--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A Content-Type: multipart/alternative; boundary="Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE"
--Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Chromium, Google Chrome: Multiple vulnerabilities Date: July 26, 2020 Bugs: #728418, #729310, #732588 ID: 202007-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 84.0.4147.89 >= 84.0.4147.89 2 www-client/google-chrome < 84.0.4147.89 >= 84.0.4147.89 ------------------------------------------------------------------- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-84.0.4147.89"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/google-chrome-84.0.4147.89"
References ==========
[ 1 ] CVE-2020-6505 https://nvd.nist.gov/vuln/detail/CVE-2020-6505 [ 2 ] CVE-2020-6506 https://nvd.nist.gov/vuln/detail/CVE-2020-6506 [ 3 ] CVE-2020-6507 https://nvd.nist.gov/vuln/detail/CVE-2020-6507 [ 4 ] CVE-2020-6509 https://nvd.nist.gov/vuln/detail/CVE-2020-6509 [ 5 ] CVE-2020-6510 https://nvd.nist.gov/vuln/detail/CVE-2020-6510 [ 6 ] CVE-2020-6511 https://nvd.nist.gov/vuln/detail/CVE-2020-6511 [ 7 ] CVE-2020-6512 https://nvd.nist.gov/vuln/detail/CVE-2020-6512 [ 8 ] CVE-2020-6513 https://nvd.nist.gov/vuln/detail/CVE-2020-6513 [ 9 ] CVE-2020-6514 https://nvd.nist.gov/vuln/detail/CVE-2020-6514 [ 10 ] CVE-2020-6515 https://nvd.nist.gov/vuln/detail/CVE-2020-6515 [ 11 ] CVE-2020-6516 https://nvd.nist.gov/vuln/detail/CVE-2020-6516 [ 12 ] CVE-2020-6517 https://nvd.nist.gov/vuln/detail/CVE-2020-6517 [ 13 ] CVE-2020-6518 https://nvd.nist.gov/vuln/detail/CVE-2020-6518 [ 14 ] CVE-2020-6519 https://nvd.nist.gov/vuln/detail/CVE-2020-6519 [ 15 ] CVE-2020-6520 https://nvd.nist.gov/vuln/detail/CVE-2020-6520 [ 16 ] CVE-2020-6521 https://nvd.nist.gov/vuln/detail/CVE-2020-6521 [ 17 ] CVE-2020-6522 https://nvd.nist.gov/vuln/detail/CVE-2020-6522 [ 18 ] CVE-2020-6523 https://nvd.nist.gov/vuln/detail/CVE-2020-6523 [ 19 ] CVE-2020-6524 https://nvd.nist.gov/vuln/detail/CVE-2020-6524 [ 20 ] CVE-2020-6525 https://nvd.nist.gov/vuln/detail/CVE-2020-6525 [ 21 ] CVE-2020-6526 https://nvd.nist.gov/vuln/detail/CVE-2020-6526 [ 22 ] CVE-2020-6527 https://nvd.nist.gov/vuln/detail/CVE-2020-6527 [ 23 ] CVE-2020-6528 https://nvd.nist.gov/vuln/detail/CVE-2020-6528 [ 24 ] CVE-2020-6529 https://nvd.nist.gov/vuln/detail/CVE-2020-6529 [ 25 ] CVE-2020-6530 https://nvd.nist.gov/vuln/detail/CVE-2020-6530 [ 26 ] CVE-2020-6531 https://nvd.nist.gov/vuln/detail/CVE-2020-6531 [ 27 ] CVE-2020-6533 https://nvd.nist.gov/vuln/detail/CVE-2020-6533 [ 28 ] CVE-2020-6534 https://nvd.nist.gov/vuln/detail/CVE-2020-6534 [ 29 ] CVE-2020-6535 https://nvd.nist.gov/vuln/detail/CVE-2020-6535 [ 30 ] CVE-2020-6536 https://nvd.nist.gov/vuln/detail/CVE-2020-6536
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-08
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii
<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <a href="https://security.gentoo.org/" class="">https://security.gentoo.org/</a> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Chromium, Google Chrome: Multiple vulnerabilities Date: July 26, 2020 Bugs: #728418, #729310, #732588 ID: 202007-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 84.0.4147.89 >= 84.0.4147.89 2 www-client/google-chrome < 84.0.4147.89 >= 84.0.4147.89 ------------------------------------------------------------------- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-84.0.4147.89"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/google-chrome-84.0.4147.89"
References ==========
[ 1 ] CVE-2020-6505 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6505" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6505</a> [ 2 ] CVE-2020-6506 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6506" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6506</a> [ 3 ] CVE-2020-6507 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6507" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6507</a> [ 4 ] CVE-2020-6509 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6509" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6509</a> [ 5 ] CVE-2020-6510 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6510" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6510</a> [ 6 ] CVE-2020-6511 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6511" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6511</a> [ 7 ] CVE-2020-6512 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6512" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6512</a> [ 8 ] CVE-2020-6513 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6513" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6513</a> [ 9 ] CVE-2020-6514 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6514" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6514</a> [ 10 ] CVE-2020-6515 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6515" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6515</a> [ 11 ] CVE-2020-6516 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6516" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6516</a> [ 12 ] CVE-2020-6517 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6517" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6517</a> [ 13 ] CVE-2020-6518 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6518" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6518</a> [ 14 ] CVE-2020-6519 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6519" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6519</a> [ 15 ] CVE-2020-6520 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6520" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6520</a> [ 16 ] CVE-2020-6521 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6521" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6521</a> [ 17 ] CVE-2020-6522 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6522" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6522</a> [ 18 ] CVE-2020-6523 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6523" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6523</a> [ 19 ] CVE-2020-6524 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6524" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6524</a> [ 20 ] CVE-2020-6525 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6525" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6525</a> [ 21 ] CVE-2020-6526 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6526" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6526</a> [ 22 ] CVE-2020-6527 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6527" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6527</a> [ 23 ] CVE-2020-6528 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6528" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6528</a> [ 24 ] CVE-2020-6529 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6529" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6529</a> [ 25 ] CVE-2020-6530 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6530" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6530</a> [ 26 ] CVE-2020-6531 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6531" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6531</a> [ 27 ] CVE-2020-6533 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6533" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6533</a> [ 28 ] CVE-2020-6534 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6534" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6534</a> [ 29 ] CVE-2020-6535 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6535" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6535</a> [ 30 ] CVE-2020-6536 <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6536" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6536</a>
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
<a href="https://security.gentoo.org/glsa/202007-08" class="">https://security.gentoo.org/glsa/202007-08</a>
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to <a href="mailto:security@gentoo.org" class="">security@gentoo.org</a> or alternatively, you may file a bug at <a href="https://bugs.gentoo.org" class="">https://bugs.gentoo.org</a>.
License =======
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
<a href="https://creativecommons.org/licenses/by-sa/2.5" class="">https://creativecommons.org/licenses/by-sa/2.5</a></pre><div class=""><br class=""></div></body></html> --Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE--
--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iNUEARYKAH0WIQSONjK3ErBA5VvN3hCxfj6E5hA8mwUCXx4TLl8UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OEUz NjMyQjcxMkIwNDBFNTVCQ0RERTEwQjE3RTNFODRFNjEwM0M5QgAKCRCxfj6E5hA8 m1EgAQCoNZmaMwOBG/l/99gnl8DJCksYFCPKGUn8k4DISnsANQEAvMolcSCnbObX 9H2clHX/1Na3KccQdtwtlx6xmESutQg= =SU9F -----END PGP SIGNATURE-----
--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A--
|