SUSE Package Hub - openSUSE-2023-216

Update Info

openSUSE-2023-216

Security update for chromium

Type: security

Severity: important

Issued: 2023-08-07

Description:

This update for chromium fixes the following issues:

Chromium 115.0.5790.170 (boo#1213920)

* CVE-2023-4068: Type Confusion in V8
* CVE-2023-4069: Type Confusion in V8
* CVE-2023-4070: Type Confusion in V8
* CVE-2023-4071: Heap buffer overflow in Visuals
* CVE-2023-4072: Out of bounds read and write in WebGL
* CVE-2023-4073: Out of bounds memory access in ANGLE
* CVE-2023-4074: Use after free in Blink Task Scheduling
* CVE-2023-4075: Use after free in Cast
* CVE-2023-4076: Use after free in WebRTC
* CVE-2023-4077: Insufficient data validation in Extensions
* CVE-2023-4078: Inappropriate implementation in Extensions

- Specify re2 build dependency in a way that makes Leap packages
  build in devel project and in Maintenance

References

CVE: CVE-2023-4078
CVE: CVE-2023-4077
CVE: CVE-2023-4076
CVE: CVE-2023-4075
CVE: CVE-2023-4074
CVE: CVE-2023-4073
CVE: CVE-2023-4072
CVE: CVE-2023-4071
CVE: CVE-2023-4070
CVE: CVE-2023-4069
CVE: CVE-2023-4068
Bugzilla: 1213920 VUL-0: chromium,ungoogled-chromium: chromium update to 115.0.5790.170

Packages

chromium-115.0.5790.170-bp155.2.16.1