- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 202208-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
     Date: August 14, 2022
     Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372
       ID: 202208-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Chromium and its
derivatives, the worst of which could result in remote code execution.

Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.

Affected packages
================
    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  dev-qt/qtwebengine         < 5.15.5_p20220618>= 5.15.5_p20220618
  2  www-client/chromium        < 103.0.5060.53      >= 103.0.5060.53
  3  www-client/google-chrome   < 103.0.5060.53      >= 103.0.5060.53
  4  www-client/microsoft-edge  < 101.0.1210.47      >= 101.0.1210.47

Description
==========
Multiple vulnerabilities have been discovered in Chromium and its
derivatives. Please review the CVE identifiers referenced below for
details.

Impact
=====
Please review the referenced CVE identifiers for details.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All Chromium binary users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"

All Microsoft Edge users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All QtWebEngine users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.5_p20220618"

References
=========
[ 1 ] CVE-2021-4052
      https://nvd.nist.gov/vuln/detail/CVE-2021-4052
[ 2 ] CVE-2021-4053
      https://nvd.nist.gov/vuln/detail/CVE-2021-4053
[ 3 ] CVE-2021-4054
      https://nvd.nist.gov/vuln/detail/CVE-2021-4054
[ 4 ] CVE-2021-4055
      https://nvd.nist.gov/vuln/detail/CVE-2021-4055
[ 5 ] CVE-2021-4056
      https://nvd.nist.gov/vuln/detail/CVE-2021-4056
[ 6 ] CVE-2021-4057
      https://nvd.nist.gov/vuln/detail/CVE-2021-4057
[ 7 ] CVE-2021-4058
      https://nvd.nist.gov/vuln/detail/CVE-2021-4058
[ 8 ] CVE-2021-4059
      https://nvd.nist.gov/vuln/detail/CVE-2021-4059
[ 9 ] CVE-2021-4061
      https://nvd.nist.gov/vuln/detail/CVE-2021-4061
[ 10 ] CVE-2021-4062
      https://nvd.nist.gov/vuln/detail/CVE-2021-4062
[ 11 ] CVE-2021-4063
      https://nvd.nist.gov/vuln/detail/CVE-2021-4063
[ 12 ] CVE-2021-4064
      https://nvd.nist.gov/vuln/detail/CVE-2021-4064
[ 13 ] CVE-2021-4065
      https://nvd.nist.gov/vuln/detail/CVE-2021-4065
[ 14 ] CVE-2021-4066
      https://nvd.nist.gov/vuln/detail/CVE-2021-4066
[ 15 ] CVE-2021-4067
      https://nvd.nist.gov/vuln/detail/CVE-2021-4067
[ 16 ] CVE-2021-4068
      https://nvd.nist.gov/vuln/detail/CVE-2021-4068
[ 17 ] CVE-2021-4078
      https://nvd.nist.gov/vuln/detail/CVE-2021-4078
[ 18 ] CVE-2021-4079
      https://nvd.nist.gov/vuln/detail/CVE-2021-4079
[ 19 ] CVE-2021-30551
      https://nvd.nist.gov/vuln/detail/CVE-2021-30551
[ 20 ] CVE-2022-0789
      https://nvd.nist.gov/vuln/detail/CVE-2022-0789
[ 21 ] CVE-2022-0790
      https://nvd.nist.gov/vuln/detail/CVE-2022-0790
[ 22 ] CVE-2022-0791
      https://nvd.nist.gov/vuln/detail/CVE-2022-0791
[ 23 ] CVE-2022-0792
      https://nvd.nist.gov/vuln/detail/CVE-2022-0792
[ 24 ] CVE-2022-0793
      https://nvd.nist.gov/vuln/detail/CVE-2022-0793
[ 25 ] CVE-2022-0794
      https://nvd.nist.gov/vuln/detail/CVE-2022-0794
[ 26 ] CVE-2022-0795
      https://nvd.nist.gov/vuln/detail/CVE-2022-0795
[ 27 ] CVE-2022-0796
      https://nvd.nist.gov/vuln/detail/CVE-2022-0796
[ 28 ] CVE-2022-0797
      https://nvd.nist.gov/vuln/detail/CVE-2022-0797
[ 29 ] CVE-2022-0798
      https://nvd.nist.gov/vuln/detail/CVE-2022-0798
[ 30 ] CVE-2022-0799
      https://nvd.nist.gov/vuln/detail/CVE-2022-0799
[ 31 ] CVE-2022-0800
      https://nvd.nist.gov/vuln/detail/CVE-2022-0800
[ 32 ] CVE-2022-0801
      https://nvd.nist.gov/vuln/detail/CVE-2022-0801
[ 33 ] CVE-2022-0802
      https://nvd.nist.gov/vuln/detail/CVE-2022-0802
[ 34 ] CVE-2022-0803
      https://nvd.nist.gov/vuln/detail/CVE-2022-0803
[ 35 ] CVE-2022-0804
      https://nvd.nist.gov/vuln/detail/CVE-2022-0804
[ 36 ] CVE-2022-0805
      https://nvd.nist.gov/vuln/detail/CVE-2022-0805
[ 37 ] CVE-2022-0806
      https://nvd.nist.gov/vuln/detail/CVE-2022-0806
[ 38 ] CVE-2022-0807
      https://nvd.nist.gov/vuln/detail/CVE-2022-0807
[ 39 ] CVE-2022-0808
      https://nvd.nist.gov/vuln/detail/CVE-2022-0808
[ 40 ] CVE-2022-0809
      https://nvd.nist.gov/vuln/detail/CVE-2022-0809
[ 41 ] CVE-2022-0971
      https://nvd.nist.gov/vuln/detail/CVE-2022-0971
[ 42 ] CVE-2022-0972
      https://nvd.nist.gov/vuln/detail/CVE-2022-0972
[ 43 ] CVE-2022-0973
      https://nvd.nist.gov/vuln/detail/CVE-2022-0973
[ 44 ] CVE-2022-0974
      https://nvd.nist.gov/vuln/detail/CVE-2022-0974
[ 45 ] CVE-2022-0975
      https://nvd.nist.gov/vuln/detail/CVE-2022-0975
[ 46 ] CVE-2022-0976
      https://nvd.nist.gov/vuln/detail/CVE-2022-0976
[ 47 ] CVE-2022-0977
      https://nvd.nist.gov/vuln/detail/CVE-2022-0977
[ 48 ] CVE-2022-0978
      https://nvd.nist.gov/vuln/detail/CVE-2022-0978
[ 49 ] CVE-2022-0979
      https://nvd.nist.gov/vuln/detail/CVE-2022-0979
[ 50 ] CVE-2022-0980
      https://nvd.nist.gov/vuln/detail/CVE-2022-0980
[ 51 ] CVE-2022-1096
      https://nvd.nist.gov/vuln/detail/CVE-2022-1096
[ 52 ] CVE-2022-1125
      https://nvd.nist.gov/vuln/detail/CVE-2022-1125
[ 53 ] CVE-2022-1127
      https://nvd.nist.gov/vuln/detail/CVE-2022-1127
[ 54 ] CVE-2022-1128
      https://nvd.nist.gov/vuln/detail/CVE-2022-1128
[ 55 ] CVE-2022-1129
      https://nvd.nist.gov/vuln/detail/CVE-2022-1129
[ 56 ] CVE-2022-1130
      https://nvd.nist.gov/vuln/detail/CVE-2022-1130
[ 57 ] CVE-2022-1131
      https://nvd.nist.gov/vuln/detail/CVE-2022-1131
[ 58 ] CVE-2022-1132
      https://nvd.nist.gov/vuln/detail/CVE-2022-1132
[ 59 ] CVE-2022-1133
      https://nvd.nist.gov/vuln/detail/CVE-2022-1133
[ 60 ] CVE-2022-1134
      https://nvd.nist.gov/vuln/detail/CVE-2022-1134
[ 61 ] CVE-2022-1135
      https://nvd.nist.gov/vuln/detail/CVE-2022-1135
[ 62 ] CVE-2022-1136
      https://nvd.nist.gov/vuln/detail/CVE-2022-1136
[ 63 ] CVE-2022-1137
      https://nvd.nist.gov/vuln/detail/CVE-2022-1137
[ 64 ] CVE-2022-1138
      https://nvd.nist.gov/vuln/detail/CVE-2022-1138
[ 65 ] CVE-2022-1139
      https://nvd.nist.gov/vuln/detail/CVE-2022-1139
[ 66 ] CVE-2022-1141
      https://nvd.nist.gov/vuln/detail/CVE-2022-1141
[ 67 ] CVE-2022-1142
      https://nvd.nist.gov/vuln/detail/CVE-2022-1142
[ 68 ] CVE-2022-1143
      https://nvd.nist.gov/vuln/detail/CVE-2022-1143
[ 69 ] CVE-2022-1144
      https://nvd.nist.gov/vuln/detail/CVE-2022-1144
[ 70 ] CVE-2022-1145
      https://nvd.nist.gov/vuln/detail/CVE-2022-1145
[ 71 ] CVE-2022-1146
      https://nvd.nist.gov/vuln/detail/CVE-2022-1146
[ 72 ] CVE-2022-1232
      https://nvd.nist.gov/vuln/detail/CVE-2022-1232
[ 73 ] CVE-2022-1305
      https://nvd.nist.gov/vuln/detail/CVE-2022-1305
[ 74 ] CVE-2022-1306
      https://nvd.nist.gov/vuln/detail/CVE-2022-1306
[ 75 ] CVE-2022-1307
      https://nvd.nist.gov/vuln/detail/CVE-2022-1307
[ 76 ] CVE-2022-1308
      https://nvd.nist.gov/vuln/detail/CVE-2022-1308
[ 77 ] CVE-2022-1309
      https://nvd.nist.gov/vuln/detail/CVE-2022-1309
[ 78 ] CVE-2022-1310
      https://nvd.nist.gov/vuln/detail/CVE-2022-1310
[ 79 ] CVE-2022-1311
      https://nvd.nist.gov/vuln/detail/CVE-2022-1311
[ 80 ] CVE-2022-1312
      https://nvd.nist.gov/vuln/detail/CVE-2022-1312
[ 81 ] CVE-2022-1313
      https://nvd.nist.gov/vuln/detail/CVE-2022-1313
[ 82 ] CVE-2022-1314
      https://nvd.nist.gov/vuln/detail/CVE-2022-1314
[ 83 ] CVE-2022-1364
      https://nvd.nist.gov/vuln/detail/CVE-2022-1364
[ 84 ] CVE-2022-1477
      https://nvd.nist.gov/vuln/detail/CVE-2022-1477
[ 85 ] CVE-2022-1478
      https://nvd.nist.gov/vuln/detail/CVE-2022-1478
[ 86 ] CVE-2022-1479
      https://nvd.nist.gov/vuln/detail/CVE-2022-1479
[ 87 ] CVE-2022-1480
      https://nvd.nist.gov/vuln/detail/CVE-2022-1480
[ 88 ] CVE-2022-1481
      https://nvd.nist.gov/vuln/detail/CVE-2022-1481
[ 89 ] CVE-2022-1482
      https://nvd.nist.gov/vuln/detail/CVE-2022-1482
[ 90 ] CVE-2022-1483
      https://nvd.nist.gov/vuln/detail/CVE-2022-1483
[ 91 ] CVE-2022-1484
      https://nvd.nist.gov/vuln/detail/CVE-2022-1484
[ 92 ] CVE-2022-1485
      https://nvd.nist.gov/vuln/detail/CVE-2022-1485
[ 93 ] CVE-2022-1486
      https://nvd.nist.gov/vuln/detail/CVE-2022-1486
[ 94 ] CVE-2022-1487
      https://nvd.nist.gov/vuln/detail/CVE-2022-1487
[ 95 ] CVE-2022-1488
      https://nvd.nist.gov/vuln/detail/CVE-2022-1488
[ 96 ] CVE-2022-1489
      https://nvd.nist.gov/vuln/detail/CVE-2022-1489
[ 97 ] CVE-2022-1490
      https://nvd.nist.gov/vuln/detail/CVE-2022-1490
[ 98 ] CVE-2022-1491
      https://nvd.nist.gov/vuln/detail/CVE-2022-1491
[ 99 ] CVE-2022-1492
      https://nvd.nist.gov/vuln/detail/CVE-2022-1492
[ 100 ] CVE-2022-1493
      https://nvd.nist.gov/vuln/detail/CVE-2022-1493
[ 101 ] CVE-2022-1494
      https://nvd.nist.gov/vuln/detail/CVE-2022-1494
[ 102 ] CVE-2022-1495
      https://nvd.nist.gov/vuln/detail/CVE-2022-1495
[ 103 ] CVE-2022-1496
      https://nvd.nist.gov/vuln/detail/CVE-2022-1496
[ 104 ] CVE-2022-1497
      https://nvd.nist.gov/vuln/detail/CVE-2022-1497
[ 105 ] CVE-2022-1498
      https://nvd.nist.gov/vuln/detail/CVE-2022-1498
[ 106 ] CVE-2022-1499
      https://nvd.nist.gov/vuln/detail/CVE-2022-1499
[ 107 ] CVE-2022-1500
      https://nvd.nist.gov/vuln/detail/CVE-2022-1500
[ 108 ] CVE-2022-1501
      https://nvd.nist.gov/vuln/detail/CVE-2022-1501
[ 109 ] CVE-2022-1633
      https://nvd.nist.gov/vuln/detail/CVE-2022-1633
[ 110 ] CVE-2022-1634
      https://nvd.nist.gov/vuln/detail/CVE-2022-1634
[ 111 ] CVE-2022-1635
      https://nvd.nist.gov/vuln/detail/CVE-2022-1635
[ 112 ] CVE-2022-1636
      https://nvd.nist.gov/vuln/detail/CVE-2022-1636
[ 113 ] CVE-2022-1637
      https://nvd.nist.gov/vuln/detail/CVE-2022-1637
[ 114 ] CVE-2022-1639
      https://nvd.nist.gov/vuln/detail/CVE-2022-1639
[ 115 ] CVE-2022-1640
      https://nvd.nist.gov/vuln/detail/CVE-2022-1640
[ 116 ] CVE-2022-1641
      https://nvd.nist.gov/vuln/detail/CVE-2022-1641
[ 117 ] CVE-2022-1853
      https://nvd.nist.gov/vuln/detail/CVE-2022-1853
[ 118 ] CVE-2022-1854
      https://nvd.nist.gov/vuln/detail/CVE-2022-1854
[ 119 ] CVE-2022-1855
      https://nvd.nist.gov/vuln/detail/CVE-2022-1855
[ 120 ] CVE-2022-1856
      https://nvd.nist.gov/vuln/detail/CVE-2022-1856
[ 121 ] CVE-2022-1857
      https://nvd.nist.gov/vuln/detail/CVE-2022-1857
[ 122 ] CVE-2022-1858
      https://nvd.nist.gov/vuln/detail/CVE-2022-1858
[ 123 ] CVE-2022-1859
      https://nvd.nist.gov/vuln/detail/CVE-2022-1859
[ 124 ] CVE-2022-1860
      https://nvd.nist.gov/vuln/detail/CVE-2022-1860
[ 125 ] CVE-2022-1861
      https://nvd.nist.gov/vuln/detail/CVE-2022-1861
[ 126 ] CVE-2022-1862
      https://nvd.nist.gov/vuln/detail/CVE-2022-1862
[ 127 ] CVE-2022-1863
      https://nvd.nist.gov/vuln/detail/CVE-2022-1863
[ 128 ] CVE-2022-1864
      https://nvd.nist.gov/vuln/detail/CVE-2022-1864
[ 129 ] CVE-2022-1865
      https://nvd.nist.gov/vuln/detail/CVE-2022-1865
[ 130 ] CVE-2022-1866
      https://nvd.nist.gov/vuln/detail/CVE-2022-1866
[ 131 ] CVE-2022-1867
      https://nvd.nist.gov/vuln/detail/CVE-2022-1867
[ 132 ] CVE-2022-1868
      https://nvd.nist.gov/vuln/detail/CVE-2022-1868
[ 133 ] CVE-2022-1869
      https://nvd.nist.gov/vuln/detail/CVE-2022-1869
[ 134 ] CVE-2022-1870
      https://nvd.nist.gov/vuln/detail/CVE-2022-1870
[ 135 ] CVE-2022-1871
      https://nvd.nist.gov/vuln/detail/CVE-2022-1871
[ 136 ] CVE-2022-1872
      https://nvd.nist.gov/vuln/detail/CVE-2022-1872
[ 137 ] CVE-2022-1873
      https://nvd.nist.gov/vuln/detail/CVE-2022-1873
[ 138 ] CVE-2022-1874
      https://nvd.nist.gov/vuln/detail/CVE-2022-1874
[ 139 ] CVE-2022-1875
      https://nvd.nist.gov/vuln/detail/CVE-2022-1875
[ 140 ] CVE-2022-1876
      https://nvd.nist.gov/vuln/detail/CVE-2022-1876
[ 141 ] CVE-2022-2007
      https://nvd.nist.gov/vuln/detail/CVE-2022-2007
[ 142 ] CVE-2022-2010
      https://nvd.nist.gov/vuln/detail/CVE-2022-2010
[ 143 ] CVE-2022-2011
      https://nvd.nist.gov/vuln/detail/CVE-2022-2011
[ 144 ] CVE-2022-2156
      https://nvd.nist.gov/vuln/detail/CVE-2022-2156
[ 145 ] CVE-2022-2157
      https://nvd.nist.gov/vuln/detail/CVE-2022-2157
[ 146 ] CVE-2022-2158
      https://nvd.nist.gov/vuln/detail/CVE-2022-2158
[ 147 ] CVE-2022-2160
      https://nvd.nist.gov/vuln/detail/CVE-2022-2160
[ 148 ] CVE-2022-2161
      https://nvd.nist.gov/vuln/detail/CVE-2022-2161
[ 149 ] CVE-2022-2162
      https://nvd.nist.gov/vuln/detail/CVE-2022-2162
[ 150 ] CVE-2022-2163
      https://nvd.nist.gov/vuln/detail/CVE-2022-2163
[ 151 ] CVE-2022-2164
      https://nvd.nist.gov/vuln/detail/CVE-2022-2164
[ 152 ] CVE-2022-2165
      https://nvd.nist.gov/vuln/detail/CVE-2022-2165
[ 153 ] CVE-2022-22021
      https://nvd.nist.gov/vuln/detail/CVE-2022-22021
[ 154 ] CVE-2022-24475
      https://nvd.nist.gov/vuln/detail/CVE-2022-24475
[ 155 ] CVE-2022-24523
      https://nvd.nist.gov/vuln/detail/CVE-2022-24523
[ 156 ] CVE-2022-26891
      https://nvd.nist.gov/vuln/detail/CVE-2022-26891
[ 157 ] CVE-2022-26894
      https://nvd.nist.gov/vuln/detail/CVE-2022-26894
[ 158 ] CVE-2022-26895
      https://nvd.nist.gov/vuln/detail/CVE-2022-26895
[ 159 ] CVE-2022-26900
      https://nvd.nist.gov/vuln/detail/CVE-2022-26900
[ 160 ] CVE-2022-26905
      https://nvd.nist.gov/vuln/detail/CVE-2022-26905
[ 161 ] CVE-2022-26908
      https://nvd.nist.gov/vuln/detail/CVE-2022-26908
[ 162 ] CVE-2022-26909
      https://nvd.nist.gov/vuln/detail/CVE-2022-26909
[ 163 ] CVE-2022-26912
      https://nvd.nist.gov/vuln/detail/CVE-2022-26912
[ 164 ] CVE-2022-29144
      https://nvd.nist.gov/vuln/detail/CVE-2022-29144
[ 165 ] CVE-2022-29146
      https://nvd.nist.gov/vuln/detail/CVE-2022-29146
[ 166 ] CVE-2022-29147
      https://nvd.nist.gov/vuln/detail/CVE-2022-29147
[ 167 ] CVE-2022-30127
      https://nvd.nist.gov/vuln/detail/CVE-2022-30127
[ 168 ] CVE-2022-30128
      https://nvd.nist.gov/vuln/detail/CVE-2022-30128
[ 169 ] CVE-2022-30192
      https://nvd.nist.gov/vuln/detail/CVE-2022-30192
[ 170 ] CVE-2022-33638
      https://nvd.nist.gov/vuln/detail/CVE-2022-33638
[ 171 ] CVE-2022-33639
      https://nvd.nist.gov/vuln/detail/CVE-2022-33639

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202208-25

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5/

Gentoo: GLSA-202208-25: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vul

Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.

Summary

Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details.

Resolution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All Chromium binary users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All QtWebEngine users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.5_p20220618"

References


[ 1 ] CVE-2021-4052 https://nvd.nist.gov/vuln/detail/CVE-2021-4052 [ 2 ] CVE-2021-4053 https://nvd.nist.gov/vuln/detail/CVE-2021-4053 [ 3 ] CVE-2021-4054 https://nvd.nist.gov/vuln/detail/CVE-2021-4054 [ 4 ] CVE-2021-4055 https://nvd.nist.gov/vuln/detail/CVE-2021-4055 [ 5 ] CVE-2021-4056 https://nvd.nist.gov/vuln/detail/CVE-2021-4056 [ 6 ] CVE-2021-4057 https://nvd.nist.gov/vuln/detail/CVE-2021-4057 [ 7 ] CVE-2021-4058 https://nvd.nist.gov/vuln/detail/CVE-2021-4058 [ 8 ] CVE-2021-4059 https://nvd.nist.gov/vuln/detail/CVE-2021-4059 [ 9 ] CVE-2021-4061 https://nvd.nist.gov/vuln/detail/CVE-2021-4061 [ 10 ] CVE-2021-4062 https://nvd.nist.gov/vuln/detail/CVE-2021-4062 [ 11 ] CVE-2021-4063 https://nvd.nist.gov/vuln/detail/CVE-2021-4063 [ 12 ] CVE-2021-4064 https://nvd.nist.gov/vuln/detail/CVE-2021-4064 [ 13 ] CVE-2021-4065 https://nvd.nist.gov/vuln/detail/CVE-2021-4065 [ 14 ] CVE-2021-4066 https://nvd.nist....

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-25

Concerns


Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
Severity: High
Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
Date: August 14, 2022
Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372
ID: 202208-25

Synopsis

Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.

Background

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices.
Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-qt/qtwebengine < 5.15.5_p20220618>= 5.15.5_p20220618 2 www-client/chromium < 103.0.5060.53 >= 103.0.5060.53 3 www-client/google-chrome < 103.0.5060.53 >= 103.0.5060.53 4 www-client/microsoft-edge < 101.0.1210.47 >= 101.0.1210.47

Impact

===== Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved