--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE"


--Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=us-ascii

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 202007-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Chromium, Google Chrome: Multiple vulnerabilities
     Date: July 26, 2020
     Bugs: #728418, #729310, #732588
       ID: 202007-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could result in the arbitrary execution of code.

Background
==========

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-client/chromium       < 84.0.4147.89         >= 84.0.4147.89
  2  www-client/google-chrome
                               < 84.0.4147.89         >= 84.0.4147.89
    -------------------------------------------------------------------
     2 affected packages

Description
===========

Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.

Impact
======

Please review the referenced CVE identifiers for details.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v ">=www-client/chromium-84.0.4147.89"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v
 ">=www-client/google-chrome-84.0.4147.89"

References
==========

[  1 ] CVE-2020-6505
       https://nvd.nist.gov/vuln/detail/CVE-2020-6505
[  2 ] CVE-2020-6506
       https://nvd.nist.gov/vuln/detail/CVE-2020-6506
[  3 ] CVE-2020-6507
       https://nvd.nist.gov/vuln/detail/CVE-2020-6507
[  4 ] CVE-2020-6509
       https://nvd.nist.gov/vuln/detail/CVE-2020-6509
[  5 ] CVE-2020-6510
       https://nvd.nist.gov/vuln/detail/CVE-2020-6510
[  6 ] CVE-2020-6511
       https://nvd.nist.gov/vuln/detail/CVE-2020-6511
[  7 ] CVE-2020-6512
       https://nvd.nist.gov/vuln/detail/CVE-2020-6512
[  8 ] CVE-2020-6513
       https://nvd.nist.gov/vuln/detail/CVE-2020-6513
[  9 ] CVE-2020-6514
       https://nvd.nist.gov/vuln/detail/CVE-2020-6514
[ 10 ] CVE-2020-6515
       https://nvd.nist.gov/vuln/detail/CVE-2020-6515
[ 11 ] CVE-2020-6516
       https://nvd.nist.gov/vuln/detail/CVE-2020-6516
[ 12 ] CVE-2020-6517
       https://nvd.nist.gov/vuln/detail/CVE-2020-6517
[ 13 ] CVE-2020-6518
       https://nvd.nist.gov/vuln/detail/CVE-2020-6518
[ 14 ] CVE-2020-6519
       https://nvd.nist.gov/vuln/detail/CVE-2020-6519
[ 15 ] CVE-2020-6520
       https://nvd.nist.gov/vuln/detail/CVE-2020-6520
[ 16 ] CVE-2020-6521
       https://nvd.nist.gov/vuln/detail/CVE-2020-6521
[ 17 ] CVE-2020-6522
       https://nvd.nist.gov/vuln/detail/CVE-2020-6522
[ 18 ] CVE-2020-6523
       https://nvd.nist.gov/vuln/detail/CVE-2020-6523
[ 19 ] CVE-2020-6524
       https://nvd.nist.gov/vuln/detail/CVE-2020-6524
[ 20 ] CVE-2020-6525
       https://nvd.nist.gov/vuln/detail/CVE-2020-6525
[ 21 ] CVE-2020-6526
       https://nvd.nist.gov/vuln/detail/CVE-2020-6526
[ 22 ] CVE-2020-6527
       https://nvd.nist.gov/vuln/detail/CVE-2020-6527
[ 23 ] CVE-2020-6528
       https://nvd.nist.gov/vuln/detail/CVE-2020-6528
[ 24 ] CVE-2020-6529
       https://nvd.nist.gov/vuln/detail/CVE-2020-6529
[ 25 ] CVE-2020-6530
       https://nvd.nist.gov/vuln/detail/CVE-2020-6530
[ 26 ] CVE-2020-6531
       https://nvd.nist.gov/vuln/detail/CVE-2020-6531
[ 27 ] CVE-2020-6533
       https://nvd.nist.gov/vuln/detail/CVE-2020-6533
[ 28 ] CVE-2020-6534
       https://nvd.nist.gov/vuln/detail/CVE-2020-6534
[ 29 ] CVE-2020-6535
       https://nvd.nist.gov/vuln/detail/CVE-2020-6535
[ 30 ] CVE-2020-6536
       https://nvd.nist.gov/vuln/detail/CVE-2020-6536

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202007-08

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5


--Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE
Content-Transfer-Encoding: 7bit
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv="Content-Type"
 content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 202007-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           <a href="https://security.gentoo.org/" class="">https://security.gentoo.org/</a>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Chromium, Google Chrome: Multiple vulnerabilities
     Date: July 26, 2020
     Bugs: #728418, #729310, #732588
       ID: 202007-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could result in the arbitrary execution of code.

Background
==========

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-client/chromium       &lt; 84.0.4147.89         &gt;=
 84.0.4147.89 
  2  www-client/google-chrome
                               &lt; 84.0.4147.89         &gt;=
 84.0.4147.89 
    -------------------------------------------------------------------
     2 affected packages

Description
===========

Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.

Impact
======

Please review the referenced CVE identifiers for details.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v
 "&gt;=www-client/chromium-84.0.4147.89"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v
 "&gt;=www-client/google-chrome-84.0.4147.89"

References
==========

[  1 ] CVE-2020-6505
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6505" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6505</a>
[  2 ] CVE-2020-6506
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6506" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6506</a>
[  3 ] CVE-2020-6507
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6507" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6507</a>
[  4 ] CVE-2020-6509
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6509" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6509</a>
[  5 ] CVE-2020-6510
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6510" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6510</a>
[  6 ] CVE-2020-6511
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6511" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6511</a>
[  7 ] CVE-2020-6512
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6512" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6512</a>
[  8 ] CVE-2020-6513
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6513" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6513</a>
[  9 ] CVE-2020-6514
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6514" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6514</a>
[ 10 ] CVE-2020-6515
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6515" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6515</a>
[ 11 ] CVE-2020-6516
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6516" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6516</a>
[ 12 ] CVE-2020-6517
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6517" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6517</a>
[ 13 ] CVE-2020-6518
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6518" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6518</a>
[ 14 ] CVE-2020-6519
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6519" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6519</a>
[ 15 ] CVE-2020-6520
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6520" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6520</a>
[ 16 ] CVE-2020-6521
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6521" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6521</a>
[ 17 ] CVE-2020-6522
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6522" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6522</a>
[ 18 ] CVE-2020-6523
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6523" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6523</a>
[ 19 ] CVE-2020-6524
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6524" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6524</a>
[ 20 ] CVE-2020-6525
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6525" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6525</a>
[ 21 ] CVE-2020-6526
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6526" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6526</a>
[ 22 ] CVE-2020-6527
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6527" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6527</a>
[ 23 ] CVE-2020-6528
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6528" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6528</a>
[ 24 ] CVE-2020-6529
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6529" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6529</a>
[ 25 ] CVE-2020-6530
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6530" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6530</a>
[ 26 ] CVE-2020-6531
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6531" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6531</a>
[ 27 ] CVE-2020-6533
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6533" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6533</a>
[ 28 ] CVE-2020-6534
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6534" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6534</a>
[ 29 ] CVE-2020-6535
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6535" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6535</a>
[ 30 ] CVE-2020-6536
       <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-6536" class="">https://nvd.nist.gov/vuln/detail/CVE-2020-6536</a>

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 <a href="https://security.gentoo.org/glsa/202007-08" class="">https://security.gentoo.org/glsa/202007-08</a>

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
<a href="mailto:security@gentoo.org"
 class="">security@gentoo.org</a> or alternatively, you may file a bug at
<a href="https://bugs.gentoo.org" class="">https://bugs.gentoo.org</a>.

License
=======

Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

<a href="https://creativecommons.org/licenses/by-sa/2.5" class="">https://creativecommons.org/licenses/by-sa/2.5</a></pre><div class=""><br class=""></div></body></html>
--Apple-Mail=_FD77B116-F23D-48F9-8B4B-AC09CD6BFEAE--

--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQSONjK3ErBA5VvN3hCxfj6E5hA8mwUCXx4TLl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OEUz
NjMyQjcxMkIwNDBFNTVCQ0RERTEwQjE3RTNFODRFNjEwM0M5QgAKCRCxfj6E5hA8
m1EgAQCoNZmaMwOBG/l/99gnl8DJCksYFCPKGUn8k4DISnsANQEAvMolcSCnbObX
9H2clHX/1Na3KccQdtwtlx6xmESutQg=
=SU9F
-----END PGP SIGNATURE-----

--Apple-Mail=_CA19ED0E-3988-44B6-9540-34A7D5C32F9A--