openSUSE-SU-2023:0016-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0016-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0016-1
Related
Published
2023-01-13T12:05:07Z
Modified
2023-01-13T12:05:07Z
Summary
Security update for chromium
Details

This update for chromium fixes the following issues:

Update to version 109.0.5414.74 (boo#1207018):

  • CVE-2023-0128: Use after free in Overview Mode
  • CVE-2023-0129: Heap buffer overflow in Network Service
  • CVE-2023-0130: Inappropriate implementation in Fullscreen API
  • CVE-2023-0131: Inappropriate implementation in iframe Sandbox
  • CVE-2023-0132: Inappropriate implementation in Permission prompts
  • CVE-2023-0133: Inappropriate implementation in Permission prompts
  • CVE-2023-0134: Use after free in Cart
  • CVE-2023-0135: Use after free in Cart
  • CVE-2023-0136: Inappropriate implementation in Fullscreen API
  • CVE-2023-0137: Heap buffer overflow in Platform Apps
  • CVE-2023-0138: Heap buffer overflow in libphonenumber
  • CVE-2023-0139: Insufficient validation of untrusted input in Downloads
  • CVE-2023-0140: Inappropriate implementation in File System API
  • CVE-2023-0141: Insufficient policy enforcement in CORS
  • Various fixes from internal audits, fuzzing and other initiatives
References

Affected packages

SUSE:Package Hub 15 SP4 / chromium

Package

Name
chromium
Purl
purl:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
109.0.5414.74-bp154.2.58.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "109.0.5414.74-bp154.2.58.1",
            "chromium": "109.0.5414.74-bp154.2.58.1"
        }
    ]
}

openSUSE:Leap 15.4 / chromium

Package

Name
chromium
Purl
purl:rpm/suse/chromium&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
109.0.5414.74-bp154.2.58.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "109.0.5414.74-bp154.2.58.1",
            "chromium": "109.0.5414.74-bp154.2.58.1"
        }
    ]
}