Forum: >>> Magnum BBS <<<

[gentoo-announce] [ GLSA 202402-05 ] Microsoft Edge: Multiple Vulnerabi

From [email protected]@21:1/5 to All on Sat Feb 3 09:10:02 2024

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202402-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Microsoft Edge: Multiple Vulnerabilities
Date: February 03, 2024
Bugs: #907817, #908518, #918586, #919495
ID: 202402-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been discovered in Microsoft Edge, the
worst of which could lead to remote code execution.

Background
==========

Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.

Affected packages
=================

Package Vulnerable Unaffected ------------------------- --------------- ---------------- www-client/microsoft-edge < 120.0.2210.61 >= 120.0.2210.61

Description
===========

Multiple vulnerabilities have been discovered in Microsoft Edge. Please
review the CVE identifiers referenced below for details.

Impact
======

Please review the referenced CVE identifiers for details.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Microsoft Edge users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-120.0.2210.61"

References
==========

[ 1 ] CVE-2023-29345
https://nvd.nist.gov/vuln/detail/CVE-2023-29345
[ 2 ] CVE-2023-33143
https://nvd.nist.gov/vuln/detail/CVE-2023-33143
[ 3 ] CVE-2023-33145
https://nvd.nist.gov/vuln/detail/CVE-2023-33145
[ 4 ] CVE-2023-35618
https://nvd.nist.gov/vuln/detail/CVE-2023-35618
[ 5 ] CVE-2023-36022
https://nvd.nist.gov/vuln/detail/CVE-2023-36022
[ 6 ] CVE-2023-36029
https://nvd.nist.gov/vuln/detail/CVE-2023-36029
[ 7 ] CVE-2023-36034
https://nvd.nist.gov/vuln/detail/CVE-2023-36034
[ 8 ] CVE-2023-36409
https://nvd.nist.gov/vuln/detail/CVE-2023-36409
[ 9 ] CVE-2023-36559
https://nvd.nist.gov/vuln/detail/CVE-2023-36559
[ 10 ] CVE-2023-36562
https://nvd.nist.gov/vuln/detail/CVE-2023-36562
[ 11 ] CVE-2023-36727
https://nvd.nist.gov/vuln/detail/CVE-2023-36727
[ 12 ] CVE-2023-36735
https://nvd.nist.gov/vuln/detail/CVE-2023-36735
[ 13 ] CVE-2023-36741
https://nvd.nist.gov/vuln/detail/CVE-2023-36741
[ 14 ] CVE-2023-36787
https://nvd.nist.gov/vuln/detail/CVE-2023-36787
[ 15 ] CVE-2023-36880
https://nvd.nist.gov/vuln/detail/CVE-2023-36880
[ 16 ] CVE-2023-38174
https://nvd.nist.gov/vuln/detail/CVE-2023-38174

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202402-05

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to [email protected] or alternatively, you may file a bug at https://bugs.gentoo.org.

License
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmW98u8ACgkQFMQkOaVy +9nL6RAA06hQDdp8D4uftAAxb3bpFLx2tK559EM/awwNU8XtfG6CtlEv3yL2Sz1f RlgW0skBNVovGKAp4ple+CXcos4uuQ+OU58SspTjftOQFG9YzQsFY73EIjG/JhxT iv30Eyn6FmTJOHmIiCVtMuvw0JmpNVY4MjLwBNtEIbZ+6eHpYqbAIhkPWT6ZaTda CGc+PWAZqMhLIceqEg1AY8GKUNCYaQMRlkrBuXmpUtr7O2eV5LONWAwOP7LF27bP W5pbkDM+8oVutdIs1UXY2/W+L2OS98qLN2ODVxRz+YTyZ+cw7G3Jkj7wbqBdJk5R mrCfze4DgxOLued/FdrWzsxChJ0RF1GjfPnxZuKfwM89Xp52F2EPrO4jORcXxiZz ynOPh+m3NsQ7I6RQa6SxS+WFU7hKHFAMeK75iZCIkgxMxCDthAGnctftF1l/b0/g kwXoUGKmI4VaZbQO7n5GRr6gyk88xlHbFlHbPzrXRTdPWabjjECIHMSzW39zB+bh ispqXDzpCFKiQqUcec6C2+OT1ZwDJTs0nSkom8whAcw8w4gTjnT2j+qoY/mciTas pJNckbkpiA89aLdmqKmV1oKQhyfoafcJuitP65Hdbjx+3XahiRsGOtHA32GIIKWF LZjbzvFTS/kNMSpfB2hro3bh7iaLJGKssj6fY7qL84DaQpctVFo=
=YtLF
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Krenn
  Tue Jun 9 11:18:15 2026
  from Sydney, Nsw via Telnet
- Bob Worm
  Tue Jun 9 10:31:07 2026
  from Wales, Uk via Telnet
- Centurion
  Mon Jun 8 23:30:43 2026
  from Berea, Ohio via Telnet
- Centurion
  Mon Jun 8 21:33:11 2026
  from Berea, Ohio via Telnet
- Bob Worm
  Mon Jun 8 20:15:00 2026
  from Wales, Uk via Telnet
- Bob Worm
  Mon Jun 8 16:33:22 2026
  from Wales, Uk via Telnet
- Bob Worm
  Mon Jun 8 14:11:46 2026
  from Wales, Uk via Telnet
- Krenn
  Mon Jun 8 11:22:02 2026
  from Sydney, Nsw via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (3 / 13)
Uptime:	43:25:42
Calls:	12,111
Calls today:	2
Files:	15,008
Messages:	6,518,440

[gentoo-announce] [ GLSA 202402-05 ] Microsoft Edge: Multiple Vulnerabi

Who's Online

Recent Visitors

System Info