Описание
Security update for opera
This update for opera fixes the following issues:
-
Update to 112.0.5197.53
- CHR-9814 Update Chromium on desktop-stable-126-5197 to 126.0.6478.226
- DNA-116974 Site settings popup size not expanding causing display issues
- DNA-117115 Tab islands are extending partially after Workspace change
- DNA-117708 H.264 SW decoding only possible if HW decoding is possible
- DNA-117792 Crash at content::RenderWidgetHostImpl:: ForwardMouseEventWithLatencyInfo(blink:: WebMouseEvent const&, ui::LatencyInfo const&)
-
The update to chromium >= 126.0.6478.182 fixes following issues: CVE-2024-6772, CVE-2024-6773, CVE-2024-6774, CVE-2024-6775, CVE-2024-6776, CVE-2024-6777, CVE-2024-6778, CVE-2024-6779
-
Update to 112.0.5197.30
- CHR-9416 Updating Chromium on desktop-stable-* branches
Список пакетов
openSUSE Leap 15.6 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2024:0242-1
- SUSE Security Ratings
- SUSE CVE CVE-2024-6772 page
- SUSE CVE CVE-2024-6773 page
- SUSE CVE CVE-2024-6774 page
- SUSE CVE CVE-2024-6775 page
- SUSE CVE CVE-2024-6776 page
- SUSE CVE CVE-2024-6777 page
- SUSE CVE CVE-2024-6778 page
- SUSE CVE CVE-2024-6779 page
Описание
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6772
- SUSE Bug 1227979
Описание
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6773
- SUSE Bug 1227979
Описание
Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6774
- SUSE Bug 1227979
Описание
Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6775
- SUSE Bug 1227979
Описание
Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6776
- SUSE Bug 1227979
Описание
Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6777
- SUSE Bug 1227979
Описание
Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6778
- SUSE Bug 1227979
Описание
Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6779
- SUSE Bug 1227979