https://bugzilla.suse.com/show_bug.cgi?id=1201216 Bug ID: 1201216 Summary: VUL-0: chromium: multiple security issues fixed in 103.0.5060.114 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: gmbr3@opensuse.org Reporter: gabriele.sonnu@suse.com QA Contact: security-team@suse.de CC: Andreas.Stieger@gmx.de Found By: --- Blocker: --- This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$TBD][1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01 [$7500][1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16 [$3000][1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. Google is aware that an exploit for CVE-2022-2294 exists in the wild. As usual, our ongoing internal security work was responsible for a wide range of fixes: [1338205] Various fixes from internal audits, fuzzing and other initiatives -- You are receiving this mail because: You are on the CC list for the bug.