openSUSE-SU-2023:0124-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0124-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0124-1
Related
Published
2023-06-09T11:42:19Z
Modified
2023-06-09T11:42:19Z
Summary
Security update for chromium
Details

This update for chromium fixes the following issues:

  • Chromium 114.0.5735.106 (boo#1212044):

    • CVE-2023-3079: Type Confusion in V8
  • Chromium 114.0.5735.90 (boo#1211843):

    • CSS text-wrap: balance is available
    • Cookies partitioned by top level site (CHIPS)
    • New Popover API
  • Security fixes:

    • CVE-2023-2929: Out of bounds write in Swiftshader
    • CVE-2023-2930: Use after free in Extensions
    • CVE-2023-2931: Use after free in PDF
    • CVE-2023-2932: Use after free in PDF
    • CVE-2023-2933: Use after free in PDF
    • CVE-2023-2934: Out of bounds memory access in Mojo
    • CVE-2023-2935: Type Confusion in V8
    • CVE-2023-2936: Type Confusion in V8
    • CVE-2023-2937: Inappropriate implementation in Picture In Picture
    • CVE-2023-2938: Inappropriate implementation in Picture In Picture
    • CVE-2023-2939: Insufficient data validation in Installer
    • CVE-2023-2940: Inappropriate implementation in Downloads
    • CVE-2023-2941: Inappropriate implementation in Extensions API
References

Affected packages

SUSE:Package Hub 15 SP4 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
114.0.5735.106-bp154.2.90.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "114.0.5735.106-bp154.2.90.1",
            "chromium": "114.0.5735.106-bp154.2.90.1"
        }
    ]
}

openSUSE:Leap 15.4 / chromium

Package

Name
chromium
Purl
pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
114.0.5735.106-bp154.2.90.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "114.0.5735.106-bp154.2.90.1",
            "chromium": "114.0.5735.106-bp154.2.90.1"
        }
    ]
}