Описание
Security update for chromium, gn, rust-bindgen
This update for chromium, gn, rust-bindgen fixes the following issues:
-
Chromium 127.0.6533.119 (boo#1228941)
- CVE-2024-7532: Out of bounds memory access in ANGLE
- CVE-2024-7533: Use after free in Sharing
- CVE-2024-7550: Type Confusion in V8
- CVE-2024-7534: Heap buffer overflow in Layout
- CVE-2024-7535: Inappropriate implementation in V8
- CVE-2024-7536: Use after free in WebAudio
-
Chromium 127.0.6533.88 (boo#1228628, boo#1228940, boo#1228942)
- CVE-2024-6988: Use after free in Downloads
- CVE-2024-6989: Use after free in Loader
- CVE-2024-6991: Use after free in Dawn
- CVE-2024-6992: Out of bounds memory access in ANGLE
- CVE-2024-6993: Inappropriate implementation in Canvas
- CVE-2024-6994: Heap buffer overflow in Layout
- CVE-2024-6995: Inappropriate implementation in Fullscreen
- CVE-2024-6996: Race in Frames
- CVE-2024-6997: Use after free in Tabs
- CVE-2024-6998: Use after free in User Education
- CVE-2024-6999: Inappropriate implementation in FedCM
- CVE-2024-7000: Use after free in CSS. Reported by Anonymous
- CVE-2024-7001: Inappropriate implementation in HTML
- CVE-2024-7003: Inappropriate implementation in FedCM
- CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
- CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing
- CVE-2024-6990: Uninitialized Use in Dawn
- CVE-2024-7255: Out of bounds read in WebTransport
- CVE-2024-7256: Insufficient data validation in Dawn
gh:
- Update to version 0.20240730:
- Rust: link_output, depend_output and runtime_outputs for dylibs
- Add missing reference section to function_toolchain.cc
- Do not cleanup args.gn imports located in the output directory.
- Fix expectations in NinjaRustBinaryTargetWriterTest.SwiftModule
- Do not add native dependencies to the library search path
- Support linking frameworks and swiftmodules in Rust targets
- [desc] Silence print() statements when outputing json
- infra: Move CI/try builds to Ubuntu-22.04
- [MinGW] Fix mingw building issues
- [gn] Fix 'link' in the //examples/simple_build/build/toolchain/BUILD.gn
- [template] Fix 'rule alink_thin' in the //build/build_linux.ninja.template
- Allow multiple --ide switches
- [src] Add '#include ' in the //src/base/files/file_enumerator_win.cc
- Get updates to infra/recipes.py from upstream
- Revert 'Teach gn to handle systems with > 64 processors'
- [apple] Rename the code-signing properties of create_bundle
- Fix a typo in 'gn help refs' output
- Revert '[bundle] Use 'phony' builtin tool for create_bundle targets'
- [bundle] Use 'phony' builtin tool for create_bundle targets
- [ios] Simplify handling of assets catalog
- [swift] List all outputs as deps of 'source_set' stamp file
- [swift] Update
gn check ...to consider the generated header - [swift] Set
restat = 1to swift build rules - Fix build with gcc12
- [label_matches] Add new functions label_matches(), filter_labels_include() and filter_labels_exclude()
- [swift] Remove problematic use of 'stamp' tool
- Implement new --ninja-outputs-file option.
- Add NinjaOutputsWriter class
- Move InvokePython() function to its own source file.
- zos: build with -DZOSLIB_OVERRIDE_CLIB to override creat
- Enable C++ runtime assertions in debug mode.
- Fix regression in MakeRelativePath()
- fix: Fix Windows MakeRelativePath.
- Add long path support for windows
- Ensure read_file() files are considered by 'gn analyze'
- apply 2to3 to for some Python scripts
- Add rustflags to desc and help output
- strings: support case insensitive check only in StartsWith/EndsWith
- add .git-blame-ignore-revs
- use std::{string,string_view}::{starts_with,ends_with}
- apply clang-format to all C++ sources
- add forward declaration in rust_values.h
- Add
root_patternslist to build configuration. - Use c++20 in GN build
- update windows sdk to 2024-01-11
- update windows sdk
- Add linux-riscv64.
- Update OWNERS list.
- remove unused function
- Ignore build warning -Werror=redundant-move
- Fix --as=buildfile
gn desc depsoutput. - Update recipe engine to 9dea1246.
- treewide: Fix spelling mistakes
Added rust-bindgen:
- Version 0.69.1
Список пакетов
SUSE Package Hub 15 SP5
SUSE Package Hub 15 SP6
openSUSE Leap 15.5
openSUSE Leap 15.6
Ссылки
- E-Mail link for openSUSE-SU-2024:0254-2
- SUSE Security Ratings
- SUSE Bug 1228628
- SUSE Bug 1228940
- SUSE Bug 1228941
- SUSE Bug 1228942
- SUSE CVE CVE-2024-6988 page
- SUSE CVE CVE-2024-6989 page
- SUSE CVE CVE-2024-6990 page
- SUSE CVE CVE-2024-6991 page
- SUSE CVE CVE-2024-6992 page
- SUSE CVE CVE-2024-6993 page
- SUSE CVE CVE-2024-6994 page
- SUSE CVE CVE-2024-6995 page
- SUSE CVE CVE-2024-6996 page
- SUSE CVE CVE-2024-6997 page
- SUSE CVE CVE-2024-6998 page
- SUSE CVE CVE-2024-6999 page
- SUSE CVE CVE-2024-7000 page
- SUSE CVE CVE-2024-7001 page
Описание
Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6988
- SUSE Bug 1228940
Описание
Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6989
- SUSE Bug 1228940
Описание
Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2024-6990
- SUSE Bug 1228628
Описание
Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-6991
- SUSE Bug 1228940
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2024-6992
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2024-6993
Описание
Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6994
- SUSE Bug 1228940
Описание
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6995
- SUSE Bug 1228940
Описание
Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6996
- SUSE Bug 1228940
Описание
Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6997
- SUSE Bug 1228940
Описание
Use after free in User Education in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6998
- SUSE Bug 1228940
Описание
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-6999
- SUSE Bug 1228940
Описание
Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-7000
- SUSE Bug 1228940
Описание
Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2024-7001
- SUSE Bug 1228940
Описание
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2024-7003
- SUSE Bug 1228940
Описание
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2024-7004
- SUSE Bug 1228940
Описание
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2024-7005
- SUSE Bug 1228940
Описание
Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7255
- SUSE Bug 1228628
Описание
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7256
- SUSE Bug 1228628
Описание
Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2024-7532
- SUSE Bug 1228941
Описание
Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7533
- SUSE Bug 1228941
Описание
Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7534
- SUSE Bug 1228941
Описание
Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7535
- SUSE Bug 1228941
Описание
Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7536
- SUSE Bug 1228941
Описание
Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-7550
- SUSE Bug 1228941