Update Info

openSUSE-2024-258

Security update for chromium

Type: security
Severity: important
Issued: 2024-08-23
Description:
This update for chromium fixes the following issues:

- Chromium 128.0.6613.84 (boo#1229591)
  * CVE-2024-7964: Use after free in Passwords
  * CVE-2024-7965: Inappropriate implementation in V8
  * CVE-2024-7966: Out of bounds memory access in Skia
  * CVE-2024-7967: Heap buffer overflow in Fonts
  * CVE-2024-7968: Use after free in Autofill
  * CVE-2024-7969: Type Confusion in V8
  * CVE-2024-7971: Type confusion in V8
  * CVE-2024-7972: Inappropriate implementation in V8
  * CVE-2024-7973: Heap buffer overflow in PDFium
  * CVE-2024-7974: Insufficient data validation in V8 API
  * CVE-2024-7975: Inappropriate implementation in Permissions
  * CVE-2024-7976: Inappropriate implementation in FedCM
  * CVE-2024-7977: Insufficient data validation in Installer
  * CVE-2024-7978: Insufficient policy enforcement in Data Transfer
  * CVE-2024-7979: Insufficient data validation in Installer
  * CVE-2024-7980: Insufficient data validation in Installer
  * CVE-2024-7981: Inappropriate implementation in Views
  * CVE-2024-8033: Inappropriate implementation in WebApp Installs
  * CVE-2024-8034: Inappropriate implementation in Custom Tabs
  * CVE-2024-8035: Inappropriate implementation in Extensions
  * Various fixes from internal audits, fuzzing and other initiatives

References

Packages

  • chromium-128.0.6613.84-bp156.2.17.1