SUSE Package Hub - openSUSE-2023-124

Update Info

openSUSE-2023-124

Security update for chromium

Type: security

Severity: important

Issued: 2023-06-09

Description:

This update for chromium fixes the following issues:

- Chromium 114.0.5735.106 (boo#1212044):

  * CVE-2023-3079: Type Confusion in V8

- Chromium 114.0.5735.90 (boo#1211843):

  * CSS text-wrap: balance is available
  * Cookies partitioned by top level site (CHIPS)
  * New Popover API

- Security fixes:

  * CVE-2023-2929: Out of bounds write in Swiftshader
  * CVE-2023-2930: Use after free in Extensions
  * CVE-2023-2931: Use after free in PDF
  * CVE-2023-2932: Use after free in PDF
  * CVE-2023-2933: Use after free in PDF
  * CVE-2023-2934: Out of bounds memory access in Mojo
  * CVE-2023-2935: Type Confusion in V8
  * CVE-2023-2936: Type Confusion in V8
  * CVE-2023-2937: Inappropriate implementation in Picture In Picture
  * CVE-2023-2938: Inappropriate implementation in Picture In Picture
  * CVE-2023-2939: Insufficient data validation in Installer
  * CVE-2023-2940: Inappropriate implementation in Downloads
  * CVE-2023-2941: Inappropriate implementation in Extensions API

References

CVE: CVE-2023-3079
CVE: CVE-2023-2941
CVE: CVE-2023-2940
CVE: CVE-2023-2939
CVE: CVE-2023-2938
CVE: CVE-2023-2937
CVE: CVE-2023-2936
CVE: CVE-2023-2935
CVE: CVE-2023-2934
CVE: CVE-2023-2933
CVE: CVE-2023-2932
CVE: CVE-2023-2931
CVE: CVE-2023-2930
CVE: CVE-2023-2929
Bugzilla: 1212044 VUL-0: chromium: security issue fixed in 114.0.5735.106
Bugzilla: 1211843 VUL-0: chromium: multiple security issues fixed in 114.0.5735.90

Packages

chromium-114.0.5735.106-bp154.2.90.1