Update Google Chrome Immediately to Patch a High Severity Vulnerability

Message
Author
User avatar
KBD
Posts: 959
Joined: Sun Jul 03, 2011 7:52 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#11 Post by KBD »

rich wrote: Thu Jun 07, 2018 12:22 pm I can't find anything online about this security issue in relation to Chromium.
Good. Maybe it doesn't affect Chromium. I know Debian is pretty good at getting security updates through quickly.

User avatar
namida12
Posts: 437
Joined: Sun Apr 01, 2007 4:54 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#12 Post by namida12 »

Google Chrome Upgraded...

Code: Select all

Commit Log for Thu Jun  7 16:37:56 2018


Upgraded the following packages:
google-chrome-stable (66.0.3359.181-1) to 67.0.3396.79-1

User avatar
rokytnji.1
Global Moderator
Posts: 706
Joined: Sun Apr 13, 2014 9:06 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#13 Post by rokytnji.1 »

Chromebook is done also

Code: Select all

harry@biker:~
$ apt-cache policy google-chrome-stable
google-chrome-stable:
  Installed: 67.0.3396.79-1
  Candidate: 67.0.3396.79-1
  Version table:
 *** 67.0.3396.79-1 500
        500 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages
        100 /var/lib/dpkg/status
harry@biker:~

User avatar
Stevo
Developer
Posts: 12776
Joined: Fri Dec 15, 2006 8:07 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#14 Post by Stevo »

I get the feeling that it does affect Chromium, since it's in code that is shared with Chrome.

User avatar
KBD
Posts: 959
Joined: Sun Jul 03, 2011 7:52 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#15 Post by KBD »

Stevo wrote: Thu Jun 07, 2018 10:21 pm I get the feeling that it does affect Chromium, since it's in code that is shared with Chrome.
I would have thought so too unless it is tied to Google's own tracking software which would be missing in Chromium. Maybe Google Analytics Javascript? I don't think they have said exactly what is compromised yet.

User avatar
Stevo
Developer
Posts: 12776
Joined: Fri Dec 15, 2006 8:07 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#16 Post by Stevo »

KBD wrote: Fri Jun 08, 2018 11:20 am
Stevo wrote: Thu Jun 07, 2018 10:21 pm I get the feeling that it does affect Chromium, since it's in code that is shared with Chrome.
I would have thought so too unless it is tied to Google's own tracking software which would be missing in Chromium. Maybe Google Analytics Javascript? I don't think they have said exactly what is compromised yet.
They aren't saying exactly what it is yet, which IMO is evidence that Chromium and derivatives are indeed still vulnerable.

User avatar
KBD
Posts: 959
Joined: Sun Jul 03, 2011 7:52 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#17 Post by KBD »

Stevo wrote: Fri Jun 08, 2018 1:28 pm They aren't saying exactly what it is yet, which IMO is evidence that Chromium and derivatives are indeed still vulnerable.
Hopefully we will get more detailed info soon.

User avatar
Stevo
Developer
Posts: 12776
Joined: Fri Dec 15, 2006 8:07 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#18 Post by Stevo »

There is a newer Chromium out now than even Sid or Ubuntu have packaged yet...I can get it by using the get-orig-source command in the debian/rules file, but don't know if it can be packaged on Stretch, though there are some hints in the rules file that they are trying to make that as easy as possible.

https://repology.org/metapackage/chromium/versions

User avatar
KBD
Posts: 959
Joined: Sun Jul 03, 2011 7:52 pm

Re: Update Google Chrome Immediately to Patch a High Severity Vulnerability

#19 Post by KBD »

Stevo wrote: Fri Jun 08, 2018 1:54 pm There is a newer Chromium out now than even Sid or Ubuntu have packaged yet...I can get it by using the get-orig-source command in the debian/rules file, but don't know if it can be packaged on Stretch, though there are some hints in the rules file that they are trying to make that as easy as possible.

https://repology.org/metapackage/chromium/versions
Will keep an eye on that. Looks like Arch has 67 and 68 is in the dev channel.

Post Reply

Return to “General”