openSUSE-SU-2023:0387-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0387-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0387-1
- Related
- Published
- 2023-11-30T12:48:01Z
- Modified
- 2023-11-30T12:48:01Z
- Summary
- Security update for chromium
- Details
-
This update for Chromium fixes the following issue:
Chromium 119.0.6045.199 (boo#1217616)
- CVE-2023-6348: Type Confusion in Spellcheck
- CVE-2023-6347: Use after free in Mojo
- CVE-2023-6346: Use after free in WebAudio
- CVE-2023-6350: Out of bounds memory access in libavif (boo#1217614)
- CVE-2023-6351: Use after free in libavif (boo#1217615)
- CVE-2023-6345: Integer overflow in Skia
- Various fixes from internal audits, fuzzing and other initiatives.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UNQU7JCLG7KXCWPX566ZOCJ7WKAX3OEI/
- https://bugzilla.suse.com/1217614
- https://bugzilla.suse.com/1217615
- https://bugzilla.suse.com/1217616
- https://www.suse.com/security/cve/CVE-2023-6345
- https://www.suse.com/security/cve/CVE-2023-6346
- https://www.suse.com/security/cve/CVE-2023-6347
- https://www.suse.com/security/cve/CVE-2023-6348
- https://www.suse.com/security/cve/CVE-2023-6350
- https://www.suse.com/security/cve/CVE-2023-6351
Affected packages
SUSE:Package Hub 15 SP4 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP4
SUSE:Package Hub 15 SP5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5
openSUSE:Leap 15.4 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.4