Overview

File _patchinfo of Package patchinfo.17507

<patchinfo incident="17507">
  <issue tracker="bnc" id="1199893">VUL-0: chromium: multiple security issues fixed in 102.0.5005.61</issue>
  <issue tracker="bnc" id="1200423">VUL-0: chromium: multiple security issues fixed in 102.0.5005.115</issue>
  <issue tracker="bnc" id="1200139">Cannot run any Chromium-based browser with gtk4.</issue>
  <issue tracker="cve" id="2022-2007"/>
  <issue tracker="cve" id="2022-2010"/>
  <issue tracker="cve" id="2022-2008"/>
  <issue tracker="cve" id="2022-2011"/>
  <issue tracker="cve" id="2022-1872"/>
  <issue tracker="cve" id="2022-1866"/>
  <issue tracker="cve" id="2022-1863"/>
  <issue tracker="cve" id="2022-1870"/>
  <issue tracker="cve" id="2022-1854"/>
  <issue tracker="cve" id="2022-1853"/>
  <issue tracker="cve" id="2022-1862"/>
  <issue tracker="cve" id="2022-1869"/>
  <issue tracker="cve" id="2022-1868"/>
  <issue tracker="cve" id="2022-1855"/>
  <issue tracker="cve" id="2022-1876"/>
  <issue tracker="cve" id="2022-1873"/>
  <issue tracker="cve" id="2022-1871"/>
  <issue tracker="cve" id="2022-1860"/>
  <issue tracker="cve" id="2022-1874"/>
  <issue tracker="cve" id="2022-1858"/>
  <issue tracker="cve" id="2022-1867"/>
  <issue tracker="cve" id="2022-1857"/>
  <issue tracker="cve" id="2022-1859"/>
  <issue tracker="cve" id="2022-1861"/>
  <issue tracker="cve" id="2022-1865"/>
  <issue tracker="cve" id="2022-1856"/>
  <issue tracker="cve" id="2022-1864"/>
  <issue tracker="cve" id="2022-1875"/>
  <packager>gmbr3</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

Chromium 102.0.5005.115 (boo#1200423)
  * CVE-2022-2007: Use after free in WebGPU
  * CVE-2022-2008: Out of bounds memory access in WebGL
  * CVE-2022-2010: Out of bounds read in compositing
  * CVE-2022-2011: Use after free in ANGLE

Chromium 102.0.5001.61 (boo#1199893)

* CVE-2022-1853: Use after free in Indexed DB
* CVE-2022-1854: Use after free in ANGLE
* CVE-2022-1855: Use after free in Messaging
* CVE-2022-1856: Use after free in User Education
* CVE-2022-1857: Insufficient policy enforcement in File System API
* CVE-2022-1858: Out of bounds read in DevTools
* CVE-2022-1859: Use after free in Performance Manager
* CVE-2022-1860: Use after free in UI Foundations
* CVE-2022-1861: Use after free in Sharing
* CVE-2022-1862: Inappropriate implementation in Extensions
* CVE-2022-1863: Use after free in Tab Groups
* CVE-2022-1864: Use after free in WebApp Installs
* CVE-2022-1865: Use after free in Bookmarks
* CVE-2022-1866: Use after free in Tablet Mode
* CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer
* CVE-2022-1868: Inappropriate implementation in Extensions API
* CVE-2022-1869: Type Confusion in V8
* CVE-2022-1870: Use after free in App Service
* CVE-2022-1871: Insufficient policy enforcement in File System API
* CVE-2022-1872: Insufficient policy enforcement in Extensions API
* CVE-2022-1873: Insufficient policy enforcement in COOP
* CVE-2022-1874: Insufficient policy enforcement in Safe Browsing
* CVE-2022-1875: Inappropriate implementation in PDF
* CVE-2022-1876: Heap buffer overflow in DevTools
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places