openSUSE-SU-2024:0341-1

Опубликовано: 28 окт. 2024

Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Chromium 130.0.6723.69 (boo#1232060)

CVE-2024-10229: Inappropriate implementation in Extensions
CVE-2024-10230: Type Confusion in V8
CVE-2024-10231: Type Confusion in V8

Список пакетов

SUSE Package Hub 15 SP5

chromedriver-130.0.6723.69-bp156.2.44.1

chromium-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6

chromedriver-130.0.6723.69-bp156.2.44.1

chromium-130.0.6723.69-bp156.2.44.1

openSUSE Leap 15.5

chromedriver-130.0.6723.69-bp156.2.44.1

chromium-130.0.6723.69-bp156.2.44.1

openSUSE Leap 15.6

chromedriver-130.0.6723.69-bp156.2.44.1

chromium-130.0.6723.69-bp156.2.44.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PEJPFZ7F3SICZGHQRWBWYOGKITIYN67/
E-Mail link for openSUSE-SU-2024:0341-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1232060
SUSE Bug 1232060
https://www.suse.com/security/cve/CVE-2024-10229/
SUSE CVE CVE-2024-10229 page
https://www.suse.com/security/cve/CVE-2024-10230/
SUSE CVE CVE-2024-10230 page
https://www.suse.com/security/cve/CVE-2024-10231/
SUSE CVE CVE-2024-10231 page

Описание

Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP5:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP5:chromium-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromium-130.0.6723.69-bp156.2.44.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-10229.html
CVE-2024-10229
https://bugzilla.suse.com/1232060
SUSE Bug 1232060

Описание

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP5:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP5:chromium-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromium-130.0.6723.69-bp156.2.44.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-10230.html
CVE-2024-10230
https://bugzilla.suse.com/1232060
SUSE Bug 1232060

Описание

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP5:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP5:chromium-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromedriver-130.0.6723.69-bp156.2.44.1

SUSE Package Hub 15 SP6:chromium-130.0.6723.69-bp156.2.44.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-10231.html
CVE-2024-10231
https://bugzilla.suse.com/1232060
SUSE Bug 1232060

openSUSE-SU-2024:0341-1

Описание

Список пакетов

SUSE Package Hub 15 SP5

SUSE Package Hub 15 SP6

openSUSE Leap 15.5

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-10229

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2024-10230

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2024-10231

Описание

Затронутые продукты

Ссылки