openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Security update for chromium

This update for chromium fixes the following issues:

- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
boo#1218533, boo#1218719)

* CVE-2024-0333: Insufficient data validation in Extensions
* CVE-2024-0222: Use after free in ANGLE
* CVE-2024-0223: Heap buffer overflow in ANGLE
* CVE-2024-0224: Use after free in WebAudio
* CVE-2024-0225: Use after free in WebGPU
* CVE-2023-7024: Heap buffer overflow in WebRTC
* CVE-2023-6702: Type Confusion in V8
* CVE-2023-6703: Use after free in Blink
* CVE-2023-6704: Use after free in libavif (boo#1218303)
* CVE-2023-6705: Use after free in WebRTC
* CVE-2023-6706: Use after free in FedCM
* CVE-2023-6707: Use after free in CSS
* CVE-2023-6508: Use after free in Media Stream
* CVE-2023-6509: Use after free in Side Panel Search
* CVE-2023-6510: Use after free in Media Capture
* CVE-2023-6511: Inappropriate implementation in Autofill
* CVE-2023-6512: Inappropriate implementation in Web Browser UI

Submitted by Andreas Stieger (AndreasStieger)

Fixed bugs

bnc#1218302

VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.129

bnc#1218533

VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.199

bnc#1217839

VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.62

bnc#1218048

VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.109

bnc#1218303

VUL-0: CVE-2023-6704: libavif,chromium,ungoogled-chromium,nodejs-electron: use after free in libavif

bnc#1218719

VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.216

Places

Fixed bugs

Selected Binaries

Places