[Bug 1222260] New: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.105
https://bugzilla.suse.com/show_bug.cgi?id=1222260 Bug ID: 1222260 Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.105 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: m.szczepaniak.000@gmail.com Reporter: abergmann@suse.com QA Contact: security-team@suse.de Target Milestone: --- Found By: --- Blocker: --- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desk... Stable Channel Update for Desktop Tuesday, April 2, 2024 The Stable channel has been updated to 123.0.6312.105/.106/.107 for Windows and Mac and 123.0.6312.105 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. High CVE-2024-3156: Inappropriate implementation in V8 High CVE-2024-3158: Use after free in Bookmarks High CVE-2024-3159: Out of bounds memory access in V8 For detailed information, please look into the official Chrome release announcement. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1222260 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Major CC| |abergmann@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1222260 Robert Frohl <rfrohl@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |https://smash.suse.de/issue | |/400098/ CC| |rfrohl@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1222260 Maintenance Automation <maint-coord+maintenance-robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1222260 Roger Whittaker <roger.whittaker@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |roger.whittaker@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1222260 https://bugzilla.suse.com/show_bug.cgi?id=1222260#c4 --- Comment #4 from Marcus Meissner <meissner@suse.com> --- openSUSE-SU-2024:0123-1: An update that fixes 35 vulnerabilities is now available. Category: security (important) Bug References: 1221732,1222035,1222260,1222707,1222958,1223845,1223846,1224045 CVE References: CVE-2024-2625,CVE-2024-2626,CVE-2024-2627,CVE-2024-2628,CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887,CVE-2024-3156,CVE-2024-3157,CVE-2024-3158,CVE-2024-3159,CVE-2024-3515,CVE-2024-3516,CVE-2024-3832,CVE-2024-3833,CVE-2024-3834,CVE-2024-3837,CVE-2024-3838,CVE-2024-3839,CVE-2024-3840,CVE-2024-3841,CVE-2024-3843,CVE-2024-3844,CVE-2024-3845,CVE-2024-3846,CVE-2024-3847,CVE-2024-4058,CVE-2024-4059,CVE-2024-4060,CVE-2024-4331,CVE-2024-4368,CVE-2024-4558,CVE-2024-4559,CVE-2024-4671 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): chromium-124.0.6367.201-bp155.2.78.1 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com