Chromium: Multiple vulnerabilities — GLSA 201709-25

Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code.

Affected Packages

www-client/chromium on all architectures
Affected versions < 61.0.3163.100
Unaffected versions >= 61.0.3163.100

Background

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

Description

Multiple vulnerabilities have been discovered in Chromium. Please review the referenced CVE identifiers for details.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Chromium users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-client/chromium-61.0.3163.100"
 

References

Release Date
September 25, 2017

Latest Revision
September 25, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries