Bug 32156

chromium-browser-stable is keeping you busy, Christian. Here is yet another update.

Assignee: bugsquad => chb0

Hi. Saw that lately but on vacation. I will not be able to push it before 16th of August. Usually, update within the same branch should be smooth, in case someone would like just to update the version number and submit it.

Hi. I propose to go directly to 116.0.5845.96:
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html

Summary: chromium-browser-stable new security issues fixed in 115.0.5790.170 => chromium-browser-stable new security issues fixed in 116.0.5845.96

Ready for QA!

ADVISORY NOTICE PROPOSAL
========================

New chromium-browser-stable 116.0.5845.96 fixes bugs and vulnerabilities


Description
The chromium-browser-stable package has been updated to the 116.0.5845.96 release, fixing 26 vulnerabilities.

Some of the security fixes are:

High CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L. on 2023-05-24

High CVE-2023-4349: Use after free in Device Trust Connectors. Reported by Weipeng Jiang (@Krace) of VRI on 2023-06-27

High CVE-2023-4350: Inappropriate implementation in Fullscreen. Reported by Khiem Tran (@duckhiem) on 2023-06-14

High CVE-2023-4351: Use after free in Network. Reported by Guang and Weipeng Jiang of VRI on 2023-07-18

High CVE-2023-4352: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-06-07

High CVE-2023-4353: Heap buffer overflow in ANGLE. Reported by Christoph Diehl / Microsoft Vulnerability Research on 2023-06-27

High CVE-2023-4354: Heap buffer overflow in Skia. Reported by Mark Brand of Google Project Zero on 2023-07-12

High CVE-2023-4355: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-07-31

Medium CVE-2023-4356: Use after free in Audio. Reported by Zhenghang Xiao (@Kipreyyy) on 2023-05-30

Medium CVE-2023-4357: Insufficient validation of untrusted input in XML. Reported by Igor Sak-Sakovskii on 2023-06-28

Medium CVE-2023-4358: Use after free in DNS. Reported by Weipeng Jiang (@Krace) of VRI on 2023-07-20

Medium CVE-2023-4359: Inappropriate implementation in App Launcher. Reported by @retsew0x01 on 2023-05-09

Medium CVE-2023-4360: Inappropriate implementation in Color. Reported by Axel Chong on 2023-07-07

[$2000][1465230] Medium CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17

Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL. Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14

Medium CVE-2023-4363: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2022-09-23

Medium CVE-2023-4364: Inappropriate implementation in Permission Prompts. Reported by Jasper Rebane on 2023-01-13

Medium CVE-2023-4365: Inappropriate implementation in Fullscreen. Reported by Hafiizh on 2023-04-06

Medium CVE-2023-4366: Use after free in Extensions. Reported by asnine on 2023-06-02

Medium CVE-2023-4367: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26

Medium CVE-2023-4368: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26

References
https://bugs.mageia.org/show_bug.cgi?id=32156
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html



SRPMS
9/tainted
chromium-browser-stable-116.0.5845.96-1.mga9.tainted.src.rpm


PROVIDED PACKAGES
=================
x86_64
chromium-browser-116.0.5845.96-1.mga9.tainted.x86_64.rpm
chromium-browser-stable-116.0.5845.96-1.mga9.tainted.x86_64.rpm

i586
chromium-browser-116.0.5845.96-1.mga9.tainted.i586.rpm
chromium-browser-stable-116.0.5845.96-1.mga9.tainted.i586.rpm

Assignee: chb0 => qa-bugs

(oops...)

Test OK mga9-64 
nvidia-current, on GTX750
Kernel from backport, as 6.4 have issues resuming on my system
Plasma

Tested some video sites and banking sites: no issues noted.



Below, output in terminal from where i started it:

  Some usual lines if type:

libpng warning: iCCP: known incorrect sRGB profile

  These are new to me I think:

[1539447:1539447:0816/101528.510001:ERROR:chrome_browser_cloud_management_controller.cc(163)] Cloud management controller initialization aborted as CBCM is not enabled.

[1539487:1539487:0816/104015.913019:ERROR:shared_image_manager.cc(217)] SharedImageManager::ProduceSkia: Trying to Produce a Skia representation from a non-existent mailbox.

Whiteboard: MGA9-OK => MGA9-64-OK

The advisory is missing the references from Comment 0.

(In reply to David Walser from comment #6)
> The advisory is missing the references from Comment 0.

IMHO, only 
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html
would be relevant as info, as 115.0.5790.110 is the current version and 115.0.5790.170 has fixed some CVE.

CC: (none) => chb0

(In reply to Morgan Leijström from comment #5)
> 
>   These are new to me I think:
> 
> [1539447:1539447:0816/101528.510001:ERROR:
> chrome_browser_cloud_management_controller.cc(163)] Cloud management
> controller initialization aborted as CBCM is not enabled.
> 
> [1539487:1539487:0816/104015.913019:ERROR:shared_image_manager.cc(217)]
> SharedImageManager::ProduceSkia: Trying to Produce a Skia representation
> from a non-existent mailbox.

I will have a deeper look but I am not concerned by these as no crash is reported. Chromium is known as "polluting" quite a lot the terminal window with such messages.

moved to release for final release tree updates

Resolution: (none) => FIXED
Status: NEW => RESOLVED