SUSE Package Hub - openSUSE-2024-136

Update Info

openSUSE-2024-136

Security update for chromium

Type: security

Severity: critical

Issued: 2024-05-22

Description:

This update for chromium fixes the following issues:

- Chromium 125.0.6422.60 (boo#1224341)
  * CVE-2024-4947: Type Confusion in V8
  * CVE-2024-4948: Use after free in Dawn
  * CVE-2024-4949: Use after free in V8
  * CVE-2024-4950: Inappropriate implementation in Downloads

- Chromium 125.0.6422.41
  * New upstream (early) stable release.

- Chromium 124.0.6367.207 (boo#1224294)
  * CVE-2024-4761: Out of bounds write in V8

- Chromium 124.0.6367.201 (boo#1224208)

References

CVE: CVE-2024-4950
CVE: CVE-2024-4949
CVE: CVE-2024-4948
CVE: CVE-2024-4947
CVE: CVE-2024-4761
Bugzilla: 1224341 VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 125.0.6422.60
Bugzilla: 1224294 VUL-0: CVE-2024-4761: chromium,ungoogled-chromium: out of bounds write in V8
Bugzilla: 1224208 VUL-0: CVE-2024-4671: chromium,ungoogled-chromium: use after free in Visuals

Packages

chromium-125.0.6422.60-bp155.2.82.1