Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 129.0.6668.70 (stable released 2024-09-24) (boo#1230964)
- CVE-2024-9120: Use after free in Dawn
- CVE-2024-9121: Inappropriate implementation in V8
- CVE-2024-9122: Type Confusion in V8
- CVE-2024-9123: Integer overflow in Skia
- bump BR for nodejs to minimal 20.0
Список пакетов
SUSE Package Hub 15 SP6
openSUSE Leap 15.6
Ссылки
- E-Mail link for openSUSE-SU-2024:0314-1
- SUSE Security Ratings
- SUSE Bug 1230964
- SUSE CVE CVE-2024-9120 page
- SUSE CVE CVE-2024-9121 page
- SUSE CVE CVE-2024-9122 page
- SUSE CVE CVE-2024-9123 page
Описание
Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-9120
- SUSE Bug 1230964
Описание
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-9121
- SUSE Bug 1230964
Описание
Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-9122
- SUSE Bug 1230964
Описание
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-9123
- SUSE Bug 1230964