Upstream released chromium 77.0.3865.90 September 18, 2019 with 4 security fixes (some 8 days after 77.0.3865.75): https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop_18.html This bug is for mga7. Cauldron and mga6 are also affected, but: - cauldron needs a newer icu package (version 64) - mga6 does not have a C++ compiler that can build chromium - maybe chromium 78 can be built with a gcc8 package I prepared earlier; I use clang to build M77 in mga7 and cauldron.
Updated packages are available for testing: MGA7 SRPM: chromium-browser-stable-77.0.3865.90-1.mga7.src.rpm RPMS: chromium-browser-77.0.3865.90-1.mga7.i586.rpm chromium-browser-stable-77.0.3865.90-1.mga7.i586.rpm chromium-browser-77.0.3865.90-1.mga7.x86_64.rpm chromium-browser-stable-77.0.3865.90-1.mga7.x86_64.rpm Advisory: Chromium-browser 77.0.3865.90 fixes security issues: Four use-after-free bugs were found in Chromium 77.0.3865.75: one in the UI component (CVE-2019-13685), two in the media component (CVE-2019-13688, CVE-2019-13687), and one in the offline pages component (CVE-2019-13686). References: https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop_18.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13685 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13686 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13688
CC: (none) => cjwStatus: NEW => ASSIGNEDAssignee: cjw => qa-bugs
MGA7-64 Plasma on Lenovo B50 No installation issues. Browsed around, cann't find anything wrong wth it.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
on mga7-32 in a vbox VM packages installed cleanly: - chromium-browser-77.0.3865.90-1.mga7.i586 - chromium-browser-stable-77.0.3865.90-1.mga7.i586 no regressions seen OK for mga7-32
CC: (none) => jimWhiteboard: MGA7-64-OK => MGA7-64-OK MGA7-32-OK
Update is now validated Advisory in comment 1
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0289.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED