[gentoo-announce] [ GLSA 202201-02 ] Chromium, Google Chrome: Multiple vulnerabilities

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – Gentoo Linux Security Advisory GLSA 202201-02 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – security.gentoo.org/ – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Severity: High Title: Chromium, Google Chrome: Multiple vulnerabilities Date: January 31, 2022 Bugs: #803167, #806223, #808715, #811348, #813035, #814221, #814617, #815673, #816984, #819054, #820689, #824274, #829190, #830642, #831624 ID: 202201-02
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Synopsis ========
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one, fast, simple, and secure browser for all your devices.
Affected packages =================
——————————————————————- Package / Vulnerable / Unaffected ——————————————————————- 1 www-client/google-chrome < 97.0.4692.99 >= 97.0.4692.99 2 www-client/chromium < 97.0.4692.99 >= 97.0.4692.99
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge –sync # emerge –ask –oneshot –verbose >=www-client/chromium-97.0.4692.99
All Google Chrome users should upgrade to the latest version:
# emerge –sync # emerge –ask –oneshot –verbose >=www-client/google-chrome-97.0.4692.99
References ==========
[ 1 ] CVE-2021-30593 nvd.nist.gov/vuln/detail/CVE-2021-30593 [ 2 ] CVE-2022-0292 nvd.nist.gov/vuln/detail/CVE-2022-0292 [ 3 ] CVE-2022-0118 nvd.nist.gov/vuln/detail/CVE-2022-0118 [ 4 ] CVE-2022-0112 nvd.nist.gov/vuln/detail/CVE-2022-0112 [ 5 ] CVE-2021-30625 nvd.nist.gov/vuln/detail/CVE-2021-30625 [ 6 ] CVE-2021-37975 nvd.nist.gov/vuln/detail/CVE-2021-37975 [ 7 ] CVE-2021-38014 nvd.nist.gov/vuln/detail/CVE-2021-38014 [ 8 ] CVE-2021-30606 nvd.nist.gov/vuln/detail/CVE-2021-30606 [ 9 ] CVE-2021-37989 nvd.nist.gov/vuln/detail/CVE-2021-37989 [ 10 ] CVE-2022-0296 nvd.nist.gov/vuln/detail/CVE-2022-0296 [ 11 ] CVE-2021-37981 nvd.nist.gov/vuln/detail/CVE-2021-37981 [ 12 ] CVE-2022-0310 nvd.nist.gov/vuln/detail/CVE-2022-0310 [ 13 ] CVE-2021-37963 nvd.nist.gov/vuln/detail/CVE-2021-37963 [ 14 ] CVE-2022-0309 nvd.nist.gov/vuln/detail/CVE-2022-0309 [ 15 ] CVE-2021-30584 nvd.nist.gov/vuln/detail/CVE-2021-30584 [ 16 ] CVE-2022-0289 nvd.nist.gov/vuln/detail/CVE-2022-0289 [ 17 ] CVE-2021-30611 nvd.nist.gov/vuln/detail/CVE-2021-30611 [ 18 ] CVE-2021-37965 nvd.nist.gov/vuln/detail/CVE-2021-37965 [ 19 ] CVE-2021-38003 nvd.nist.gov/vuln/detail/CVE-2021-38003 [ 20 ] CVE-2021-37968 nvd.nist.gov/vuln/detail/CVE-2021-37968 [ 21 ] CVE-2022-0305 nvd.nist.gov/vuln/detail/CVE-2022-0305 [ 22 ] CVE-2021-30598 nvd.nist.gov/vuln/detail/CVE-2021-30598 [ 23 ] CVE-2021-37973 nvd.nist.gov/vuln/detail/CVE-2021-37973 [ 24 ] CVE-2022-0295 nvd.nist.gov/vuln/detail/CVE-2022-0295 [ 25 ] CVE-2022-0304 nvd.nist.gov/vuln/detail/CVE-2022-0304 [ 26 ] CVE-2021-30622 nvd.nist.gov/vuln/detail/CVE-2021-30622 [ 27 ] CVE-2021-30591 nvd.nist.gov/vuln/detail/CVE-2021-30591 [ 28 ] CVE-2021-37967 nvd.nist.gov/vuln/detail/CVE-2021-37967 [ 29 ] CVE-2022-0109 nvd.nist.gov/vuln/detail/CVE-2022-0109 [ 30 ] CVE-2021-30609 nvd.nist.gov/vuln/detail/CVE-2021-30609 [ 31 ] CVE-2021-37984 nvd.nist.gov/vuln/detail/CVE-2021-37984 [ 32 ] CVE-2022-0297 nvd.nist.gov/vuln/detail/CVE-2022-0297 [ 33 ] CVE-2021-37959 nvd.nist.gov/vuln/detail/CVE-2021-37959 [ 34 ] CVE-2021-30613 nvd.nist.gov/vuln/detail/CVE-2021-30613 [ 35 ] CVE-2021-37976 nvd.nist.gov/vuln/detail/CVE-2021-37976 [ 36 ] CVE-2021-30603 nvd.nist.gov/vuln/detail/CVE-2021-30603 [ 37 ] CVE-2021-37970 nvd.nist.gov/vuln/detail/CVE-2021-37970 [ 38 ] CVE-2021-37983 nvd.nist.gov/vuln/detail/CVE-2021-37983 [ 39 ] CVE-2021-37992 nvd.nist.gov/vuln/detail/CVE-2021-37992 [ 40 ] CVE-2022-0290 nvd.nist.gov/vuln/detail/CVE-2022-0290 [ 41 ] CVE-2021-30587 nvd.nist.gov/vuln/detail/CVE-2021-30587 [ 42 ] CVE-2021-38016 nvd.nist.gov/vuln/detail/CVE-2021-38016 [ 43 ] CVE-2022-0302 nvd.nist.gov/vuln/detail/CVE-2022-0302 [ 44 ] CVE-2021-37962 nvd.nist.gov/vuln/detail/CVE-2021-37962 [ 45 ] CVE-2021-30599 nvd.nist.gov/vuln/detail/CVE-2021-30599 [ 46 ] CVE-2021-30607 nvd.nist.gov/vuln/detail/CVE-2021-30607 [ 47 ] CVE-2021-37998 nvd.nist.gov/vuln/detail/CVE-2021-37998 [ 48 ] CVE-2021-30602 nvd.nist.gov/vuln/detail/CVE-2021-30602 [ 49 ] CVE-2022-0114 nvd.nist.gov/vuln/detail/CVE-2022-0114 [ 50 ] CVE-2021-30610 nvd.nist.gov/vuln/detail/CVE-2021-30610 [ 51 ] CVE-2021-37990 nvd.nist.gov/vuln/detail/CVE-2021-37990 [ 52 ] CVE-2022-0293 nvd.nist.gov/vuln/detail/CVE-2022-0293 [ 53 ] CVE-2021-30627 nvd.nist.gov/vuln/detail/CVE-2021-30627 [ 54 ] CVE-2021-37994 nvd.nist.gov/vuln/detail/CVE-2021-37994 [ 55 ] CVE-2022-0303 nvd.nist.gov/vuln/detail/CVE-2022-0303 [ 56 ] CVE-2021-30626 nvd.nist.gov/vuln/detail/CVE-2021-30626 [ 57 ] CVE-2021-37988 nvd.nist.gov/vuln/detail/CVE-2021-37988 [ 58 ] CVE-2022-0311 nvd.nist.gov/vuln/detail/CVE-2022-0311 [ 59 ] CVE-2021-30586 nvd.nist.gov/vuln/detail/CVE-2021-30586 [ 60 ] CVE-2021-30624 nvd.nist.gov/vuln/detail/CVE-2021-30624 [ 61 ] CVE-2021-37991 nvd.nist.gov/vuln/detail/CVE-2021-37991 [ 62 ] CVE-2021-30594 nvd.nist.gov/vuln/detail/CVE-2021-30594 [ 63 ] CVE-2021-30616 nvd.nist.gov/vuln/detail/CVE-2021-30616 [ 64 ] CVE-2021-37986 nvd.nist.gov/vuln/detail/CVE-2021-37986 [ 65 ] CVE-2021-38012 nvd.nist.gov/vuln/detail/CVE-2021-38012 [ 66 ] CVE-2022-0298 nvd.nist.gov/vuln/detail/CVE-2022-0298 [ 67 ] CVE-2021-37978 nvd.nist.gov/vuln/detail/CVE-2021-37978 [ 68 ] CVE-2021-38001 nvd.nist.gov/vuln/detail/CVE-2021-38001 [ 69 ] CVE-2022-0110 nvd.nist.gov/vuln/detail/CVE-2022-0110 [ 70 ] CVE-2021-38011 nvd.nist.gov/vuln/detail/CVE-2021-38011 [ 71 ] CVE-2021-30583 nvd.nist.gov/vuln/detail/CVE-2021-30583 [ 72 ] CVE-2022-0306 nvd.nist.gov/vuln/detail/CVE-2022-0306 [ 73 ] CVE-2021-38013 nvd.nist.gov/vuln/detail/CVE-2021-38013 [ 74 ] CVE-2021-37993 nvd.nist.gov/vuln/detail/CVE-2021-37993 [ 75 ] CVE-2021-37979 nvd.nist.gov/vuln/detail/CVE-2021-37979 [ 76 ] CVE-2022-0301 nvd.nist.gov/vuln/detail/CVE-2022-0301 [ 77 ] CVE-2021-37999 nvd.nist.gov/vuln/detail/CVE-2021-37999 [ 78 ] CVE-2021-37977 nvd.nist.gov/vuln/detail/CVE-2021-37977 [ 79 ] CVE-2021-37995 nvd.nist.gov/vuln/detail/CVE-2021-37995 [ 80 ] CVE-2022-0117 nvd.nist.gov/vuln/detail/CVE-2022-0117 [ 81 ] CVE-2021-30592 nvd.nist.gov/vuln/detail/CVE-2021-30592 [ 82 ] CVE-2021-38018 nvd.nist.gov/vuln/detail/CVE-2021-38018 [ 83 ] CVE-2021-30612 nvd.nist.gov/vuln/detail/CVE-2021-30612 [ 84 ] CVE-2021-38006 nvd.nist.gov/vuln/detail/CVE-2021-38006 [ 85 ] CVE-2021-37982 nvd.nist.gov/vuln/detail/CVE-2021-37982 [ 86 ] CVE-2022-0300 nvd.nist.gov/vuln/detail/CVE-2022-0300 [ 87 ] CVE-2022-0113 nvd.nist.gov/vuln/detail/CVE-2022-0113 [ 88 ] CVE-2021-37971 nvd.nist.gov/vuln/detail/CVE-2021-37971 [ 89 ] CVE-2021-37987 nvd.nist.gov/vuln/detail/CVE-2021-37987 [ 90 ] CVE-2022-0308 nvd.nist.gov/vuln/detail/CVE-2022-0308 [ 91 ] CVE-2022-0115 nvd.nist.gov/vuln/detail/CVE-2022-0115 [ 92 ] CVE-2021-37961 nvd.nist.gov/vuln/detail/CVE-2021-37961 [ 93 ] CVE-2022-0111 nvd.nist.gov/vuln/detail/CVE-2022-0111 [ 94 ] CVE-2021-30618 nvd.nist.gov/vuln/detail/CVE-2021-30618 [ 95 ] CVE-2021-38005 nvd.nist.gov/vuln/detail/CVE-2021-38005 [ 96 ] CVE-2021-30600 nvd.nist.gov/vuln/detail/CVE-2021-30600 [ 97 ] CVE-2021-30615 nvd.nist.gov/vuln/detail/CVE-2021-30615 [ 98 ] CVE-2021-38017 nvd.nist.gov/vuln/detail/CVE-2021-38017 [ 99 ] CVE-2022-0291 nvd.nist.gov/vuln/detail/CVE-2022-0291 [ 100 ] CVE-2021-30597 nvd.nist.gov/vuln/detail/CVE-2021-30597 [ 101 ] CVE-2021-30608 nvd.nist.gov/vuln/detail/CVE-2021-30608 [ 102 ] CVE-2022-0294 nvd.nist.gov/vuln/detail/CVE-2022-0294 [ 103 ] CVE-2021-30588 nvd.nist.gov/vuln/detail/CVE-2021-30588 [ 104 ] CVE-2022-0307 nvd.nist.gov/vuln/detail/CVE-2022-0307 [ 105 ] CVE-2021-37966 nvd.nist.gov/vuln/detail/CVE-2021-37966 [ 106 ] CVE-2021-30596 nvd.nist.gov/vuln/detail/CVE-2021-30596 [ 107 ] CVE-2021-30614 nvd.nist.gov/vuln/detail/CVE-2021-30614 [ 108 ] CVE-2021-37960 nvd.nist.gov/vuln/detail/CVE-2021-37960 [ 109 ] CVE-2021-30590 nvd.nist.gov/vuln/detail/CVE-2021-30590 [ 110 ] CVE-2021-37997 nvd.nist.gov/vuln/detail/CVE-2021-37997 [ 111 ] CVE-2021-38007 nvd.nist.gov/vuln/detail/CVE-2021-38007 [ 112 ] CVE-2021-30601 nvd.nist.gov/vuln/detail/CVE-2021-30601 [ 113 ] CVE-2021-38000 nvd.nist.gov/vuln/detail/CVE-2021-38000 [ 114 ] CVE-2021-38008 nvd.nist.gov/vuln/detail/CVE-2021-38008 [ 115 ] CVE-2021-30617 nvd.nist.gov/vuln/detail/CVE-2021-30617 [ 116 ] CVE-2021-37985 nvd.nist.gov/vuln/detail/CVE-2021-37985 [ 117 ] CVE-2022-0116 nvd.nist.gov/vuln/detail/CVE-2022-0116 [ 118 ] CVE-2021-30589 nvd.nist.gov/vuln/detail/CVE-2021-30589 [ 119 ] CVE-2021-30620 nvd.nist.gov/vuln/detail/CVE-2021-30620 [ 120 ] CVE-2021-37974 nvd.nist.gov/vuln/detail/CVE-2021-37974 [ 121 ] CVE-2021-38002 nvd.nist.gov/vuln/detail/CVE-2021-38002 [ 122 ] CVE-2021-37958 nvd.nist.gov/vuln/detail/CVE-2021-37958 [ 123 ] CVE-2021-38015 nvd.nist.gov/vuln/detail/CVE-2021-38015 [ 124 ] CVE-2022-0120 nvd.nist.gov/vuln/detail/CVE-2022-0120 [ 125 ] CVE-2021-30585 nvd.nist.gov/vuln/detail/CVE-2021-30585 [ 126 ] CVE-2021-30604 nvd.nist.gov/vuln/detail/CVE-2021-30604 [ 127 ] CVE-2021-30582 nvd.nist.gov/vuln/detail/CVE-2021-30582 [ 128 ] CVE-2021-38009 nvd.nist.gov/vuln/detail/CVE-2021-38009 [ 129 ] CVE-2021-38010 nvd.nist.gov/vuln/detail/CVE-2021-38010 [ 130 ] CVE-2021-37957 nvd.nist.gov/vuln/detail/CVE-2021-37957 [ 131 ] CVE-2021-30628 nvd.nist.gov/vuln/detail/CVE-2021-30628 [ 132 ] CVE-2021-30572 nvd.nist.gov/vuln/detail/CVE-2021-30572 [ 133 ] CVE-2021-38020 nvd.nist.gov/vuln/detail/CVE-2021-38020 [ 134 ] CVE-2022-0096 nvd.nist.gov/vuln/detail/CVE-2022-0096 [ 135 ] CVE-2021-4099 nvd.nist.gov/vuln/detail/CVE-2021-4099 [ 136 ] CVE-2021-30578 nvd.nist.gov/vuln/detail/CVE-2021-30578 [ 137 ] CVE-2021-30629 nvd.nist.gov/vuln/detail/CVE-2021-30629 [ 138 ] CVE-2021-38021 nvd.nist.gov/vuln/detail/CVE-2021-38021 [ 139 ] CVE-2022-0108 nvd.nist.gov/vuln/detail/CVE-2022-0108 [ 140 ] CVE-2021-30577 nvd.nist.gov/vuln/detail/CVE-2021-30577 [ 141 ] CVE-2021-30569 nvd.nist.gov/vuln/detail/CVE-2021-30569 [ 142 ] CVE-2021-37956 nvd.nist.gov/vuln/detail/CVE-2021-37956 [ 143 ] CVE-2022-0100 nvd.nist.gov/vuln/detail/CVE-2022-0100 [ 144 ] CVE-2021-30579 nvd.nist.gov/vuln/detail/CVE-2021-30579 [ 145 ] CVE-2022-0104 nvd.nist.gov/vuln/detail/CVE-2022-0104 [ 146 ] CVE-2022-0106 nvd.nist.gov/vuln/detail/CVE-2022-0106 [ 147 ] CVE-2022-0103 nvd.nist.gov/vuln/detail/CVE-2022-0103 [ 148 ] CVE-2021-4098 nvd.nist.gov/vuln/detail/CVE-2021-4098 [ 149 ] CVE-2021-30565 nvd.nist.gov/vuln/detail/CVE-2021-30565 [ 150 ] CVE-2021-30573 nvd.nist.gov/vuln/detail/CVE-2021-30573 [ 151 ] CVE-2021-4100 nvd.nist.gov/vuln/detail/CVE-2021-4100 [ 152 ] CVE-2021-30568 nvd.nist.gov/vuln/detail/CVE-2021-30568 [ 153 ] CVE-2022-0102 nvd.nist.gov/vuln/detail/CVE-2022-0102 [ 154 ] CVE-2021-30621 nvd.nist.gov/vuln/detail/CVE-2021-30621 [ 155 ] CVE-2021-30631 nvd.nist.gov/vuln/detail/CVE-2021-30631 [ 156 ] CVE-2022-0098 nvd.nist.gov/vuln/detail/CVE-2022-0098 [ 157 ] CVE-2021-38022 nvd.nist.gov/vuln/detail/CVE-2021-38022 [ 158 ] CVE-2022-0099 nvd.nist.gov/vuln/detail/CVE-2022-0099 [ 159 ] CVE-2021-30566 nvd.nist.gov/vuln/detail/CVE-2021-30566 [ 160 ] CVE-2021-37996 nvd.nist.gov/vuln/detail/CVE-2021-37996 [ 161 ] CVE-2021-38019 nvd.nist.gov/vuln/detail/CVE-2021-38019 [ 162 ] CVE-2021-30575 nvd.nist.gov/vuln/detail/CVE-2021-30575 [ 163 ] CVE-2021-30581 nvd.nist.gov/vuln/detail/CVE-2021-30581 [ 164 ] CVE-2021-30571 nvd.nist.gov/vuln/detail/CVE-2021-30571 [ 165 ] CVE-2021-30633 nvd.nist.gov/vuln/detail/CVE-2021-30633 [ 166 ] CVE-2021-4101 nvd.nist.gov/vuln/detail/CVE-2021-4101 [ 167 ] CVE-2022-0107 nvd.nist.gov/vuln/detail/CVE-2022-0107 [ 168 ] CVE-2021-30632 nvd.nist.gov/vuln/detail/CVE-2021-30632 [ 169 ] CVE-2021-30574 nvd.nist.gov/vuln/detail/CVE-2021-30574 [ 170 ] CVE-2021-30580 nvd.nist.gov/vuln/detail/CVE-2021-30580 [ 171 ] CVE-2022-0101 nvd.nist.gov/vuln/detail/CVE-2022-0101 [ 172 ] CVE-2021-4102 nvd.nist.gov/vuln/detail/CVE-2021-4102 [ 173 ] CVE-2021-30567 nvd.nist.gov/vuln/detail/CVE-2021-30567 [ 174 ] CVE-2022-0105 nvd.nist.gov/vuln/detail/CVE-2022-0105 [ 175 ] CVE-2022-0097 nvd.nist.gov/vuln/detail/CVE-2022-0097 [ 176 ] CVE-2021-30619 nvd.nist.gov/vuln/detail/CVE-2021-30619 [ 177 ] CVE-2021-30576 nvd.nist.gov/vuln/detail/CVE-2021-30576 [ 178 ] CVE-2021-30630 nvd.nist.gov/vuln/detail/CVE-2021-30630 [ 179 ] CVE-2021-30623 nvd.nist.gov/vuln/detail/CVE-2021-30623
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
security.gentoo.org/glsa/202201-02
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users’ machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at bugs.gentoo.org.
License =======
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons – Attribution / Share Alike license.
creativecommons.org/licenses/by-sa/2.5