openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0373-1 Rating: important References: #1233311 Cross-References: CVE-2024-11110 CVE-2024-11111 CVE-2024-11112 CVE-2024-11113 CVE-2024-11114 CVE-2024-11115 CVE-2024-11116 CVE-2024-11117 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 131.0.6778.69 (stable released 2024-11-12) (boo#1233311) * CVE-2024-11110: Inappropriate implementation in Blink. * CVE-2024-11111: Inappropriate implementation in Autofill. * CVE-2024-11112: Use after free in Media. * CVE-2024-11113: Use after free in Accessibility. * CVE-2024-11114: Inappropriate implementation in Views. * CVE-2024-11115: Insufficient policy enforcement in Navigation. * CVE-2024-11116: Inappropriate implementation in Paint. * CVE-2024-11117: Inappropriate implementation in FileSystem. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-373=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-131.0.6778.69-bp155.2.141.1 chromium-131.0.6778.69-bp155.2.141.1 References: https://www.suse.com/security/cve/CVE-2024-11110.html https://www.suse.com/security/cve/CVE-2024-11111.html https://www.suse.com/security/cve/CVE-2024-11112.html https://www.suse.com/security/cve/CVE-2024-11113.html https://www.suse.com/security/cve/CVE-2024-11114.html https://www.suse.com/security/cve/CVE-2024-11115.html https://www.suse.com/security/cve/CVE-2024-11116.html https://www.suse.com/security/cve/CVE-2024-11117.html https://bugzilla.suse.com/1233311