Upstream released versions 79.0.3945.79, 79.0.3945.88, 79.0.3945.117, and 79.0.3945.130 with security fixes: https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop_17.html https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html
Advisory: Chromium-browser 79.0.3945.130 fixes security issues: Multiple flaws were found in the way Chromium 78.0.3904.108 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753, CVE-2019-13754, CVE-2019-13755, CVE-2019-13756, CVE-2019-13757, CVE-2019-13758, CVE-2019-13759, CVE-2019-13761, CVE-2019-13762, CVE-2019-13763, CVE-2019-13764, CVE-2019-13767, CVE-2020-6377, CVE-2020-6378, CVE-2020-6379, CVE-2020-6380) References: https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop_17.html https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13727 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13729 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13743 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13744 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13755 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13756 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13757 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6380
Status: NEW => ASSIGNED
Depends on: (none) => 26104
Four of those CVEs are actually in sqlite3, so we need to address that.
Chromium is not currently linked against system sqlite3, that's why I left those CVEs in the lists.
OK. We should still fix them of course.
Depends on: 26104 => (none)
sqlite3 issues have been addressed. Did you mean to assign this to QA?
The build failed with: FAILED: obj/chrome/browser/ui/ui/opaque_browser_frame_view_linux.o g++ -MMD -MF obj/chrome/browser/ui/ui/opaque_browser_frame_view_linux.o.d -DUSE_DBUS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DUSE_CUPS -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_52 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DVK_NO_PROTOTYPES -DTOOLKIT_VIEWS=1 -DSYNC_PASSWORD_REUSE_DETECTION_ENABLED -DSYNC_PASSWORD_REUSE_WARNING_ENABLED -DON_FOCUS_PING_ENABLED -DEXPAT_RELATIVE_PATH -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DLEVELDB_PLATFORM_CHROMIUM=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DUSE_CHROMIUM_ICU=1 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -DUCHAR_TYPE=uint16_t -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DABSL_ALLOCATOR_NOTHROW=1 -DNO_MAIN_THREAD_WRAPPING -DV8_USE_EXTERNAL_STARTUP_DATA -DSK_GL -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_USER_CONFIG_HEADER=\"../../skia/config/SkUserConfig.h\" -DSK_HAS_JPEG_LIBRARY -DSK_VULKAN_HEADER=\"../../skia/config/SkVulkanConfig.h\" -DSK_VULKAN=1 -DSK_SUPPORT_GPU=1 -DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\" -DVK_NO_PROTOTYPES -DV8_DEPRECATION_WARNINGS -DI18N_ADDRESS_VALIDATION_DATA_URL=\"https://chromium-i18n.appspot.com/ssl-aggregate-address/\" -DPERFETTO_IMPLEMENTATION -DUSE_SYSTEM_ZLIB=1 -I../.. -Igen -Igen/shim_headers/zlib_shim -Igen/shim_headers/snappy_shim -I../../third_party/libyuv/include -Igen/shim_headers/libpng_shim -Igen/shim_headers/libwebp_shim -Igen/shim_headers/libdrm_shim -Igen/shim_headers/ffmpeg_shim -I../../third_party/khronos -I../../gpu -Igen/shim_headers/opus_shim -I../../third_party/vulkan/include -Igen/third_party/dawn/src/include -I../../third_party/dawn/src/include -Igen/shim_headers/minizip_shim -Igen/shim_headers/flac_shim -Igen/shim_headers/jsoncpp_shim -I../../third_party/protobuf/src -Igen/protoc_out -I../../third_party/protobuf/src -I../../third_party/boringssl/src/include -I../../third_party/cacheinvalidation/overrides -I../../third_party/cacheinvalidation/src -Igen/third_party/metrics_proto -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include -I../../third_party/ced/src -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -I../../third_party/webrtc_overrides -I../../third_party/webrtc -Igen/third_party/webrtc -I../../third_party/abseil-cpp -I../../third_party/skia -I../../third_party/vulkan/include -I../../third_party/skia/third_party/vulkanmemoryallocator -I../../third_party/vulkan/include -I../../third_party/crashpad/crashpad -I../../third_party/crashpad/crashpad/compat/non_mac -I../../third_party/crashpad/crashpad/compat/linux -I../../third_party/crashpad/crashpad/compat/non_win -I../../third_party/libwebm/source -I../../v8/include -Igen/v8/include -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/components/policy/proto -I../../third_party/re2/src -I../../third_party/mesa_headers -Igen -Igen -Igen -Igen -I../../third_party/libaddressinput/src/cpp/include -Igen/components/sync/protocol -I../../third_party/flatbuffers/src/include -I../../third_party/perfetto -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -I../../third_party/brotli/include -Igen/components/sync/protocol -I../../third_party/fontconfig/src -Igen -Igen -Igen -Igen -Igen -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -funwind-tables -fPIC -pipe -pthread -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -Wall -Wno-unused-local-typedefs -Wno-deprecated-declarations -Wno-comments -Wno-packed-not-aligned -Wno-missing-field-initializers -Wno-unused-parameter -fno-omit-frame-pointer -fvisibility=hidden -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/nss -I/usr/include/nspr4 -I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include -std=gnu++14 -Wno-narrowing -Wno-class-memaccess -fno-exceptions -fno-rtti -fvisibility-inlines-hidden -O2 -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -fasynchronous-unwind-tables -faligned-new -Wno-attributes -Wno-error=class-memaccess -Wno-error=unknown-pragmas -Wno-error=array-bounds -c ../../chrome/browser/ui/views/frame/opaque_browser_frame_view_linux.cc -o obj/chrome/browser/ui/ui/opaque_browser_frame_view_linux.o In file included from ../../chrome/browser/ui/views/frame/opaque_browser_frame_view_platform_specific.h:8, from ../../chrome/browser/ui/views/frame/opaque_browser_frame_view_linux.h:10, from ../../chrome/browser/ui/views/frame/opaque_browser_frame_view_linux.cc:5: /usr/include/c++/8.3.1/memory: In function 'void* std::align(std::size_t, std::size_t, void*&, std::size_t&)': /usr/include/c++/8.3.1/memory:119:17: internal compiler error: Segmentation fault if ((__size + __diff) > __space) ^~~~~~ Please submit a full bug report, with preprocessed source if appropriate. See <https://bugs.mageia.org/> for instructions.
I wonder if it's one of those random crashes that doesn't happen if you just try it again or if it's a real compiler bug.
CC: (none) => tmb
Updated packages are available for testing: MGA7 SRPM: chromium-browser-stable-79.0.3945.130-1.mga7.src.rpm RPMS: chromium-browser-79.0.3945.130-1.mga7.i586.rpm chromium-browser-stable-79.0.3945.130-1.mga7.i586.rpm chromium-browser-79.0.3945.130-1.mga7.x86_64.rpm chromium-browser-stable-79.0.3945.130-1.mga7.x86_64.rpm
Assignee: cjw => qa-bugsCC: (none) => cjw
X86_64 - Plasma - Physical Hardware - AMD, Nvidia 760 (Nvidia 390 driver) $ uname -a Linux localhost 5.4.17-desktop-1.mga7 #1 SMP Sat Feb 1 21:57:04 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux The following 3 packages are going to be installed: - chromium-browser-79.0.3945.130-1.mga7.x86_64 - chromium-browser-stable-79.0.3945.130-1.mga7.x86_64 - lib64jsoncpp19-1.8.4-2.mga7.x86_64 --- Ran Chromium for several hours without issue, typically abusive processes. Working as designed.
CC: (none) => brtians1
installed on laptop - xfce - a6 Seems to work fine. I see this when I run it from the command line. Does anyone think this is an issue? /usr/lib64/chromium-browser/chrome [5091:5091:0205/213143.364450:ERROR:sandbox_linux.cc(372)] InitializeSandbox() called with multiple threads in process gpu-process. [5106:1:0205/213143.732104:ERROR:child_process_sandbox_support_impl_linux.cc(79)] FontService unique font name matching request did not receive a response. [5106:1:0205/213143.732758:ERROR:child_process_sandbox_support_impl_linux.cc(79)] FontService unique font name matching request did not receive a response. seems to log a lot of this.
Noticed audio problems with VM, but seems to be unique to VM only at 32bits. 32bit on AMD x2 hardware, really old nvidia (running nouveau), mate Installed and tested. Working correctly with videos etc. Giving 32 and 64 okay.
Whiteboard: (none) => MGA7-32-OK MGA7-64-OK
Validating. Advisory in Comment 1.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
See also bug 26177. I think this update should go out as-is.
(In reply to Lewis Smith from comment #13) > See also bug 26177. I think this update should go out as-is. 26177 is Cauldron only, we dont push new glibc in stable releases
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0078.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED