Gentoo: GLSA-202107-06: Chromium, Google Chrome: Multiple vulnerabilities
Summary
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Resolution
All Google Chrome users should upgrade to the latest version:
# emerge --sync
# emerge -a --oneshot -v ">=www-client/google-chrome-91.0.4472.114"
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-91.0.4472.114"
References
[ 1 ] CVE-2021-30506 https://nvd.nist.gov/vuln/detail/CVE-2021-30506 [ 2 ] CVE-2021-30507 https://nvd.nist.gov/vuln/detail/CVE-2021-30507 [ 3 ] CVE-2021-30508 https://nvd.nist.gov/vuln/detail/CVE-2021-30508 [ 4 ] CVE-2021-30509 https://nvd.nist.gov/vuln/detail/CVE-2021-30509 [ 5 ] CVE-2021-30510 https://nvd.nist.gov/vuln/detail/CVE-2021-30510 [ 6 ] CVE-2021-30511 https://nvd.nist.gov/vuln/detail/CVE-2021-30511 [ 7 ] CVE-2021-30512 https://nvd.nist.gov/vuln/detail/CVE-2021-30512 [ 8 ] CVE-2021-30513 https://nvd.nist.gov/vuln/detail/CVE-2021-30513 [ 9 ] CVE-2021-30514 https://nvd.nist.gov/vuln/detail/CVE-2021-30514 [ 10 ] CVE-2021-30515 https://nvd.nist.gov/vuln/detail/CVE-2021-30515 [ 11 ] CVE-2021-30516 https://nvd.nist.gov/vuln/detail/CVE-2021-30516 [ 12 ] CVE-2021-30517 https://nvd.nist.gov/vuln/detail/CVE-2021-30517 [ 13 ] CVE-2021-30518 https://nvd.nist.gov/vuln/detail/CVE-2021-30518 [ 14 ] CVE-2021-30519 https://nvd.nist.gov/vuln/detail/CVE-2021-30519 [ 15 ] CVE-2021-30520 https://nvd.nist.gov/vuln/detail/CVE-2021-30520 [ 16 ] CVE-2021-30521 https://nvd.nist.gov/vuln/detail/CVE-2021-30521 [ 17 ] CVE-2021-30522 https://nvd.nist.gov/vuln/detail/CVE-2021-30522 [ 18 ] CVE-2021-30523 https://nvd.nist.gov/vuln/detail/CVE-2021-30523 [ 19 ] CVE-2021-30524 https://nvd.nist.gov/vuln/detail/CVE-2021-30524 [ 20 ] CVE-2021-30525 https://nvd.nist.gov/vuln/detail/CVE-2021-30525 [ 21 ] CVE-2021-30526 https://nvd.nist.gov/vuln/detail/CVE-2021-30526 [ 22 ] CVE-2021-30527 https://nvd.nist.gov/vuln/detail/CVE-2021-30527 [ 23 ] CVE-2021-30528 https://nvd.nist.gov/vuln/detail/CVE-2021-30528 [ 24 ] CVE-2021-30530 https://nvd.nist.gov/vuln/detail/CVE-2021-30530 [ 25 ] CVE-2021-30531 https://nvd.nist.gov/vuln/detail/CVE-2021-30531 [ 26 ] CVE-2021-30532 https://nvd.nist.gov/vuln/detail/CVE-2021-30532 [ 27 ] CVE-2021-30533 https://nvd.nist.gov/vuln/detail/CVE-2021-30533 [ 28 ] CVE-2021-30534 https://nvd.nist.gov/vuln/detail/CVE-2021-30534 [ 29 ] CVE-2021-30536 https://nvd.nist.gov/vuln/detail/CVE-2021-30536 [ 30 ] CVE-2021-30537 https://nvd.nist.gov/vuln/detail/CVE-2021-30537 [ 31 ] CVE-2021-30538 https://nvd.nist.gov/vuln/detail/CVE-2021-30538 [ 32 ] CVE-2021-30539 https://nvd.nist.gov/vuln/detail/CVE-2021-30539 [ 33 ] CVE-2021-30540 https://nvd.nist.gov/vuln/detail/CVE-2021-30540 [ 34 ] CVE-2021-30544 https://nvd.nist.gov/vuln/detail/CVE-2021-30544 [ 35 ] CVE-2021-30545 https://nvd.nist.gov/vuln/detail/CVE-2021-30545 [ 36 ] CVE-2021-30546 https://nvd.nist.gov/vuln/detail/CVE-2021-30546 [ 37 ] CVE-2021-30548 https://nvd.nist.gov/vuln/detail/CVE-2021-30548 [ 38 ] CVE-2021-30549 https://nvd.nist.gov/vuln/detail/CVE-2021-30549 [ 39 ] CVE-2021-30550 https://nvd.nist.gov/vuln/detail/CVE-2021-30550 [ 40 ] CVE-2021-30551 https://nvd.nist.gov/vuln/detail/CVE-2021-30551 [ 41 ] CVE-2021-30552 https://nvd.nist.gov/vuln/detail/CVE-2021-30552 [ 42 ] CVE-2021-30553 https://nvd.nist.gov/vuln/detail/CVE-2021-30553 [ 43 ] CVE-2021-30554 https://nvd.nist.gov/vuln/detail/CVE-2021-30554 [ 44 ] CVE-2021-30555 https://nvd.nist.gov/vuln/detail/CVE-2021-30555 [ 45 ] CVE-2021-30556 https://nvd.nist.gov/vuln/detail/CVE-2021-30556 [ 46 ] CVE-2021-30557 https://nvd.nist.gov/vuln/detail/CVE-2021-30557
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202107-06
Concerns
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
Synopsis
Multiple vulnerabillities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.
Background
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your
devices.
Affected Packages
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/google-chrome < 91.0.4472.114 >= 91.0.4472.114 2 www-client/chromium < 91.0.4472.114 >= 91.0.4472.114 ------------------------------------------------------------------- 2 affected packages
Impact
===== A remote attacker could execute arbitrary code, escalate privileges, obtain sensitive information, spoof a URL or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.