Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 119.0.6045.159 (boo#1217142)
- CVE-2023-5997: Use after free in Garbage Collection
- CVE-2023-6112: Use after free in Navigation
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
SUSE Package Hub 15 SP4
chromedriver-119.0.6045.159-bp155.2.58.1
chromium-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP5
chromedriver-119.0.6045.159-bp155.2.58.1
chromium-119.0.6045.159-bp155.2.58.1
openSUSE Leap 15.4
chromedriver-119.0.6045.159-bp155.2.58.1
chromium-119.0.6045.159-bp155.2.58.1
openSUSE Leap 15.5
chromedriver-119.0.6045.159-bp155.2.58.1
chromium-119.0.6045.159-bp155.2.58.1
Ссылки
- E-Mail link for openSUSE-SU-2023:0372-1
- SUSE Security Ratings
- SUSE Bug 1217142
- SUSE CVE CVE-2023-5997 page
- SUSE CVE CVE-2023-6112 page
Описание
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP4:chromium-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP5:chromedriver-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP5:chromium-119.0.6045.159-bp155.2.58.1
Ссылки
- CVE-2023-5997
- SUSE Bug 1217142
Описание
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP4:chromium-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP5:chromedriver-119.0.6045.159-bp155.2.58.1
SUSE Package Hub 15 SP5:chromium-119.0.6045.159-bp155.2.58.1
Ссылки
- CVE-2023-6112
- SUSE Bug 1217142