Gentoo 2514 Published by

A Chromium, Google Chrome, Microsoft Edge, QtWebEngine security update has been released for Gentoo Linux.



GLSA 202208-25 : Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202208-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
Date: August 14, 2022
Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372
ID: 202208-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Chromium and its
derivatives, the worst of which could result in remote code execution.

Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-qt/qtwebengine < 5.15.5_p20220618>= 5.15.5_p20220618
2 www-client/chromium < 103.0.5060.53 >= 103.0.5060.53
3 www-client/google-chrome < 103.0.5060.53 >= 103.0.5060.53
4 www-client/microsoft-edge < 101.0.1210.47 >= 101.0.1210.47

Description
==========
Multiple vulnerabilities have been discovered in Chromium and its
derivatives. Please review the CVE identifiers referenced below for
details.

Impact
=====
Please review the referenced CVE identifiers for details.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All Chromium users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All Chromium binary users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"

All Google Chrome users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"

All Microsoft Edge users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All QtWebEngine users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">?v-qt/qtwebengine-5.15.5_p20220618"

References
=========
[ 1 ] CVE-2021-4052
  https://nvd.nist.gov/vuln/detail/CVE-2021-4052
[ 2 ] CVE-2021-4053
  https://nvd.nist.gov/vuln/detail/CVE-2021-4053
[ 3 ] CVE-2021-4054
  https://nvd.nist.gov/vuln/detail/CVE-2021-4054
[ 4 ] CVE-2021-4055
  https://nvd.nist.gov/vuln/detail/CVE-2021-4055
[ 5 ] CVE-2021-4056
  https://nvd.nist.gov/vuln/detail/CVE-2021-4056
[ 6 ] CVE-2021-4057
  https://nvd.nist.gov/vuln/detail/CVE-2021-4057
[ 7 ] CVE-2021-4058
  https://nvd.nist.gov/vuln/detail/CVE-2021-4058
[ 8 ] CVE-2021-4059
  https://nvd.nist.gov/vuln/detail/CVE-2021-4059
[ 9 ] CVE-2021-4061
  https://nvd.nist.gov/vuln/detail/CVE-2021-4061
[ 10 ] CVE-2021-4062
  https://nvd.nist.gov/vuln/detail/CVE-2021-4062
[ 11 ] CVE-2021-4063
  https://nvd.nist.gov/vuln/detail/CVE-2021-4063
[ 12 ] CVE-2021-4064
  https://nvd.nist.gov/vuln/detail/CVE-2021-4064
[ 13 ] CVE-2021-4065
  https://nvd.nist.gov/vuln/detail/CVE-2021-4065
[ 14 ] CVE-2021-4066
  https://nvd.nist.gov/vuln/detail/CVE-2021-4066
[ 15 ] CVE-2021-4067
  https://nvd.nist.gov/vuln/detail/CVE-2021-4067
[ 16 ] CVE-2021-4068
  https://nvd.nist.gov/vuln/detail/CVE-2021-4068
[ 17 ] CVE-2021-4078
  https://nvd.nist.gov/vuln/detail/CVE-2021-4078
[ 18 ] CVE-2021-4079
  https://nvd.nist.gov/vuln/detail/CVE-2021-4079
[ 19 ] CVE-2021-30551
  https://nvd.nist.gov/vuln/detail/CVE-2021-30551
[ 20 ] CVE-2022-0789
  https://nvd.nist.gov/vuln/detail/CVE-2022-0789
[ 21 ] CVE-2022-0790
  https://nvd.nist.gov/vuln/detail/CVE-2022-0790
[ 22 ] CVE-2022-0791
  https://nvd.nist.gov/vuln/detail/CVE-2022-0791
[ 23 ] CVE-2022-0792
  https://nvd.nist.gov/vuln/detail/CVE-2022-0792
[ 24 ] CVE-2022-0793
  https://nvd.nist.gov/vuln/detail/CVE-2022-0793
[ 25 ] CVE-2022-0794
  https://nvd.nist.gov/vuln/detail/CVE-2022-0794
[ 26 ] CVE-2022-0795
  https://nvd.nist.gov/vuln/detail/CVE-2022-0795
[ 27 ] CVE-2022-0796
  https://nvd.nist.gov/vuln/detail/CVE-2022-0796
[ 28 ] CVE-2022-0797
  https://nvd.nist.gov/vuln/detail/CVE-2022-0797
[ 29 ] CVE-2022-0798
  https://nvd.nist.gov/vuln/detail/CVE-2022-0798
[ 30 ] CVE-2022-0799
  https://nvd.nist.gov/vuln/detail/CVE-2022-0799
[ 31 ] CVE-2022-0800
  https://nvd.nist.gov/vuln/detail/CVE-2022-0800
[ 32 ] CVE-2022-0801
  https://nvd.nist.gov/vuln/detail/CVE-2022-0801
[ 33 ] CVE-2022-0802
  https://nvd.nist.gov/vuln/detail/CVE-2022-0802
[ 34 ] CVE-2022-0803
  https://nvd.nist.gov/vuln/detail/CVE-2022-0803
[ 35 ] CVE-2022-0804
  https://nvd.nist.gov/vuln/detail/CVE-2022-0804
[ 36 ] CVE-2022-0805
  https://nvd.nist.gov/vuln/detail/CVE-2022-0805
[ 37 ] CVE-2022-0806
  https://nvd.nist.gov/vuln/detail/CVE-2022-0806
[ 38 ] CVE-2022-0807
  https://nvd.nist.gov/vuln/detail/CVE-2022-0807
[ 39 ] CVE-2022-0808
  https://nvd.nist.gov/vuln/detail/CVE-2022-0808
[ 40 ] CVE-2022-0809
  https://nvd.nist.gov/vuln/detail/CVE-2022-0809
[ 41 ] CVE-2022-0971
  https://nvd.nist.gov/vuln/detail/CVE-2022-0971
[ 42 ] CVE-2022-0972
  https://nvd.nist.gov/vuln/detail/CVE-2022-0972
[ 43 ] CVE-2022-0973
  https://nvd.nist.gov/vuln/detail/CVE-2022-0973
[ 44 ] CVE-2022-0974
  https://nvd.nist.gov/vuln/detail/CVE-2022-0974
[ 45 ] CVE-2022-0975
  https://nvd.nist.gov/vuln/detail/CVE-2022-0975
[ 46 ] CVE-2022-0976
  https://nvd.nist.gov/vuln/detail/CVE-2022-0976
[ 47 ] CVE-2022-0977
  https://nvd.nist.gov/vuln/detail/CVE-2022-0977
[ 48 ] CVE-2022-0978
  https://nvd.nist.gov/vuln/detail/CVE-2022-0978
[ 49 ] CVE-2022-0979
  https://nvd.nist.gov/vuln/detail/CVE-2022-0979
[ 50 ] CVE-2022-0980
  https://nvd.nist.gov/vuln/detail/CVE-2022-0980
[ 51 ] CVE-2022-1096
  https://nvd.nist.gov/vuln/detail/CVE-2022-1096
[ 52 ] CVE-2022-1125
  https://nvd.nist.gov/vuln/detail/CVE-2022-1125
[ 53 ] CVE-2022-1127
  https://nvd.nist.gov/vuln/detail/CVE-2022-1127
[ 54 ] CVE-2022-1128
  https://nvd.nist.gov/vuln/detail/CVE-2022-1128
[ 55 ] CVE-2022-1129
  https://nvd.nist.gov/vuln/detail/CVE-2022-1129
[ 56 ] CVE-2022-1130
  https://nvd.nist.gov/vuln/detail/CVE-2022-1130
[ 57 ] CVE-2022-1131
  https://nvd.nist.gov/vuln/detail/CVE-2022-1131
[ 58 ] CVE-2022-1132
  https://nvd.nist.gov/vuln/detail/CVE-2022-1132
[ 59 ] CVE-2022-1133
  https://nvd.nist.gov/vuln/detail/CVE-2022-1133
[ 60 ] CVE-2022-1134
  https://nvd.nist.gov/vuln/detail/CVE-2022-1134
[ 61 ] CVE-2022-1135
  https://nvd.nist.gov/vuln/detail/CVE-2022-1135
[ 62 ] CVE-2022-1136
  https://nvd.nist.gov/vuln/detail/CVE-2022-1136
[ 63 ] CVE-2022-1137
  https://nvd.nist.gov/vuln/detail/CVE-2022-1137
[ 64 ] CVE-2022-1138
  https://nvd.nist.gov/vuln/detail/CVE-2022-1138
[ 65 ] CVE-2022-1139
  https://nvd.nist.gov/vuln/detail/CVE-2022-1139
[ 66 ] CVE-2022-1141
  https://nvd.nist.gov/vuln/detail/CVE-2022-1141
[ 67 ] CVE-2022-1142
  https://nvd.nist.gov/vuln/detail/CVE-2022-1142
[ 68 ] CVE-2022-1143
  https://nvd.nist.gov/vuln/detail/CVE-2022-1143
[ 69 ] CVE-2022-1144
  https://nvd.nist.gov/vuln/detail/CVE-2022-1144
[ 70 ] CVE-2022-1145
  https://nvd.nist.gov/vuln/detail/CVE-2022-1145
[ 71 ] CVE-2022-1146
  https://nvd.nist.gov/vuln/detail/CVE-2022-1146
[ 72 ] CVE-2022-1232
  https://nvd.nist.gov/vuln/detail/CVE-2022-1232
[ 73 ] CVE-2022-1305
  https://nvd.nist.gov/vuln/detail/CVE-2022-1305
[ 74 ] CVE-2022-1306
  https://nvd.nist.gov/vuln/detail/CVE-2022-1306
[ 75 ] CVE-2022-1307
  https://nvd.nist.gov/vuln/detail/CVE-2022-1307
[ 76 ] CVE-2022-1308
  https://nvd.nist.gov/vuln/detail/CVE-2022-1308
[ 77 ] CVE-2022-1309
  https://nvd.nist.gov/vuln/detail/CVE-2022-1309
[ 78 ] CVE-2022-1310
  https://nvd.nist.gov/vuln/detail/CVE-2022-1310
[ 79 ] CVE-2022-1311
  https://nvd.nist.gov/vuln/detail/CVE-2022-1311
[ 80 ] CVE-2022-1312
  https://nvd.nist.gov/vuln/detail/CVE-2022-1312
[ 81 ] CVE-2022-1313
  https://nvd.nist.gov/vuln/detail/CVE-2022-1313
[ 82 ] CVE-2022-1314
  https://nvd.nist.gov/vuln/detail/CVE-2022-1314
[ 83 ] CVE-2022-1364
  https://nvd.nist.gov/vuln/detail/CVE-2022-1364
[ 84 ] CVE-2022-1477
  https://nvd.nist.gov/vuln/detail/CVE-2022-1477
[ 85 ] CVE-2022-1478
  https://nvd.nist.gov/vuln/detail/CVE-2022-1478
[ 86 ] CVE-2022-1479
  https://nvd.nist.gov/vuln/detail/CVE-2022-1479
[ 87 ] CVE-2022-1480
  https://nvd.nist.gov/vuln/detail/CVE-2022-1480
[ 88 ] CVE-2022-1481
  https://nvd.nist.gov/vuln/detail/CVE-2022-1481
[ 89 ] CVE-2022-1482
  https://nvd.nist.gov/vuln/detail/CVE-2022-1482
[ 90 ] CVE-2022-1483
  https://nvd.nist.gov/vuln/detail/CVE-2022-1483
[ 91 ] CVE-2022-1484
  https://nvd.nist.gov/vuln/detail/CVE-2022-1484
[ 92 ] CVE-2022-1485
  https://nvd.nist.gov/vuln/detail/CVE-2022-1485
[ 93 ] CVE-2022-1486
  https://nvd.nist.gov/vuln/detail/CVE-2022-1486
[ 94 ] CVE-2022-1487
  https://nvd.nist.gov/vuln/detail/CVE-2022-1487
[ 95 ] CVE-2022-1488
  https://nvd.nist.gov/vuln/detail/CVE-2022-1488
[ 96 ] CVE-2022-1489
  https://nvd.nist.gov/vuln/detail/CVE-2022-1489
[ 97 ] CVE-2022-1490
  https://nvd.nist.gov/vuln/detail/CVE-2022-1490
[ 98 ] CVE-2022-1491
  https://nvd.nist.gov/vuln/detail/CVE-2022-1491
[ 99 ] CVE-2022-1492
  https://nvd.nist.gov/vuln/detail/CVE-2022-1492
[ 100 ] CVE-2022-1493
  https://nvd.nist.gov/vuln/detail/CVE-2022-1493
[ 101 ] CVE-2022-1494
  https://nvd.nist.gov/vuln/detail/CVE-2022-1494
[ 102 ] CVE-2022-1495
  https://nvd.nist.gov/vuln/detail/CVE-2022-1495
[ 103 ] CVE-2022-1496
  https://nvd.nist.gov/vuln/detail/CVE-2022-1496
[ 104 ] CVE-2022-1497
  https://nvd.nist.gov/vuln/detail/CVE-2022-1497
[ 105 ] CVE-2022-1498
  https://nvd.nist.gov/vuln/detail/CVE-2022-1498
[ 106 ] CVE-2022-1499
  https://nvd.nist.gov/vuln/detail/CVE-2022-1499
[ 107 ] CVE-2022-1500
  https://nvd.nist.gov/vuln/detail/CVE-2022-1500
[ 108 ] CVE-2022-1501
  https://nvd.nist.gov/vuln/detail/CVE-2022-1501
[ 109 ] CVE-2022-1633
  https://nvd.nist.gov/vuln/detail/CVE-2022-1633
[ 110 ] CVE-2022-1634
  https://nvd.nist.gov/vuln/detail/CVE-2022-1634
[ 111 ] CVE-2022-1635
  https://nvd.nist.gov/vuln/detail/CVE-2022-1635
[ 112 ] CVE-2022-1636
  https://nvd.nist.gov/vuln/detail/CVE-2022-1636
[ 113 ] CVE-2022-1637
  https://nvd.nist.gov/vuln/detail/CVE-2022-1637
[ 114 ] CVE-2022-1639
  https://nvd.nist.gov/vuln/detail/CVE-2022-1639
[ 115 ] CVE-2022-1640
  https://nvd.nist.gov/vuln/detail/CVE-2022-1640
[ 116 ] CVE-2022-1641
  https://nvd.nist.gov/vuln/detail/CVE-2022-1641
[ 117 ] CVE-2022-1853
  https://nvd.nist.gov/vuln/detail/CVE-2022-1853
[ 118 ] CVE-2022-1854
  https://nvd.nist.gov/vuln/detail/CVE-2022-1854
[ 119 ] CVE-2022-1855
  https://nvd.nist.gov/vuln/detail/CVE-2022-1855
[ 120 ] CVE-2022-1856
  https://nvd.nist.gov/vuln/detail/CVE-2022-1856
[ 121 ] CVE-2022-1857
  https://nvd.nist.gov/vuln/detail/CVE-2022-1857
[ 122 ] CVE-2022-1858
  https://nvd.nist.gov/vuln/detail/CVE-2022-1858
[ 123 ] CVE-2022-1859
  https://nvd.nist.gov/vuln/detail/CVE-2022-1859
[ 124 ] CVE-2022-1860
  https://nvd.nist.gov/vuln/detail/CVE-2022-1860
[ 125 ] CVE-2022-1861
  https://nvd.nist.gov/vuln/detail/CVE-2022-1861
[ 126 ] CVE-2022-1862
  https://nvd.nist.gov/vuln/detail/CVE-2022-1862
[ 127 ] CVE-2022-1863
  https://nvd.nist.gov/vuln/detail/CVE-2022-1863
[ 128 ] CVE-2022-1864
  https://nvd.nist.gov/vuln/detail/CVE-2022-1864
[ 129 ] CVE-2022-1865
  https://nvd.nist.gov/vuln/detail/CVE-2022-1865
[ 130 ] CVE-2022-1866
  https://nvd.nist.gov/vuln/detail/CVE-2022-1866
[ 131 ] CVE-2022-1867
  https://nvd.nist.gov/vuln/detail/CVE-2022-1867
[ 132 ] CVE-2022-1868
  https://nvd.nist.gov/vuln/detail/CVE-2022-1868
[ 133 ] CVE-2022-1869
  https://nvd.nist.gov/vuln/detail/CVE-2022-1869
[ 134 ] CVE-2022-1870
  https://nvd.nist.gov/vuln/detail/CVE-2022-1870
[ 135 ] CVE-2022-1871
  https://nvd.nist.gov/vuln/detail/CVE-2022-1871
[ 136 ] CVE-2022-1872
  https://nvd.nist.gov/vuln/detail/CVE-2022-1872
[ 137 ] CVE-2022-1873
  https://nvd.nist.gov/vuln/detail/CVE-2022-1873
[ 138 ] CVE-2022-1874
  https://nvd.nist.gov/vuln/detail/CVE-2022-1874
[ 139 ] CVE-2022-1875
  https://nvd.nist.gov/vuln/detail/CVE-2022-1875
[ 140 ] CVE-2022-1876
  https://nvd.nist.gov/vuln/detail/CVE-2022-1876
[ 141 ] CVE-2022-2007
  https://nvd.nist.gov/vuln/detail/CVE-2022-2007
[ 142 ] CVE-2022-2010
  https://nvd.nist.gov/vuln/detail/CVE-2022-2010
[ 143 ] CVE-2022-2011
  https://nvd.nist.gov/vuln/detail/CVE-2022-2011
[ 144 ] CVE-2022-2156
  https://nvd.nist.gov/vuln/detail/CVE-2022-2156
[ 145 ] CVE-2022-2157
  https://nvd.nist.gov/vuln/detail/CVE-2022-2157
[ 146 ] CVE-2022-2158
  https://nvd.nist.gov/vuln/detail/CVE-2022-2158
[ 147 ] CVE-2022-2160
  https://nvd.nist.gov/vuln/detail/CVE-2022-2160
[ 148 ] CVE-2022-2161
  https://nvd.nist.gov/vuln/detail/CVE-2022-2161
[ 149 ] CVE-2022-2162
  https://nvd.nist.gov/vuln/detail/CVE-2022-2162
[ 150 ] CVE-2022-2163
  https://nvd.nist.gov/vuln/detail/CVE-2022-2163
[ 151 ] CVE-2022-2164
  https://nvd.nist.gov/vuln/detail/CVE-2022-2164
[ 152 ] CVE-2022-2165
  https://nvd.nist.gov/vuln/detail/CVE-2022-2165
[ 153 ] CVE-2022-22021
  https://nvd.nist.gov/vuln/detail/CVE-2022-22021
[ 154 ] CVE-2022-24475
  https://nvd.nist.gov/vuln/detail/CVE-2022-24475
[ 155 ] CVE-2022-24523
  https://nvd.nist.gov/vuln/detail/CVE-2022-24523
[ 156 ] CVE-2022-26891
  https://nvd.nist.gov/vuln/detail/CVE-2022-26891
[ 157 ] CVE-2022-26894
  https://nvd.nist.gov/vuln/detail/CVE-2022-26894
[ 158 ] CVE-2022-26895
  https://nvd.nist.gov/vuln/detail/CVE-2022-26895
[ 159 ] CVE-2022-26900
  https://nvd.nist.gov/vuln/detail/CVE-2022-26900
[ 160 ] CVE-2022-26905
  https://nvd.nist.gov/vuln/detail/CVE-2022-26905
[ 161 ] CVE-2022-26908
  https://nvd.nist.gov/vuln/detail/CVE-2022-26908
[ 162 ] CVE-2022-26909
  https://nvd.nist.gov/vuln/detail/CVE-2022-26909
[ 163 ] CVE-2022-26912
  https://nvd.nist.gov/vuln/detail/CVE-2022-26912
[ 164 ] CVE-2022-29144
  https://nvd.nist.gov/vuln/detail/CVE-2022-29144
[ 165 ] CVE-2022-29146
  https://nvd.nist.gov/vuln/detail/CVE-2022-29146
[ 166 ] CVE-2022-29147
  https://nvd.nist.gov/vuln/detail/CVE-2022-29147
[ 167 ] CVE-2022-30127
  https://nvd.nist.gov/vuln/detail/CVE-2022-30127
[ 168 ] CVE-2022-30128
  https://nvd.nist.gov/vuln/detail/CVE-2022-30128
[ 169 ] CVE-2022-30192
  https://nvd.nist.gov/vuln/detail/CVE-2022-30192
[ 170 ] CVE-2022-33638
  https://nvd.nist.gov/vuln/detail/CVE-2022-33638
[ 171 ] CVE-2022-33639
  https://nvd.nist.gov/vuln/detail/CVE-2022-33639

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  https://security.gentoo.org/glsa/202208-25

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
  https://bugs.gentoo.org.

License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

  https://creativecommons.org/licenses/by-sa/2.5