Chromium: Multiple vulnerabilities — GLSA 201709-15

Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code.

Affected packages

Background

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

Description

Multiple vulnerabilities have been discovered in Chromium. Please review the referenced CVE identifiers for details.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass security restrictions, or spoof content.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-client/chromium-61.0.3163.79"
 

References

• CVE-2017-5091
• CVE-2017-5092
• CVE-2017-5093
• CVE-2017-5094
• CVE-2017-5095
• CVE-2017-5096
• CVE-2017-5097
• CVE-2017-5098
• CVE-2017-5099
• CVE-2017-5100
• CVE-2017-5101
• CVE-2017-5102
• CVE-2017-5103
• CVE-2017-5104
• CVE-2017-5105
• CVE-2017-5106
• CVE-2017-5107
• CVE-2017-5108
• CVE-2017-5109
• CVE-2017-5110
• CVE-2017-5111
• CVE-2017-5112
• CVE-2017-5113
• CVE-2017-5114
• CVE-2017-5115
• CVE-2017-5116
• CVE-2017-5117
• CVE-2017-5118
• CVE-2017-5119
• CVE-2017-5120
• CVE-2017-7000

Release date
September 24, 2017

Latest revision
September 24, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries

• 626382
• 630068