Update Info

openSUSE-2024-20

Security update for chromium

Type: security
Severity: important
Issued: 2024-01-16
Description:
This update for chromium fixes the following issues:

- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
  boo#1218533, boo#1218719)

  * CVE-2024-0333: Insufficient data validation in Extensions
  * CVE-2024-0222: Use after free in ANGLE
  * CVE-2024-0223: Heap buffer overflow in ANGLE
  * CVE-2024-0224: Use after free in WebAudio
  * CVE-2024-0225: Use after free in WebGPU
  * CVE-2023-7024: Heap buffer overflow in WebRTC
  * CVE-2023-6702: Type Confusion in V8
  * CVE-2023-6703: Use after free in Blink
  * CVE-2023-6704: Use after free in libavif (boo#1218303)
  * CVE-2023-6705: Use after free in WebRTC
  * CVE-2023-6706: Use after free in FedCM
  * CVE-2023-6707: Use after free in CSS
  * CVE-2023-6508: Use after free in Media Stream
  * CVE-2023-6509: Use after free in Side Panel Search
  * CVE-2023-6510: Use after free in Media Capture
  * CVE-2023-6511: Inappropriate implementation in Autofill
  * CVE-2023-6512: Inappropriate implementation in Web Browser UI

References

Packages

  • chromium-120.0.6099.216-bp155.2.64.1