Описание
Security update for chromium
This update for chromium fixes the following issues:
Update to version 130.0.6723.91 (boo#1232566):
- CVE-2024-10487: Out of bounds write in Dawn
- CVE-2024-10488: Use after free in WebRTC
Список пакетов
SUSE Package Hub 15 SP6
chromedriver-130.0.6723.91-bp156.2.47.1
chromium-130.0.6723.91-bp156.2.47.1
openSUSE Leap 15.6
chromedriver-130.0.6723.91-bp156.2.47.1
chromium-130.0.6723.91-bp156.2.47.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0347-1
- SUSE Security Ratings
- SUSE Bug 1232566
- SUSE CVE CVE-2024-10487 page
- SUSE CVE CVE-2024-10488 page
Описание
Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
SUSE Package Hub 15 SP6:chromedriver-130.0.6723.91-bp156.2.47.1
SUSE Package Hub 15 SP6:chromium-130.0.6723.91-bp156.2.47.1
openSUSE Leap 15.6:chromedriver-130.0.6723.91-bp156.2.47.1
openSUSE Leap 15.6:chromium-130.0.6723.91-bp156.2.47.1
Ссылки
- CVE-2024-10487
- SUSE Bug 1232566
Описание
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
SUSE Package Hub 15 SP6:chromedriver-130.0.6723.91-bp156.2.47.1
SUSE Package Hub 15 SP6:chromium-130.0.6723.91-bp156.2.47.1
openSUSE Leap 15.6:chromedriver-130.0.6723.91-bp156.2.47.1
openSUSE Leap 15.6:chromium-130.0.6723.91-bp156.2.47.1
Ссылки
- CVE-2024-10488
- SUSE Bug 1232566