Overview

File _patchinfo of Package patchinfo.18364

<patchinfo incident="18364">
  <retracted/>
  <issue tracker="cve" id="2024-3838"/>
  <issue tracker="cve" id="2024-3839"/>
  <issue tracker="cve" id="2024-3844"/>
  <issue tracker="cve" id="2024-2887"/>
  <issue tracker="cve" id="2024-3837"/>
  <issue tracker="cve" id="2024-4558"/>
  <issue tracker="cve" id="2024-3834"/>
  <issue tracker="cve" id="2024-2627"/>
  <issue tracker="cve" id="2024-3516"/>
  <issue tracker="cve" id="2024-4059"/>
  <issue tracker="cve" id="2024-3515"/>
  <issue tracker="cve" id="2024-3156"/>
  <issue tracker="cve" id="2024-4559"/>
  <issue tracker="cve" id="2024-4060"/>
  <issue tracker="cve" id="2024-3845"/>
  <issue tracker="cve" id="2024-3840"/>
  <issue tracker="cve" id="2024-2626"/>
  <issue tracker="cve" id="2024-3159"/>
  <issue tracker="cve" id="2024-4331"/>
  <issue tracker="cve" id="2024-2883"/>
  <issue tracker="cve" id="2024-4368"/>
  <issue tracker="cve" id="2024-4671"/>
  <issue tracker="cve" id="2024-3157"/>
  <issue tracker="cve" id="2024-3846"/>
  <issue tracker="cve" id="2024-3833"/>
  <issue tracker="cve" id="2024-3841"/>
  <issue tracker="cve" id="2024-2628"/>
  <issue tracker="cve" id="2024-2885"/>
  <issue tracker="cve" id="2024-3832"/>
  <issue tracker="cve" id="2024-3843"/>
  <issue tracker="cve" id="2024-4058"/>
  <issue tracker="cve" id="2024-2625"/>
  <issue tracker="cve" id="2024-3847"/>
  <issue tracker="cve" id="2024-2886"/>
  <issue tracker="cve" id="2024-3158"/>
  <issue tracker="bnc" id="1221732">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.58</issue>
  <issue tracker="bnc" id="1224045">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 124.0.6367.155</issue>
  <issue tracker="bnc" id="1223846">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 124.0.6367.118</issue>
  <issue tracker="bnc" id="1223845">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 124.0.6367.78</issue>
  <issue tracker="bnc" id="1222707">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.122</issue>
  <issue tracker="bnc" id="1222260">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.105</issue>
  <issue tracker="bnc" id="1222035">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.86</issue>
  <issue tracker="bnc" id="1222958">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 124.0.6367.60</issue>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>RETRACTED: This update for chromium fixes the following issues:
NOTE: This update was retracted due to massive stability issues.

- Chromium 124.0.6367.201
  * CVE-2024-4671: Use after free in Visuals

- Chromium 124.0.6367.155 (boo#1224045)
  * CVE-2024-4558: Use after free in ANGLE
  * CVE-2024-4559: Heap buffer overflow in WebAudio

- Chromium 124.0.6367.118 (boo#1223846)
  * CVE-2024-4331: Use after free in Picture In Picture
  * CVE-2024-4368: Use after free in Dawn

- Chromium 124.0.6367.78 (boo#1223845)
  * CVE-2024-4058: Type Confusion in ANGLE
  * CVE-2024-4059: Out of bounds read in V8 API
  * CVE-2024-4060: Use after free in Dawn

- Chromium 124.0.6367.60 (boo#1222958)
  * CVE-2024-3832: Object corruption in V8.
  * CVE-2024-3833: Object corruption in WebAssembly.
  * CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
  * CVE-2024-3837: Use after free in QUIC.
  * CVE-2024-3838: Inappropriate implementation in Autofill.
  * CVE-2024-3839: Out of bounds read in Fonts.
  * CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
  * CVE-2024-3841: Insufficient data validation in Browser Switcher.
  * CVE-2024-3843: Insufficient data validation in Downloads.
  * CVE-2024-3844: Inappropriate implementation in Extensions.
  * CVE-2024-3845: Inappropriate implementation in Network.
  * CVE-2024-3846: Inappropriate implementation in Prompts.
  * CVE-2024-3847: Insufficient policy enforcement in WebUI.

- Chromium 123.0.6312.122 (boo#1222707)
  * CVE-2024-3157: Out of bounds write in Compositing
  * CVE-2024-3516: Heap buffer overflow in ANGLE
  * CVE-2024-3515: Use after free in Dawn

- Chromium 123.0.6312.105 (boo#1222260)
  * CVE-2024-3156: Inappropriate implementation in V8
  * CVE-2024-3158: Use after free in Bookmarks
  * CVE-2024-3159: Out of bounds memory access in V8

- Chromium 123.0.6312.86 (boo#1222035)
  * CVE-2024-2883: Use after free in ANGLE
  * CVE-2024-2885: Use after free in Dawn
  * CVE-2024-2886: Use after free in WebCodecs
  * CVE-2024-2887: Type Confusion in WebAssembly

- Chromium 123.0.6312.58 (boo#1221732)
  * CVE-2024-2625: Object lifecycle issue in V8
  * CVE-2024-2626: Out of bounds read in Swiftshader
  * CVE-2024-2627: Use after free in Canvas
  * CVE-2024-2628: Inappropriate implementation in Downloads
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places