MGASA-2022-0241

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0241.html

Import Source

https://advisories.mageia.org/MGASA-2022-0241.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0241

Related

Published

2022-06-24T20:50:43Z

Modified

2022-06-24T20:00:19Z

Summary

Updated chromium-browser-stable packages fix security vulnerability

Details

The chromium-browser-stable package has been updated to the 103.0.5060.53 branch, fixing many bugs and 14 CVE. Some of them are listed below:

Use after free in Base. (CVE-2022-2156) Use after free in Interest groups. (CVE-2022-2157) Type Confusion in V8. (CVE-2022-2158) Insufficient policy enforcement in DevTools. (CVE-2022-2160) Use after free in WebApp Provider. (CVE-2022-2161) Insufficient policy enforcement in File System API. (CVE-2022-2162) Use after free in Cast UI and Toolbar. (CVE-2022-2163) Inappropriate implementation in Extensions API. (CVE-2022-2164) Insufficient data validation in URL formatting. (CVE-2022-2165)

Various fixes from internal audits, fuzzing and other initiatives

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / chromium-browser-stable

Package

Name: chromium-browser-stable
Purl: pkg:rpm/mageia/chromium-browser-stable?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

103.0.5060.53-1.mga8

Ecosystem specific

{
    "section": "core"
}