File _patchinfo of Package patchinfo.18040

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.18040

<patchinfo incident="18040">
  <issue tracker="bnc" id="1214003">Chromium crashed on page loading since last update (signal 11 SEGV_MAPERR  __strlen_avx2)</issue>
  <issue tracker="bnc" id="1214301">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 116.0.5845.96</issue>
  <issue tracker="cve" id="2023-4363"/>
  <issue tracker="cve" id="2023-4360"/>
  <issue tracker="cve" id="2023-4364"/>
  <issue tracker="cve" id="2023-4358"/>
  <issue tracker="cve" id="2023-4367"/>
  <issue tracker="cve" id="2023-4357"/>
  <issue tracker="cve" id="2023-4349"/>
  <issue tracker="cve" id="2023-2312"/>
  <issue tracker="cve" id="2023-4355"/>
  <issue tracker="cve" id="2023-4368"/>
  <issue tracker="cve" id="2023-4350"/>
  <issue tracker="cve" id="2023-4359"/>
  <issue tracker="cve" id="2023-4362"/>
  <issue tracker="cve" id="2023-4354"/>
  <issue tracker="cve" id="2023-4365"/>
  <issue tracker="cve" id="2023-4366"/>
  <issue tracker="cve" id="2023-4351"/>
  <issue tracker="cve" id="2023-4352"/>
  <issue tracker="cve" id="2023-4353"/>
  <issue tracker="cve" id="2023-4356"/>
  <issue tracker="cve" id="2023-4361"/>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

Chromium 116.0.5845.96

* New CSS features: Motion Path, and "display" and
  "content-visibility" animations
* Web APIs: AbortSignal.any(), BYOB support for Fetch, Back/
  forward cache NotRestoredReason API, Document Picture-in-
  Picture, Expanded Wildcards in Permissions Policy Origins,
  FedCM bundle: Login Hint API, User Info API, and RP Context API,
  Non-composed Mouse and Pointer enter/leave events, 
  Remove document.open sandbox inheritance, 
  Report Critical-CH caused restart in NavigationTiming

This update fixes a number of security issues (boo#1214301):

* CVE-2023-2312: Use after free in Offline
  * CVE-2023-4349: Use after free in Device Trust Connectors
  * CVE-2023-4350: Inappropriate implementation in Fullscreen
  * CVE-2023-4351: Use after free in Network
  * CVE-2023-4352: Type Confusion in V8
  * CVE-2023-4353: Heap buffer overflow in ANGLE
  * CVE-2023-4354: Heap buffer overflow in Skia
  * CVE-2023-4355: Out of bounds memory access in V8
  * CVE-2023-4356: Use after free in Audio
  * CVE-2023-4357: Insufficient validation of untrusted input in XML
  * CVE-2023-4358: Use after free in DNS
  * CVE-2023-4359: Inappropriate implementation in App Launcher
  * CVE-2023-4360: Inappropriate implementation in Color
  * CVE-2023-4361: Inappropriate implementation in Autofill
  * CVE-2023-4362: Heap buffer overflow in Mojom IDL
  * CVE-2023-4363: Inappropriate implementation in WebShare
  * CVE-2023-4364: Inappropriate implementation in Permission Prompts
  * CVE-2023-4365: Inappropriate implementation in Fullscreen
  * CVE-2023-4366: Use after free in Extensions
  * CVE-2023-4367: Insufficient policy enforcement in Extensions API
  * CVE-2023-4368: Insufficient policy enforcement in Extensions API

- Fix crash with extensions (boo#1214003)

</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.18040

Places