[gentoo-announce] [ GLSA 202104-08 ] Chromium, Google Chrome: Multiple vulnerabilities

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – Gentoo Linux Security Advisory GLSA 202104-08 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – security.gentoo.org/ – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Severity: Normal Title: Chromium, Google Chrome: Multiple vulnerabilities Date: April 30, 2021 Bugs: #768459, #768831, #771012, #774015, #776181, #779493, #782802, #782970, #784554, #785889 ID: 202104-08
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Synopsis ========
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages =================
——————————————————————- Package / Vulnerable / Unaffected ——————————————————————- 1 www-client/chromium < 90.0.4430.93 >= 90.0.4430.93 2 www-client/google-chrome < 90.0.4430.93 >= 90.0.4430.93 ——————————————————————- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge –sync # emerge –ask –oneshot -v “>=www-client/chromium-90.0.4430.93”
All Google Chrome users should upgrade to the latest version:
# emerge –sync # emerge –ask –oneshot -v “>=www-client/google-chrome-90.0.4430.93”
References ==========
[ 1 ] CVE-2021-21142 nvd.nist.gov/vuln/detail/CVE-2021-21142 [ 2 ] CVE-2021-21143 nvd.nist.gov/vuln/detail/CVE-2021-21143 [ 3 ] CVE-2021-21144 nvd.nist.gov/vuln/detail/CVE-2021-21144 [ 4 ] CVE-2021-21145 nvd.nist.gov/vuln/detail/CVE-2021-21145 [ 5 ] CVE-2021-21146 nvd.nist.gov/vuln/detail/CVE-2021-21146 [ 6 ] CVE-2021-21147 nvd.nist.gov/vuln/detail/CVE-2021-21147 [ 7 ] CVE-2021-21148 nvd.nist.gov/vuln/detail/CVE-2021-21148 [ 8 ] CVE-2021-21149 nvd.nist.gov/vuln/detail/CVE-2021-21149 [ 9 ] CVE-2021-21150 nvd.nist.gov/vuln/detail/CVE-2021-21150 [ 10 ] CVE-2021-21151 nvd.nist.gov/vuln/detail/CVE-2021-21151 [ 11 ] CVE-2021-21152 nvd.nist.gov/vuln/detail/CVE-2021-21152 [ 12 ] CVE-2021-21153 nvd.nist.gov/vuln/detail/CVE-2021-21153 [ 13 ] CVE-2021-21154 nvd.nist.gov/vuln/detail/CVE-2021-21154 [ 14 ] CVE-2021-21155 nvd.nist.gov/vuln/detail/CVE-2021-21155 [ 15 ] CVE-2021-21156 nvd.nist.gov/vuln/detail/CVE-2021-21156 [ 16 ] CVE-2021-21157 nvd.nist.gov/vuln/detail/CVE-2021-21157 [ 17 ] CVE-2021-21159 nvd.nist.gov/vuln/detail/CVE-2021-21159 [ 18 ] CVE-2021-21160 nvd.nist.gov/vuln/detail/CVE-2021-21160 [ 19 ] CVE-2021-21161 nvd.nist.gov/vuln/detail/CVE-2021-21161 [ 20 ] CVE-2021-21162 nvd.nist.gov/vuln/detail/CVE-2021-21162 [ 21 ] CVE-2021-21163 nvd.nist.gov/vuln/detail/CVE-2021-21163 [ 22 ] CVE-2021-21165 nvd.nist.gov/vuln/detail/CVE-2021-21165 [ 23 ] CVE-2021-21166 nvd.nist.gov/vuln/detail/CVE-2021-21166 [ 24 ] CVE-2021-21167 nvd.nist.gov/vuln/detail/CVE-2021-21167 [ 25 ] CVE-2021-21168 nvd.nist.gov/vuln/detail/CVE-2021-21168 [ 26 ] CVE-2021-21169 nvd.nist.gov/vuln/detail/CVE-2021-21169 [ 27 ] CVE-2021-21170 nvd.nist.gov/vuln/detail/CVE-2021-21170 [ 28 ] CVE-2021-21171 nvd.nist.gov/vuln/detail/CVE-2021-21171 [ 29 ] CVE-2021-21172 nvd.nist.gov/vuln/detail/CVE-2021-21172 [ 30 ] CVE-2021-21173 nvd.nist.gov/vuln/detail/CVE-2021-21173 [ 31 ] CVE-2021-21174 nvd.nist.gov/vuln/detail/CVE-2021-21174 [ 32 ] CVE-2021-21175 nvd.nist.gov/vuln/detail/CVE-2021-21175 [ 33 ] CVE-2021-21176 nvd.nist.gov/vuln/detail/CVE-2021-21176 [ 34 ] CVE-2021-21177 nvd.nist.gov/vuln/detail/CVE-2021-21177 [ 35 ] CVE-2021-21178 nvd.nist.gov/vuln/detail/CVE-2021-21178 [ 36 ] CVE-2021-21179 nvd.nist.gov/vuln/detail/CVE-2021-21179 [ 37 ] CVE-2021-21180 nvd.nist.gov/vuln/detail/CVE-2021-21180 [ 38 ] CVE-2021-21181 nvd.nist.gov/vuln/detail/CVE-2021-21181 [ 39 ] CVE-2021-21182 nvd.nist.gov/vuln/detail/CVE-2021-21182 [ 40 ] CVE-2021-21183 nvd.nist.gov/vuln/detail/CVE-2021-21183 [ 41 ] CVE-2021-21184 nvd.nist.gov/vuln/detail/CVE-2021-21184 [ 42 ] CVE-2021-21185 nvd.nist.gov/vuln/detail/CVE-2021-21185 [ 43 ] CVE-2021-21186 nvd.nist.gov/vuln/detail/CVE-2021-21186 [ 44 ] CVE-2021-21187 nvd.nist.gov/vuln/detail/CVE-2021-21187 [ 45 ] CVE-2021-21188 nvd.nist.gov/vuln/detail/CVE-2021-21188 [ 46 ] CVE-2021-21189 nvd.nist.gov/vuln/detail/CVE-2021-21189 [ 47 ] CVE-2021-2119 nvd.nist.gov/vuln/detail/CVE-2021-2119 [ 48 ] CVE-2021-21191 nvd.nist.gov/vuln/detail/CVE-2021-21191 [ 49 ] CVE-2021-21192 nvd.nist.gov/vuln/detail/CVE-2021-21192 [ 50 ] CVE-2021-21193 nvd.nist.gov/vuln/detail/CVE-2021-21193 [ 51 ] CVE-2021-21194 nvd.nist.gov/vuln/detail/CVE-2021-21194 [ 52 ] CVE-2021-21195 nvd.nist.gov/vuln/detail/CVE-2021-21195 [ 53 ] CVE-2021-21196 nvd.nist.gov/vuln/detail/CVE-2021-21196 [ 54 ] CVE-2021-21197 nvd.nist.gov/vuln/detail/CVE-2021-21197 [ 55 ] CVE-2021-21198 nvd.nist.gov/vuln/detail/CVE-2021-21198 [ 56 ] CVE-2021-21199 nvd.nist.gov/vuln/detail/CVE-2021-21199 [ 57 ] CVE-2021-21201 nvd.nist.gov/vuln/detail/CVE-2021-21201 [ 58 ] CVE-2021-21202 nvd.nist.gov/vuln/detail/CVE-2021-21202 [ 59 ] CVE-2021-21203 nvd.nist.gov/vuln/detail/CVE-2021-21203 [ 60 ] CVE-2021-21204 nvd.nist.gov/vuln/detail/CVE-2021-21204 [ 61 ] CVE-2021-21205 nvd.nist.gov/vuln/detail/CVE-2021-21205 [ 62 ] CVE-2021-21206 nvd.nist.gov/vuln/detail/CVE-2021-21206 [ 63 ] CVE-2021-21207 nvd.nist.gov/vuln/detail/CVE-2021-21207 [ 64 ] CVE-2021-21208 nvd.nist.gov/vuln/detail/CVE-2021-21208 [ 65 ] CVE-2021-21209 nvd.nist.gov/vuln/detail/CVE-2021-21209 [ 66 ] CVE-2021-21210 nvd.nist.gov/vuln/detail/CVE-2021-21210 [ 67 ] CVE-2021-21211 nvd.nist.gov/vuln/detail/CVE-2021-21211 [ 68 ] CVE-2021-21212 nvd.nist.gov/vuln/detail/CVE-2021-21212 [ 69 ] CVE-2021-21213 nvd.nist.gov/vuln/detail/CVE-2021-21213 [ 70 ] CVE-2021-21214 nvd.nist.gov/vuln/detail/CVE-2021-21214 [ 71 ] CVE-2021-21215 nvd.nist.gov/vuln/detail/CVE-2021-21215 [ 72 ] CVE-2021-21216 nvd.nist.gov/vuln/detail/CVE-2021-21216 [ 73 ] CVE-2021-21217 nvd.nist.gov/vuln/detail/CVE-2021-21217 [ 74 ] CVE-2021-21218 nvd.nist.gov/vuln/detail/CVE-2021-21218 [ 75 ] CVE-2021-21219 nvd.nist.gov/vuln/detail/CVE-2021-21219 [ 76 ] CVE-2021-21220 nvd.nist.gov/vuln/detail/CVE-2021-21220 [ 77 ] CVE-2021-21221 nvd.nist.gov/vuln/detail/CVE-2021-21221 [ 78 ] CVE-2021-21222 nvd.nist.gov/vuln/detail/CVE-2021-21222 [ 79 ] CVE-2021-21223 nvd.nist.gov/vuln/detail/CVE-2021-21223 [ 80 ] CVE-2021-21224 nvd.nist.gov/vuln/detail/CVE-2021-21224 [ 81 ] CVE-2021-21225 nvd.nist.gov/vuln/detail/CVE-2021-21225 [ 82 ] CVE-2021-21226 nvd.nist.gov/vuln/detail/CVE-2021-21226 [ 83 ] CVE-2021-21227 nvd.nist.gov/vuln/detail/CVE-2021-21227 [ 84 ] CVE-2021-21228 nvd.nist.gov/vuln/detail/CVE-2021-21228 [ 85 ] CVE-2021-21229 nvd.nist.gov/vuln/detail/CVE-2021-21229 [ 86 ] CVE-2021-21230 nvd.nist.gov/vuln/detail/CVE-2021-21230 [ 87 ] CVE-2021-21231 nvd.nist.gov/vuln/detail/CVE-2021-21231 [ 88 ] CVE-2021-21232 nvd.nist.gov/vuln/detail/CVE-2021-21232 [ 89 ] CVE-2021-21233 nvd.nist.gov/vuln/detail/CVE-2021-21233
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
security.gentoo.org/glsa/202104-08
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users’ machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at bugs.gentoo.org.
License =======
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons – Attribution / Share Alike license.
creativecommons.org/licenses/by-sa/2.5