Ubuntu
chromium-browser package

Chromium Zero Day

Bug #1966572 reported by B[]
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Please see: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html

Apparently this also affects the Chromium package and is being actively exploited in the wild:

> [$TBD][1309225] High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23

Please update from Version 97.0.4692.20 (last updated 2021-11-26) to latest.

Tags: cve security v8

CVE References

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

This is published now:

https://ubuntu.com/security/notices/USN-5350-1

Changed in chromium-browser (Ubuntu):
status: New → Fix Released
information type: Private Security → Public Security
Revision history for this message
B[] (b-array) wrote :

@mdeslaur I see that the fix appears to be specifically for Ubuntu 18.04 LTS. The Chromium Browser package [1] appears to also support 20.04 LTS. Should this be marked as 'Fix Released' before all affected versions have a release?

[1] https://launchpad.net/ubuntu/+source/chromium-browser

Revision history for this message
Seth Arnold (seth-arnold) wrote :

The 20.04 LTS chromium-browser deb package exists only to install the chromium snap and deliver a few files to the filesystem outside the snap packaging system:

$ apt-file show chromium-browser
chromium-browser: /usr/bin/chromium-browser
chromium-browser: /usr/share/applications/chromium-browser.desktop
chromium-browser: /usr/share/apport/package-hooks/chromium-browser.py
chromium-browser: /usr/share/doc/chromium-browser/changelog.Debian.gz
chromium-browser: /usr/share/doc/chromium-browser/copyright
chromium-browser: /usr/share/icons/hicolor/128x128/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/22x22/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/24x24/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/256x256/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/48x48/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/64x64/apps/chromium-browser.png
chromium-browser: /usr/share/lintian/overrides/chromium-browser
chromium-browser: /usr/share/pixmaps/chromium-browser.png
$

The deb package doesn't need to be updated for snapd to automatically install a chromium update when one is made available.

Check snap info chromium on your system to see if you've received the update yet.

Thanks

Revision history for this message
B[] (b-array) wrote :

@seth-arnold I'm not sure snap does think it has the package?

```
$ apt-file show chromium-browser
chromium-browser: /usr/bin/chromium-browser
chromium-browser: /usr/share/applications/chromium-browser.desktop
chromium-browser: /usr/share/apport/package-hooks/chromium-browser.py
chromium-browser: /usr/share/doc/chromium-browser/changelog.Debian.gz
chromium-browser: /usr/share/doc/chromium-browser/copyright
chromium-browser: /usr/share/icons/hicolor/128x128/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/22x22/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/24x24/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/256x256/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/48x48/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/64x64/apps/chromium-browser.png
chromium-browser: /usr/share/lintian/overrides/chromium-browser
chromium-browser: /usr/share/pixmaps/chromium-browser.png
```

```
$ sudo snap refresh
All snaps up to date.
```

```
$ sudo snap list
Name Version Rev Tracking Publisher Notes
bare 1.0 5 latest/stable canonical✓ base
core18 20220309 2344 latest/stable canonical✓ base
gnome-3-34-1804 0+git.3556cb3 77 latest/stable/… canonical✓ -
gtk-common-themes 0.1-59-g7bca6ae 1519 latest/stable/… canonical✓ -
snapd 2.54.4 15177 latest/stable canonical✓ snapd
```

As far as I can tell, snap doesn't think it has control over Chromium. Unless apt somehow hides its control over Chromium (which would seem weird).

Running `sudo apt-get update && sudo apt-get upgrade` I also get no offer to upgrade Chromium.

I should also mention that I specifically run this version: https://launchpad.net/%7Esaiarcot895/+archive/ubuntu/chromium-beta

Revision history for this message
B[] (b-array) wrote :

I re-read the front page and apparently the PPA is managed on GitHub, I've opened a ticket [1] over there and pointed it back to this one.

[1] https://github.com/saiarcot895/chromium-ubuntu-build/issues/123

Revision history for this message
Seth Arnold (seth-arnold) wrote :

B[], aha, you've received no Chromium updates since November 2021 because the author of that PPA hasn't provided any.

apt-file will report what files are in the Ubuntu package whether or not you have it installed. It's very handy to see what files are in an Ubuntu package without installing it.

dpkg -l will report what files are in the package that you've got installed. It's the better tool if you have installed third-party packages.

Thanks

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.