| Summary: | chromium-browser-stable new security issues CVE-2024-629[0-3] fixed in 126.0.6478.126 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | brtians1, fri, herman.viaene, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | chromium-browser-stable-126.0.6478.114-1.mga9.tainted.src.rpm | CVE: | CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 |
| Status comment: | Fixed upstream in 126.0.6478.126 | ||
|
Description
Nicolas Salguero
2024-07-01 09:59:00 CEST
Nicolas Salguero
2024-07-01 09:59:48 CEST
CVE:
(none) =>
CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293
Nicolas Salguero
2024-07-01 10:03:27 CEST
Severity:
normal =>
major
Nicolas Salguero
2024-07-01 15:46:24 CEST
Assignee:
bugsquad =>
nicolas.salguero For the moment, it is only built for Mageia 9. Suggested advisory: ======================== The updated packages fix security vulnerabilities: Use after free in Dawn. (CVE-2024-6290, CVE-2024-6292, CVE-2024-6293) Use after free in Swiftshader. (CVE-2024-6291) References: https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html ======================== Updated packages in core/updates_testing: ======================== chromium-browser-126.0.6478.126-1.mga9.tainted chromium-browser-stable-126.0.6478.126-1.mga9.tainted from SRPM: chromium-browser-stable-126.0.6478.126-1.mga9.tainted.src.rpm Status:
NEW =>
ASSIGNED mga9-64 OK here Plasma on X11. nvidia470-470.256.02-1 on GTX750 with 4K screen. kernel desktop 6.6.36-3 on ASRock P55 Pro with Intel Core i7 870. Swedish localisation. Restored tabs opened in previous version. Banking sites, shops, video sites. Download file. Open saved pdf file and print to network printer. Printing this bug on Boomaga. Writing this Comment. -- Thank you for taking on this package. I think this is good you push mga9 before Cauldron as compile time is long and security updates should go out quickly. QA take typically longer time than compiling. CC:
(none) =>
fri mga9 ready for QA Assignee:
nicolas.salguero =>
qa-bugs
katnatek
2024-07-02 18:55:29 CEST
Version:
Cauldron =>
9
katnatek
2024-07-02 19:11:52 CEST
Keywords:
(none) =>
advisory @katnatek: We use to keep it set to Cauldron with MGA9TOO until it is successfully built for Cauldron. It is still building. (In reply to Morgan Leijström from comment #4) > @katnatek: We use to keep it set to Cauldron with MGA9TOO until it is > successfully built for Cauldron. It is still building. The packaging policy is build first in cauldron, so I did assume that Build have currently failed for Cauldron. We also had a period where a browser was impossible to build on Cauldron. It is mga9 our users use, so it is there it is most important to update quickly and it would be stupid if Cauldron problems held that back. We should generally not have newer versions in elder Mageia release (for smooth upgrade, but IMO we should not guarantee n upgrade to Cauldron to always work anyway) but QA take time anyway before package is moved to updates repo, a delay Cauldron do not have. Plasma Wayland
LC_ALL=C urpmi --auto --auto-update
medium "QA Testing (32-bit)" is up-to-date
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date
installing chromium-browser-stable-126.0.6478.126-1.mga9.tainted.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing... ##################################################################################################
1/1: chromium-browser-stable
##################################################################################################
1/1: removing chromium-browser-stable-126.0.6478.114-1.mga9.tainted.x86_64
##################################################################################################
Ozone plataform set in wayland
Yooutube OK
mail.com OK
facebook OK
Post this comment from chromium
(In reply to katnatek from comment #5) > (In reply to Morgan Leijström from comment #4) > > @katnatek: We use to keep it set to Cauldron with MGA9TOO until it is > > successfully built for Cauldron. It is still building. > > The packaging policy is build first in cauldron, so I did assume that I wait a few more next time but some times the packages forget to change some fields in bug
katnatek
2024-07-03 01:37:26 CEST
Hardware:
All =>
x86_64 MGA9-64 Plasma Wayland on HP-Pavillion No installation issues. Cann't find anything wrong with it. CC:
(none) =>
herman.viaene MGA9-64, Xfce, Asus Laptop AMD A6-9225 RADEON R4 Installed latest chromium, this is an upgrade. I've been a few hours with Chromium (audio, video, email), it is working as expected. CC:
(none) =>
brtians1 MGA9-64, Xfce, Intel celeron ---- email sites work wimbledon radio working as expected Also OK on my Thinkpad T510; Plasma, X11, modesetting driver on nvidia GPU I see Cauldron version is still building. As I said before I dont think a delay in Cauldron should delay security updates for our users. -> Validating. CC:
(none) =>
sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0254.html Resolution:
(none) =>
FIXED |