32381 – Chromium 118.0.5993.70 update fixes vulnerabilities and bugs

Bug 32381 - Chromium 118.0.5993.70 update fixes vulnerabilities and bugs

Summary: Chromium 118.0.5993.70 update fixes vulnerabilities and bugs

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2023-10-12 23:01 CEST by christian barranco
Modified:	2023-10-19 18:14 CEST (History)
CC List:	5 users (show)

See Also:
Source RPM:	chromium-browser-stable-117.0.5938.132-1.mga9.tainted.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description christian barranco 2023-10-12 23:01:00 CEST

New upstream release:

https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html

Comment 1 christian barranco 2023-10-16 21:31:18 CEST

Ready for QA!

ADVISORY NOTICE PROPOSAL
========================

New chromium-browser-stable 118.0.5993.70 fixes bugs and vulnerabilities


Description
The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing bugs and 20 vulnerabilities.

Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27

Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17

Medium CVE-2023-5484: Inappropriate implementation in Navigation. Reported by Thomas Orlita on 2023-02-11

Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30

Medium CVE-2023-5483: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-03-17

Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28

Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20

Medium CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car] on 2023-09-15

Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09

Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02

Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-08-12

Low CVE-2023-5477: Inappropriate implementation in Installer. Reported by Bahaa Naamneh of Crosspoint Labs on 2023-08-13

Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29

Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18




References
https://bugs.mageia.org/show_bug.cgi?id=32381
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html


SRPMS
9/tainted
chromium-browser-stable-118.0.5993.70-1.mga9.tainted.src.rpm


PROVIDED PACKAGES
=================
x86_64
chromium-browser-118.0.5993.70-1.mga9.tainted.x86_64.rpm
chromium-browser-stable-118.0.5993.70-1.mga9.tainted.x86_64.rpm

i586
chromium-browser-118.0.5993.70-1.mga9.tainted.i586.rpm
chromium-browser-stable-118.0.5993.70-1.mga9.tainted.i586.rpm

Assignee: chb0 => qa-bugs
CC: (none) => fri

Comment 2 Len Lawrence 2023-10-16 22:34:11 CEST

Mageia9, x86_64.
Working before update.
Working afterwards.  Site search -> APOD, Dust videos.  Video and audio work OK.
Used local file path as a URL and viewed a PDF journal without any glitches.  Selected and printed a single page.  Logged in to my bank and checked cash balances.  Logged in to my NAS drive on the LAN - Windows interface - browsed files.  Looks good here.

CC: (none) => tarazed25

Comment 3 Morgan Leijström 2023-10-17 01:23:28 CEST

OK here
mga9-64, Plasma
Nvidia470 on GTX750
kernel 6.4.16-desktop-3.mga9 on i7-870

Tabs from previous session preserved
Swedish localisation
Used three banking sites
Used four video sites
Printed to Boomaga

Comment 4 Marja Van Waes 2023-10-17 18:45:11 CEST

Advisory from comment 1 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete".

I removed "20" from "fixing bugs and 20 vulnerabilities" in the description, because there were only 14 CVEs in comment 1.

Keywords: (none) => advisory
CC: (none) => marja11

Comment 5 katnatek 2023-10-17 19:20:34 CEST

Why the 22x22 icon is a dark one instead the traditional blue?

Comment 6 christian barranco 2023-10-17 21:37:43 CEST

(In reply to Marja Van Waes from comment #4)
> Advisory from comment 1 added to SVN. Please remove the "advisory" keyword
> if it needs to be changed. It also helps when obsolete advisories are tagged
> as "obsolete".
> 
> I removed "20" from "fixing bugs and 20 vulnerabilities" in the description,
> because there were only 14 CVEs in comment 1.

Hi. Thanks. It is usual. Not all CVE are published. The number is then usually higher.
It looks like though I have deleted by mistake the following sentence some time ago, before the list of CVEs : "Some of the security fixes are:"

Comment 7 christian barranco 2023-10-17 21:58:45 CEST

(In reply to katnatek from comment #5)
> Why the 22x22 icon is a dark one instead the traditional blue?

Because for a reason I don't know, Chromium package does not include a 22x22 color icon. It does incluse a 22x22 monochrome.
If I remember well, it is Wally who has found this monochrome icon and I have kept it since then.

Arch does not ship any 22x22 icon. I just checked and Fedora neither. openSUSE uses only their own svg icon.

I can remove it from next update (in about 2 weeks, usually), if you find this confusing.

Comment 8 katnatek 2023-10-18 03:00:35 CEST

(In reply to christian barranco from comment #7)
> (In reply to katnatek from comment #5)
> > Why the 22x22 icon is a dark one instead the traditional blue?
> 
> Because for a reason I don't know, Chromium package does not include a 22x22
> color icon. It does incluse a 22x22 monochrome.
> If I remember well, it is Wally who has found this monochrome icon and I
> have kept it since then.
> 
> Arch does not ship any 22x22 icon. I just checked and Fedora neither.
> openSUSE uses only their own svg icon.
> 
> I can remove it from next update (in about 2 weeks, usually), if you find
> this confusing.

Yes please, it's invisible on dark themes, I almost open a bug report thinking that the icon is missing, until I search on icon folders

Comment 9 Guillaume Royer 2023-10-18 17:31:50 CEST

MGA 9 64 GNOME Core I5, 16Go RAM

Updated with QA Repo:

No issue at installation:

chromium-browser               118.0.5993.> 1.mga9.taint> x86_64  
chromium-browser-stable        118.0.5993.> 1.mga9.taint> x86_64

Bank site OK,
FaceBook OK
Element Matrix web client OK
Netflix OK

CC: (none) => guillaume.royer

Guillaume Royer 2023-10-18 17:32:06 CEST

Whiteboard: (none) => MGA9-64-OK

Comment 10 christian barranco 2023-10-18 19:46:11 CEST

(In reply to christian barranco from comment #6)
> (In reply to Marja Van Waes from comment #4)
> > Advisory from comment 1 added to SVN. Please remove the "advisory" keyword
> > if it needs to be changed. It also helps when obsolete advisories are tagged
> > as "obsolete".
> > 
> > I removed "20" from "fixing bugs and 20 vulnerabilities" in the description,
> > because there were only 14 CVEs in comment 1.
> 
> Hi. Thanks. It is usual. Not all CVE are published. The number is then
> usually higher.
> It looks like though I have deleted by mistake the following sentence some
> time ago, before the list of CVEs : "Some of the security fixes are:"

Complement from Chromium release notes:

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

Comment 11 Morgan Leijström 2023-10-18 19:53:18 CEST

@Marja see Comment 10 for advisory addition

Keywords: advisory => (none)

Comment 12 christian barranco 2023-10-18 22:04:49 CEST

Cauldron is finally up to date. You can validate this update.

Morgan Leijström 2023-10-18 22:11:26 CEST

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 13 Marja Van Waes 2023-10-19 12:30:11 CEST

(In reply to christian barranco from comment #6)
> (In reply to Marja Van Waes from comment #4)

> > 
> > I removed "20" from "fixing bugs and 20 vulnerabilities" in the description,
> > because there were only 14 CVEs in comment 1.
> 
> Hi. Thanks. It is usual. Not all CVE are published. The number is then
> usually higher.
> It looks like though I have deleted by mistake the following sentence some
> time ago, before the list of CVEs : "Some of the security fixes are:"

(In reply to Morgan Leijström from comment #11)
> @Marja see Comment 10 for advisory addition

Thanks Christian and Morgan. The advisory in SVN has been updated.

Keywords: (none) => advisory

Comment 14 Mageia Robot 2023-10-19 18:14:25 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0289.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.