SUSE Package Hub - openSUSE-2023-368

Update Info

openSUSE-2023-368

Security update for chromium

Type: security

Severity: important

Issued: 2023-11-14

Description:

This update for chromium fixes the following issues:

Chromium 119.0.6045.123 (boo#1216978)

* CVE-2023-5996: Use after free in WebAudio

Chromium 119.0.6045.105 (boo#1216783)

* CVE-2023-5480: Inappropriate implementation in Payments
* CVE-2023-5482: Insufficient data validation in USB
* CVE-2023-5849: Integer overflow in USB
* CVE-2023-5850: Incorrect security UI in Downloads
* CVE-2023-5851: Inappropriate implementation in Downloads
* CVE-2023-5852: Use after free in Printing
* CVE-2023-5853: Incorrect security UI in Downloads
* CVE-2023-5854: Use after free in Profiles
* CVE-2023-5855: Use after free in Reading Mode
* CVE-2023-5856: Use after free in Side Panel
* CVE-2023-5857: Inappropriate implementation in Downloads
* CVE-2023-5858: Inappropriate implementation in WebApp Provider
* CVE-2023-5859: Incorrect security UI in Picture In Picture


gn was updated to version 0.20231023:

* many updates to support Chromium 119 build

References

CVE: CVE-2023-5996
CVE: CVE-2023-5859
CVE: CVE-2023-5858
CVE: CVE-2023-5857
CVE: CVE-2023-5856
CVE: CVE-2023-5855
CVE: CVE-2023-5854
CVE: CVE-2023-5853
CVE: CVE-2023-5852
CVE: CVE-2023-5851
CVE: CVE-2023-5850
CVE: CVE-2023-5849
CVE: CVE-2023-5482
CVE: CVE-2023-5480
Bugzilla: 1216978 https://bugzilla.opensuse.org/show_bug.cgi?id=1216978
Bugzilla: 1216783 https://bugzilla.opensuse.org/show_bug.cgi?id=1216783

Packages

chromium-119.0.6045.123-bp155.2.55.1

gn-0.20231023-bp155.5.3.1