674 [ 7 ] CVE-2024-1675 https://nvd.nist.gov/vuln/detail/CVE-2024-1675 [ 8 ] CVE-2024-1676 https://nvd.nist.gov/vuln/detail/CVE-2024-1676 [ 9 ] CVE-2024-2173 https://nvd.nist.gov/vuln/detail/CVE-2024-2173 [ 10 ] CVE-2024-2174 https://nvd.nist.gov/vuln/detail/CVE-2024-2174 [ 11 ] CVE-2024-2176 https://nvd.nist.gov/vuln/detail/CVE-2024-2176 [ 12 ] CVE-2024-2400 https://nvd.nist.gov/vuln/detail/CVE-2024-2400 [ 13 ] CVE-2024-2625 https://nvd.nist.gov/vuln/detail/CVE-2024-2625 [ 14 ] CVE-2024-2626 https://nvd.nist....
Read the Full AdvisoryAvailability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202412-05
style>.gentoo_availability{display:block;}
Concerns
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
PREVIOUS
NEXT
Severity: High
Title: Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities
Date: December 07, 2024
Bugs: #924450, #925161, #925666, #926230, #926869, #927312, #927928, #928462, #929112, #930124, #930647, #930994, #931548
ID: 202412-05
Topics Covered
Background
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web. Google
Chrome is one fast, simple, and secure browser for all your devices.
Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.
Opera is a fast and secure web browser.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Package Vulnerable Unaffected
------------------------- ---------------- -----------------
ww-client/microsoft-edge >= 124.0.2478.97
www-client/chromium < 124.0.6367.155 >= 124.0.6367.155
www-client/google-chrome < 124.0.6367.155 >= 124.0.6367.155
www-client/microsoft-edge < 124.0.2478.97 Vulnerable!
www-client/opera < 110.0.5130.35 >= 110.0.5130.35
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!