SUSE Package Hub - openSUSE-2023-117

Update Info

openSUSE-2023-117

Security update for chromium

Type: security

Severity: important

Issued: 2023-05-31

Description:

This update for chromium fixes the following issues:

- build with llvm15 on Leap

- Chromium 113.0.5672.126 (boo#1211442):
  * CVE-2023-2721: Use after free in Navigation
  * CVE-2023-2722: Use after free in Autofill UI
  * CVE-2023-2723: Use after free in DevTools
  * CVE-2023-2724: Type Confusion in V8
  * CVE-2023-2725: Use after free in Guest View
  * CVE-2023-2726: Inappropriate implementation in WebApp Installs
  * Various fixes from internal audits, fuzzing and other initiatives

- Chromium 113.0.5672.92 (boo#1211211)
- Multiple security fixes (boo#1211036):
  * CVE-2023-2459: Inappropriate implementation in Prompts
  * CVE-2023-2460: Insufficient validation of untrusted input in Extensions
  * CVE-2023-2461: Use after free in OS Inputs
  * CVE-2023-2462: Inappropriate implementation in Prompts
  * CVE-2023-2463: Inappropriate implementation in Full Screen Mode
  * CVE-2023-2464: Inappropriate implementation in PictureInPicture
  * CVE-2023-2465: Inappropriate implementation in CORS
  * CVE-2023-2466: Inappropriate implementation in Prompts
  * CVE-2023-2467: Inappropriate implementation in Prompts
  * CVE-2023-2468: Inappropriate implementation in PictureInPicture

References

CVE: CVE-2023-2726
CVE: CVE-2023-2725
CVE: CVE-2023-2724
CVE: CVE-2023-2723
CVE: CVE-2023-2722
CVE: CVE-2023-2721
CVE: CVE-2023-2468
CVE: CVE-2023-2467
CVE: CVE-2023-2466
CVE: CVE-2023-2465
CVE: CVE-2023-2464
CVE: CVE-2023-2463
CVE: CVE-2023-2462
CVE: CVE-2023-2461
CVE: CVE-2023-2460
CVE: CVE-2023-2459
Bugzilla: 1211442 VUL-0: chromium: multiple security issues fixed in 113.0.5672.126
Bugzilla: 1211211 VUL-0: chromium: Update to 113.0.5672.92
Bugzilla: 1211036 VUL-0: chromium: multiple security issues fixed in 113.0.5672.63

Packages

chromium-113.0.5672.126-bp154.2.87.1