Overview

File _patchinfo of Package patchinfo.17867

<patchinfo incident="17867">
  <issue tracker="bnc" id="1209040">VUL-0: chromium: multiple security issues fixed in 111.0.5563.64</issue>
  <issue tracker="cve" id="2023-1234"/>
  <issue tracker="cve" id="2023-1223"/>
  <issue tracker="cve" id="2023-1227"/>
  <issue tracker="cve" id="2023-1233"/>
  <issue tracker="cve" id="2023-1228"/>
  <issue tracker="cve" id="2023-1222"/>
  <issue tracker="cve" id="2023-1236"/>
  <issue tracker="cve" id="2023-1230"/>
  <issue tracker="cve" id="2023-1235"/>
  <issue tracker="cve" id="2023-1226"/>
  <issue tracker="cve" id="2023-1225"/>
  <issue tracker="cve" id="2023-1217"/>
  <issue tracker="cve" id="2023-1220"/>
  <issue tracker="cve" id="2023-1218"/>
  <issue tracker="cve" id="2023-1231"/>
  <issue tracker="cve" id="2023-1224"/>
  <issue tracker="cve" id="2023-1221"/>
  <issue tracker="cve" id="2023-1216"/>
  <issue tracker="cve" id="2023-1213"/>
  <issue tracker="cve" id="2023-1229"/>
  <issue tracker="cve" id="2023-1215"/>
  <issue tracker="cve" id="2023-1219"/>
  <issue tracker="cve" id="2023-1232"/>
  <issue tracker="cve" id="2023-1214"/>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

Chromium 111.0.5563.64

* New View Transitions API
* CSS Color Level 4
* New developer tools in style panel for color functionality
* CSS added trigonometric functions, additional root font units
  and extended the n-th child pseudo selector.
* previousslide and nextslide actions are now part of the Media
  Session API
* A number of security fixes (boo#1209040)
* CVE-2023-1213: Use after free in Swiftshader
* CVE-2023-1214: Type Confusion in V8
* CVE-2023-1215: Type Confusion in CSS
* CVE-2023-1216: Use after free in DevTools
* CVE-2023-1217: Stack buffer overflow in Crash reporting
* CVE-2023-1218: Use after free in WebRTC
* CVE-2023-1219: Heap buffer overflow in Metrics
* CVE-2023-1220: Heap buffer overflow in UMA
* CVE-2023-1221: Insufficient policy enforcement in Extensions API
* CVE-2023-1222: Heap buffer overflow in Web Audio API
* CVE-2023-1223: Insufficient policy enforcement in Autofill
* CVE-2023-1224: Insufficient policy enforcement in Web Payments API
* CVE-2023-1225: Insufficient policy enforcement in Navigation
* CVE-2023-1226: Insufficient policy enforcement in Web Payments API
* CVE-2023-1227: Use after free in Core
* CVE-2023-1228: Insufficient policy enforcement in Intents
* CVE-2023-1229: Inappropriate implementation in Permission prompts
* CVE-2023-1230: Inappropriate implementation in WebApp Installs
* CVE-2023-1231: Inappropriate implementation in Autofill
* CVE-2023-1232: Insufficient policy enforcement in Resource Timing
* CVE-2023-1233: Insufficient policy enforcement in Resource Timing
* CVE-2023-1234: Inappropriate implementation in Intents
* CVE-2023-1235: Type Confusion in DevTools
* CVE-2023-1236: Inappropriate implementation in Internals
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places