--vKmlIliI4sOVOvSR Content-Type: text/plain; charset=us-ascii Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: Chromium, Google Chrome: Multiple vulnerabilities Date: July 06, 2021 Bugs: #789420, #792084, #795204, #796338, #796521 ID: 202107-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabillities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/google-chrome < 91.0.4472.114 >= 91.0.4472.114 2 www-client/chromium < 91.0.4472.114 >= 91.0.4472.114 ------------------------------------------------------------------- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact ======
A remote attacker could execute arbitrary code, escalate privileges, obtain sensitive information, spoof a URL or cause a Denial of Service condition.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge -a --oneshot -v ">=www-client/google-chrome-91.0.4472.114"
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-91.0.4472.114"
References ==========
[ 1 ] CVE-2021-30506 https://nvd.nist.gov/vuln/detail/CVE-2021-30506 [ 2 ] CVE-2021-30507 https://nvd.nist.gov/vuln/detail/CVE-2021-30507 [ 3 ] CVE-2021-30508 https://nvd.nist.gov/vuln/detail/CVE-2021-30508 [ 4 ] CVE-2021-30509 https://nvd.nist.gov/vuln/detail/CVE-2021-30509 [ 5 ] CVE-2021-30510 https://nvd.nist.gov/vuln/detail/CVE-2021-30510 [ 6 ] CVE-2021-30511 https://nvd.nist.gov/vuln/detail/CVE-2021-30511 [ 7 ] CVE-2021-30512 https://nvd.nist.gov/vuln/detail/CVE-2021-30512 [ 8 ] CVE-2021-30513 https://nvd.nist.gov/vuln/detail/CVE-2021-30513 [ 9 ] CVE-2021-30514 https://nvd.nist.gov/vuln/detail/CVE-2021-30514 [ 10 ] CVE-2021-30515 https://nvd.nist.gov/vuln/detail/CVE-2021-30515 [ 11 ] CVE-2021-30516 https://nvd.nist.gov/vuln/detail/CVE-2021-30516 [ 12 ] CVE-2021-30517 https://nvd.nist.gov/vuln/detail/CVE-2021-30517 [ 13 ] CVE-2021-30518 https://nvd.nist.gov/vuln/detail/CVE-2021-30518 [ 14 ] CVE-2021-30519 https://nvd.nist.gov/vuln/detail/CVE-2021-30519 [ 15 ] CVE-2021-30520 https://nvd.nist.gov/vuln/detail/CVE-2021-30520 [ 16 ] CVE-2021-30521 https://nvd.nist.gov/vuln/detail/CVE-2021-30521 [ 17 ] CVE-2021-30522 https://nvd.nist.gov/vuln/detail/CVE-2021-30522 [ 18 ] CVE-2021-30523 https://nvd.nist.gov/vuln/detail/CVE-2021-30523 [ 19 ] CVE-2021-30524 https://nvd.nist.gov/vuln/detail/CVE-2021-30524 [ 20 ] CVE-2021-30525 https://nvd.nist.gov/vuln/detail/CVE-2021-30525 [ 21 ] CVE-2021-30526 https://nvd.nist.gov/vuln/detail/CVE-2021-30526 [ 22 ] CVE-2021-30527 https://nvd.nist.gov/vuln/detail/CVE-2021-30527 [ 23 ] CVE-2021-30528 https://nvd.nist.gov/vuln/detail/CVE-2021-30528 [ 24 ] CVE-2021-30530 https://nvd.nist.gov/vuln/detail/CVE-2021-30530 [ 25 ] CVE-2021-30531 https://nvd.nist.gov/vuln/detail/CVE-2021-30531 [ 26 ] CVE-2021-30532 https://nvd.nist.gov/vuln/detail/CVE-2021-30532 [ 27 ] CVE-2021-30533 https://nvd.nist.gov/vuln/detail/CVE-2021-30533 [ 28 ] CVE-2021-30534 https://nvd.nist.gov/vuln/detail/CVE-2021-30534 [ 29 ] CVE-2021-30536 https://nvd.nist.gov/vuln/detail/CVE-2021-30536 [ 30 ] CVE-2021-30537 https://nvd.nist.gov/vuln/detail/CVE-2021-30537 [ 31 ] CVE-2021-30538 https://nvd.nist.gov/vuln/detail/CVE-2021-30538 [ 32 ] CVE-2021-30539 https://nvd.nist.gov/vuln/detail/CVE-2021-30539 [ 33 ] CVE-2021-30540 https://nvd.nist.gov/vuln/detail/CVE-2021-30540 [ 34 ] CVE-2021-30544 https://nvd.nist.gov/vuln/detail/CVE-2021-30544 [ 35 ] CVE-2021-30545 https://nvd.nist.gov/vuln/detail/CVE-2021-30545 [ 36 ] CVE-2021-30546 https://nvd.nist.gov/vuln/detail/CVE-2021-30546 [ 37 ] CVE-2021-30548 https://nvd.nist.gov/vuln/detail/CVE-2021-30548 [ 38 ] CVE-2021-30549 https://nvd.nist.gov/vuln/detail/CVE-2021-30549 [ 39 ] CVE-2021-30550 https://nvd.nist.gov/vuln/detail/CVE-2021-30550 [ 40 ] CVE-2021-30551 https://nvd.nist.gov/vuln/detail/CVE-2021-30551 [ 41 ] CVE-2021-30552 https://nvd.nist.gov/vuln/detail/CVE-2021-30552 [ 42 ] CVE-2021-30553 https://nvd.nist.gov/vuln/detail/CVE-2021-30553 [ 43 ] CVE-2021-30554 https://nvd.nist.gov/vuln/detail/CVE-2021-30554 [ 44 ] CVE-2021-30555 https://nvd.nist.gov/vuln/detail/CVE-2021-30555 [ 45 ] CVE-2021-30556 https://nvd.nist.gov/vuln/detail/CVE-2021-30556 [ 46 ] CVE-2021-30557 https://nvd.nist.gov/vuln/detail/CVE-2021-30557
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202107-06
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--vKmlIliI4sOVOvSR Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEElFuPenBj6NvNLoABXP0dAeB+IzgFAmDjzyEACgkQXP0dAeB+ IzhVlA//fc2HSUhsLiy6Sb8JcEcmxWbwF9pr6288c2RcToUR4IinpnHJKS6YPT+C hith5c8BKGbfQrUDeqa+mAsvExTv7f2KWkVdkfvhNBiTM8qdJeqnTOIk4qTNs1Xw 97nk5vjGOM0mo9mtEhnpQSyLQhGj0r2Icevq300L2BNGE/jB8yr4umq+hhHhzDoX 1Ef21hSDi/UR5AjESSIzeMW6IfBwTTn/I6lP0H3aM5GP53d6AkzaRmvbWARqOTin ga6TWOTIdju3cxWTD2USTp14Mu9TOrGGrW+FfNra07PvmdHi3T1FT3f/lnnI8bQt Pqf+0Z+TLBCwXLuNJgmSXmzWUm5EuNZRHFGEHXkkr+YzlmMoujCvL+tTTYNpk2C8 hYW4frhUSjg+KPNYlpksEKsN68+/5f9WsfvKuLcTbAQfyZRXjOfHiyoIyuYsKSl8 JPOtP23nSF1mDGMumG6H1hkuHjrj2fPiuZS0erN2F/z1iQKKu+D2NXRAlChjZmND PtslOmz4bvpNDqHSFj5FcTxqquCDgtWH442LRtNIv6zgIy83HWvxt3rVAjl/QLt9 /FE5T25CfBXHErUDQ//eqDmjNceWOiV0G2+1JjHzaqWa2r7kGfC2JIyHtxh1Ym/V awOoPIvTriZELw0NSLQTQBcxwmGMOt3Q2uaT9YDDvl1/6F6IT9Q= =mZRm -----END PGP SIGNATURE-----
--vKmlIliI4sOVOvSR--
|