SUSE Package Hub - openSUSE-2024-84

Update Info

openSUSE-2024-84

Security update for chromium

Type: security

Severity: important

Issued: 2024-03-18

Description:

This update for chromium fixes the following issue:

Chromium 122.0.6261.128 (boo#1221335)

*  CVE-2024-2400: Use after free in Performance Manager


Chromium 122.0.6261.111 (boo#1220131,boo#1220604,boo#1221105)

  * New upstream security release.
  * CVE-2024-2173: Out of bounds memory access in V8.
  * CVE-2024-2174: Inappropriate implementation in V8.
  * CVE-2024-2176: Use after free in FedCM.

Chromium 122.0.6261.94

  * CVE-2024-1669: Out of bounds memory access in Blink.
  * CVE-2024-1670: Use after free in Mojo.
  * CVE-2024-1671: Inappropriate implementation in Site Isolation.
  * CVE-2024-1672: Inappropriate implementation in Content Security Policy.
  * CVE-2024-1673: Use after free in Accessibility.
  * CVE-2024-1674: Inappropriate implementation in Navigation.
  * CVE-2024-1675: Insufficient policy enforcement in Download.
  * CVE-2024-1676: Inappropriate implementation in Navigation.
  * Type Confusion in V8

References

CVE: CVE-2024-2400
CVE: CVE-2024-2176
CVE: CVE-2024-2174
CVE: CVE-2024-2173
CVE: CVE-2024-1676
CVE: CVE-2024-1675
CVE: CVE-2024-1674
CVE: CVE-2024-1673
CVE: CVE-2024-1672
CVE: CVE-2024-1671
CVE: CVE-2024-1670
CVE: CVE-2024-1669
Bugzilla: 1221335 https://bugzilla.opensuse.org/show_bug.cgi?id=1221335
Bugzilla: 1221105 https://bugzilla.opensuse.org/show_bug.cgi?id=1221105
Bugzilla: 1220604 https://bugzilla.opensuse.org/show_bug.cgi?id=1220604
Bugzilla: 1220131 https://bugzilla.opensuse.org/show_bug.cgi?id=1220131

Packages

chromium-122.0.6261.128-bp155.2.75.1

llvm17-17.0.6-bp155.2.2