Upstream has released version on January 16: https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html It includes 3 security fixes (CVE-2024-051[7-9]). CVE-2024-0519 is a zero day.
Source RPM: (none) => chromium-browser-stable-120.0.6099.216-1.mga9.tainted.src.rpmWhiteboard: (none) => MGA9TOOCVE: (none) => CVE-2024-0517, CVE-2024-0518, CVE-2024-0519
Christian is the man for this package; assigning to you.
Assignee: bugsquad => chb0Status comment: (none) => fixed in 120.0.6099.224
ADVISORY NOTICE PROPOSAL ======================== New chromium-browser-stable 120.0.6099.224 security update Description The chromium-browser-stable package has been updated to the 120.0.6099.224 release. 4 vulnerabilities are fixed; some of them are listed below: High CVE-2024-0517: Out of bounds write in V8. Reported by Toan (suto) Pham of Qrious Secure on High CVE-2024-0518: Type Confusion in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on High CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous on 2024-01-11 Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild. References https://bugs.mageia.org/show_bug.cgi?id=32725 https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html SRPMS 9/tainted chromium-browser-stable-120.0.6099.224-1.mga9.tainted.src.rpm PROVIDED PACKAGES ================= x86_64 chromium-browser-120.0.6099.224-1.mga9.tainted.x86_64.rpm chromium-browser-stable-120.0.6099.224-1.mga9.tainted.x86_64.rpm i586 chromium-browser-120.0.6099.224-1.mga9.tainted.i586.rpm chromium-browser-stable-120.0.6099.224-1.mga9.tainted.i586.rpm
Priority: Normal => High
Whiteboard: MGA9TOO => (none)Version: Cauldron => 9
Ready for QA!
CC: (none) => andrewsfarm, fri, guillaume.royer, j.alberto.vcAssignee: chb0 => qa-bugs
CC: (none) => chb0, marja11
MGA9-64 Plasma Wayland on HP Pavillion No installation issues. Starting first time shws tab for Mageia and tab for Chrome-whatever. Try to close the Mageia tab (press mouse wheel) makes chromium completely crash. At CLI: $ chromium-browser [22439:22439:0119/142101.411641:ERROR:policy_logger.cc(156)] :components/enterprise/browser/controller/chrome_browser_cloud_management_controller.cc(161) Cloud management controller initialization aborted as CBCM is not enabled. Please use the `--enable-chrome-browser-cloud-management` command line flag to enable it if you are not using the official Google Chrome build. [22485:22485:0119/142107.428500:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 1 times! [22485:22485:0119/142109.541031:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 2 times! [22485:22485:0119/142112.960009:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 3 times! [0119/142125.359852:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.360486:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.360718:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.362961:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.366510:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.376804:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.377049:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.380884:ERROR:elf_dynamic_array_reader.h(64)] tag not found [0119/142125.382219:ERROR:elf_dynamic_array_reader.h(64)] tag not found Segmentation fault (core dumped) Subsequent tries to start, crash straightaway. Deleting ~/.config/chromium allows o start again, but same operation, same crash
CC: (none) => herman.viaene
The two previous versions have the same problem
Tested in real Hardware Mageia 9 x86_64 lxqt: -youtube ok -clarovideo ok - facebook ok plasma wayland -youtube ok -clarovideo fail (look like this site or to widevine not likes wayland sesion) - facebook ok Can't reproduce the issue reported by Herman in comment#4
Advisory from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"
Keywords: (none) => advisory
Tested on Real Hardware Mageia 9 i586 lxqt youtube ok zoom.us test meeting in the browser works mageia sites ok
Whiteboard: (none) => MGA9-32-OK
MGA9-64 Plasma, i5-7500, nvidia-current graphics, wired Internet. Updated over the old version with no issues. About all I do with this regularly is access my bank, as the bank seems to trust this browser more than it does Firefox. I tried the banking site, logged on with no issues, checked my accounts. (Whew! No problems!) Logged off, and closed the browser. I did not see the issue from comment 3, but this was an update. Herman, was your test with a new install?
New install
(In reply to Herman Viaene from comment #10) > New install Hi. What is your GPU and have you tried to reboot and test again? Thanks
Fresh reboot: crash as soon as I click anywhere ib its window. Subsequent tries to open it fail completely. From MCC-Hardware: Vendor: Intel Corporation Description: Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated Graphics Controller Media class: VGA compatible controller Module: Card:Intel 810 and later
(In reply to Herman Viaene from comment #12) > Fresh reboot: crash as soon as I click anywhere ib its window. Subsequent > tries to open it fail completely. > From MCC-Hardware: > Vendor: Intel Corporation > Description: Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated > Graphics Controller > Media class: VGA compatible controller > Module: Card:Intel 810 and later I just saw you are on Wayland. If you start with Plasma X11, do you get the same behavior?
Fresh reboot, choosing Plasma(X11), same crash.
Created attachment 14272 [details] chrome-wrapper for test Hi Herman Could you please replace /usr/lib64/chromium-browser/chrome-wrapper by the attached file and test again? Of course, you keep calling it /usr/lib64/chromium-browser/chrome-wrapper
MGA9 GNOME Wayland 64 Updated Chromium with QA repo. Tested with Element web client MAtrix Ok, Netflix Ok Bank site Ok, Facebook Ok, I did not see the issue from comment 3 too.
(In reply to Herman Viaene from comment #14) > Fresh reboot, choosing Plasma(X11), same crash. Try creating a new user, so /home/$USER starts off with just the directories and files from /etc/skel/ Logout/in as the new user and then try it.
CC: (none) => davidwhodgins
MGA9-64 Lxqt in VirtualBox. Used qarepo to download the packages, then used MCC to install chromium-browser, which drew in chromium-browser-stable. I ran it from the command line, and got a window as Herman describes - two tabs, one of them Mageia, the other Google. Closing the Mageia tab (left click on the "x") did not crash the browser. Closing the browser revealed an even more extensive amount of text about errors than Herman posted (see the coming attachment) in the terminal. Running it again shows the text in the terminal, but just the Google tab. (Perhaps off-topic) When I update chromium on my main system, I never see two tabs. I suspect that may be because I have a theme installed containing a Google home page with hot air balloons in the background, but I've never had the inclination to investigate.
Created attachment 14273 [details] contents of the terminal window after running chromium
(In reply to Thomas Andrews from comment #19) > Created attachment 14273 [details] > contents of the terminal window after running chromium Hi. These errors have been here for a long time. If you try what I proposed on comment #15, does it improve?
I have a "chromium-wrapper" but no "chrome-wrapper." Trying it as "chromium-wrapper..."
Doesn't seem to make a significant difference. I still see the errors. I have no problem with the error messages, which are apparently largely cosmetic. I see them with other applications as well, and they don't seem to do any harm. I posted the ones I saw, where I didn't see the error that Herman saw, so that they could be compared. Maybe a difference would give a clue about why his is failing.
(In reply to Herman Viaene from comment #12) > Fresh reboot: crash as soon as I click anywhere ib its window. Subsequent > tries to open it fail completely. > From MCC-Hardware: > Vendor: Intel Corporation > Description: Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated > Graphics Controller > Media class: VGA compatible controller > Module: Card:Intel 810 and later Try installing vaapi-driver-intel and lib64dri-drivers
I tried within a VM with Gnome Wayland and Plasma Wayland and I am not able to replicate the crash.
mga9 x86_64 OK for me. clean update. My normal tests in banking and tax office, video sites. There are unusually many errors in console output, but i am used to it increasing over time... works anyway. Using nvidia470, mesa from updates_testing and kernel from backports testing: $ uname -a Linux svarten.tribun 6.6.11-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Thu Jan 11 11:55:27 UTC 2024 x86_64 GNU/Linux ---- Some of the oputput for reference [74054:74078:0121/114256.871974:ERROR:x11_software_bitmap_presenter.cc(141)] XGetWindowAttributes failed for window 23068693 libpng warning: iCCP: known incorrect sRGB profile [74054:74078:0121/114411.994097:ERROR:x11_software_bitmap_presenter.cc(141)] XGetWindowAttributes failed for window 23068701 Warning: remove_all_non_valid_override_layers: Failed to get executable path and name Warning: loader_scanned_icd_add: Could not get 'vkCreateInstance' via 'vk_icdGetInstanceProcAddr' for ICD libGLX_nvidia.so.0 Warning: /usr/lib64/libvulkan_intel.so: cannot open shared object file: Permission denied Warning: loader_icd_scan: Failed loading library associated with ICD JSON /usr/lib64/libvulkan_intel.so. Ignoring this JSON Warning: loader_get_json: Failed to open JSON file intel_hasvk_icd.x86_64.json Warning: /usr/lib64/libvulkan_radeon.so: cannot open shared object file: Permission denied Warning: loader_icd_scan: Failed loading library associated with ICD JSON /usr/lib64/libvulkan_radeon.so. Ignoring this JSON Warning: loader_get_json: Failed to open JSON file lvp_icd.x86_64.json Error: Loader Message: setup_loader_term_phys_devs: Failed to detect any valid GPUs in the current config Warning: vkEnumeratePhysicalDevices at GatherPhysicalDevices (../../third_party/dawn/src/dawn/native/vulkan/VulkanInfo.cpp:144) at Initialize (../../third_party/dawn/src/dawn/native/vulkan/BackendVk.cpp:388) at Create (../../third_party/dawn/src/dawn/native/vulkan/BackendVk.cpp:301) at operator() (../../third_party/dawn/src/dawn/native/vulkan/BackendVk.cpp:556) libpng warning: iCCP: known incorrect sRGB profile + that line repeated about twenty times Warning: disabling flag --expose_wasm due to conflicting flags [74054:74078:0121/140747.842419:ERROR:x11_software_bitmap_presenter.cc(141)] XGetWindowAttributes failed for window 23068824 [74054:74054:0121/140750.358918:ERROR:shared_image_manager.cc(220)] SharedImageManager::ProduceSkia: Trying to Produce a Skia representation from a non-existent mailbox. [71993:71993:0121/140750.361880:ERROR:interface_endpoint_client.cc(702)] Message 1 rejected by interface blink.mojom.WidgetHost [74054:74054:0121/140750.368081:ERROR:shared_image_manager.cc(220)] SharedImageManager::ProduceSkia: Trying to Produce a Skia representation from a non-existent mailbox. [74054:74054:0121/140750.377337:ERROR:shared_image_manager.cc(220)] SharedImageManager::ProduceSkia: Trying to Produce a Skia representation from a non-existent mailbox. [74054:74078:0121/140829.685838:ERROR:x11_software_bitmap_presenter.cc(141)] XGetWindowAttributes failed for window 23068828
I forgot to say GPU is nvidia GTX750Ti, and mesa is non-tainted variant. I understand lot of error mesages are Chroiim trying different methods and of course some fail, like radeon for nvidia. But what does it mean by Error: Loader Message: setup_loader_term_phys_devs: Failed to detect any valid GPUs in the current config Not any valid GPU for what? Video accel seem to be working, by speed of applications, and vdpauinfo $ vdpauinfo display: :0 screen: 0 API version: 1 Information string: NVIDIA VDPAU Driver Shared Library 470.223.02 Sat Oct 7 15:31:08 UTC 2023
(In reply to Morgan Leijström from comment #26) > I forgot to say GPU is nvidia GTX750Ti, and mesa is non-tainted variant. > > I understand lot of error mesages are Chroiim trying different methods and > of course some fail, like radeon for nvidia. > > But what does it mean by > Error: Loader Message: setup_loader_term_phys_devs: Failed to detect any > valid GPUs in the current config > > Not any valid GPU for what? > > Video accel seem to be working, by speed of applications, and vdpauinfo > > $ vdpauinfo > display: :0 screen: 0 > API version: 1 > Information string: NVIDIA VDPAU Driver Shared Library 470.223.02 Sat Oct > 7 15:31:08 UTC 2023 Did you have other vaapi / vdpau packages from your QA work? I think you only neeed the nvdia related rpm -qa|grep vdpau rpm -qa|grep vaapi And maybe you need the tainted mesa packages for the tainted features of chromiun
Re Comment 27 rpm -qa|grep vdpau rpm -qa|grep vaapi lib64vdpau1-1.5-1.mga9 vaapi-driver-vdpau-0.7.4-11.1.mga9 lib64vdpau-driver-nouveau-23.3.3-1.mga9 vdpauinfo-1.5-1.mga9 vaapi-driver-intel-2.4.1-3.mga9 vaapi-driver-vdpau-0.7.4-11.1.mga9 I now upgraded to tainted: - lib64gbm1-23.3.3-1.mga9.tainted.x86_64 - lib64glapi0-23.3.3-1.mga9.tainted.x86_64 - lib64mesaegl1-23.3.3-1.mga9.tainted.x86_64 - lib64mesagl1-23.3.3-1.mga9.tainted.x86_64 - lib64mesaopencl1-23.3.3-1.mga9.tainted.x86_64 - lib64mesavulkan-drivers-23.3.3-1.mga9.tainted.x86_64 - lib64osmesa8-23.3.3-1.mga9.tainted.x86_64 - lib64vdpau-driver-nouveau-23.3.3-1.mga9.tainted.x86_64 - lib64xatracker2-23.3.3-1.mga9.tainted.x86_64 - mesa-23.3.3-1.mga9.tainted.x86_64 rebooted, surfed for a while. I stil see the X11 related messages but yet neither Warning: disabling flag --expose_wasm due to conflicting flags nor [74054:74054:0121/140750.358918:ERROR:shared_image_manager.cc(220)] SharedImageManager::ProduceSkia: Trying to Produce a Skia representation from a non-existent mailbox. Maybe i have just not hit that page that trigged that yet.
MGA9-64, Intel, Xfce Installed Chromium upgrade. Living with it for awhile. Working as expected.
CC: (none) => brtians1Whiteboard: MGA9-32-OK => MGA9-32-OK MGA9-64-OK
Reply to various suggestions above: replace /usr/lib64/chromium-browser/chrome-wrapper by the attached file : does not make eany difference @ Dave: did similar tests by deleting the ~/.config/chromium folder with or without rebooting: no change in behavior. vaapi-driver-intel and lib64dri-drivers are installed by default on this laptop and the mesa packages installed are all tainted.
(In reply to Herman Viaene from comment #5) > The two previous versions have the same problem That marks this as not being a new regression. I don't like sending out an update that has demonstrated a problem like this, however rare and hardware-specific it may be, but this IS a critical security update, and so far Herman is the only tester to have experienced a crash. If the developers can't replicate the issue, it will be extremely difficult for them to fix it, and while they try our users are missing out on the security patches. Reluctantly, I'm going to validate the update.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
(In reply to Herman Viaene from comment #30) > Reply to various suggestions above: > replace /usr/lib64/chromium-browser/chrome-wrapper by the attached file : > does not make eany difference > @ Dave: did similar tests by deleting the ~/.config/chromium folder with or > without rebooting: no change in behavior. > vaapi-driver-intel and lib64dri-drivers are installed by default on this > laptop and the mesa packages installed are all tainted. Please open a new bug and delete one more time ~/.config/chromium make sure you have gdb-minimal run gdb.minimal chromium-browser In the prompt of the application type run , and press enter, try to reproduce the crash, if you can, in the prompt of gdb type bt , and press enter, copy the output to a file and attach the file in the new bug
(In reply to katnatek from comment #32) > (In reply to Herman Viaene from comment #30) > > Reply to various suggestions above: > > replace /usr/lib64/chromium-browser/chrome-wrapper by the attached file : > > does not make eany difference > > @ Dave: did similar tests by deleting the ~/.config/chromium folder with or > > without rebooting: no change in behavior. > > vaapi-driver-intel and lib64dri-drivers are installed by default on this > > laptop and the mesa packages installed are all tainted. > > Please open a new bug and delete one more time ~/.config/chromium > > make sure you have gdb-minimal > > run gdb.minimal chromium-browser > > In the prompt of the application type run , and press enter, try to > reproduce the crash, if you can, in the prompt of gdb type bt , and press > enter, copy the output to a file and attach the file in the new bug Yes, please, open a new bug report and will try to solve it with the Chromium 121 update. Thanks
@Herman, do you remember what was the last version working on this laptop?
Last version, I'm even not sure it ever had chromium installed. I don't think so.
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0017.html
Status: NEW => RESOLVEDResolution: (none) => FIXED