openSUSE-SU-2024:0258-2
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0258-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0258-2
- Related
- Published
- 2024-08-23T09:15:52Z
- Modified
- 2024-08-23T09:15:52Z
- Summary
- Security update for chromium
- Details
-
This update for chromium fixes the following issues:
- Chromium 128.0.6613.84 (boo#1229591)
- CVE-2024-7964: Use after free in Passwords
- CVE-2024-7965: Inappropriate implementation in V8
- CVE-2024-7966: Out of bounds memory access in Skia
- CVE-2024-7967: Heap buffer overflow in Fonts
- CVE-2024-7968: Use after free in Autofill
- CVE-2024-7969: Type Confusion in V8
- CVE-2024-7971: Type confusion in V8
- CVE-2024-7972: Inappropriate implementation in V8
- CVE-2024-7973: Heap buffer overflow in PDFium
- CVE-2024-7974: Insufficient data validation in V8 API
- CVE-2024-7975: Inappropriate implementation in Permissions
- CVE-2024-7976: Inappropriate implementation in FedCM
- CVE-2024-7977: Insufficient data validation in Installer
- CVE-2024-7978: Insufficient policy enforcement in Data Transfer
- CVE-2024-7979: Insufficient data validation in Installer
- CVE-2024-7980: Insufficient data validation in Installer
- CVE-2024-7981: Inappropriate implementation in Views
- CVE-2024-8033: Inappropriate implementation in WebApp Installs
- CVE-2024-8034: Inappropriate implementation in Custom Tabs
- CVE-2024-8035: Inappropriate implementation in Extensions
- Various fixes from internal audits, fuzzing and other initiatives
- Chromium 128.0.6613.84 (boo#1229591)
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G5G3DFUIZH3E3T5UIPSI3LSGCI5KE3NF/
- https://bugzilla.suse.com/1229426
- https://bugzilla.suse.com/1229591
- https://www.suse.com/security/cve/CVE-2024-7964
- https://www.suse.com/security/cve/CVE-2024-7965
- https://www.suse.com/security/cve/CVE-2024-7966
- https://www.suse.com/security/cve/CVE-2024-7967
- https://www.suse.com/security/cve/CVE-2024-7968
- https://www.suse.com/security/cve/CVE-2024-7969
- https://www.suse.com/security/cve/CVE-2024-7971
- https://www.suse.com/security/cve/CVE-2024-7972
- https://www.suse.com/security/cve/CVE-2024-7973
- https://www.suse.com/security/cve/CVE-2024-7974
- https://www.suse.com/security/cve/CVE-2024-7975
- https://www.suse.com/security/cve/CVE-2024-7976
- https://www.suse.com/security/cve/CVE-2024-7977
- https://www.suse.com/security/cve/CVE-2024-7978
- https://www.suse.com/security/cve/CVE-2024-7979
- https://www.suse.com/security/cve/CVE-2024-7980
- https://www.suse.com/security/cve/CVE-2024-7981
- https://www.suse.com/security/cve/CVE-2024-8033
- https://www.suse.com/security/cve/CVE-2024-8034
- https://www.suse.com/security/cve/CVE-2024-8035
Affected packages
SUSE:Package Hub 15 SP5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5
SUSE:Package Hub 15 SP6 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6
openSUSE:Leap 15.5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.5