Overview

File _patchinfo of Package patchinfo.17934

<patchinfo incident="17934">
  <issue tracker="bnc" id="1211211">VUL-0: chromium: Update to 113.0.5672.92</issue>
  <issue tracker="bnc" id="1211442">VUL-0: chromium: multiple security issues fixed in 113.0.5672.126</issue>
  <issue tracker="bnc" id="1211036">VUL-0: chromium: multiple security issues fixed in 113.0.5672.63</issue>
  <issue tracker="cve" id="2023-2465"/>
  <issue tracker="cve" id="2023-2468"/>
  <issue tracker="cve" id="2023-2723"/>
  <issue tracker="cve" id="2023-2722"/>
  <issue tracker="cve" id="2023-2725"/>
  <issue tracker="cve" id="2023-2464"/>
  <issue tracker="cve" id="2023-2724"/>
  <issue tracker="cve" id="2023-2460"/>
  <issue tracker="cve" id="2023-2466"/>
  <issue tracker="cve" id="2023-2726"/>
  <issue tracker="cve" id="2023-2467"/>
  <issue tracker="cve" id="2023-2462"/>
  <issue tracker="cve" id="2023-2463"/>
  <issue tracker="cve" id="2023-2461"/>
  <issue tracker="cve" id="2023-2459"/>
  <issue tracker="cve" id="2023-2721"/>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

- build with llvm15 on Leap

- Chromium 113.0.5672.126 (boo#1211442):
  * CVE-2023-2721: Use after free in Navigation
  * CVE-2023-2722: Use after free in Autofill UI
  * CVE-2023-2723: Use after free in DevTools
  * CVE-2023-2724: Type Confusion in V8
  * CVE-2023-2725: Use after free in Guest View
  * CVE-2023-2726: Inappropriate implementation in WebApp Installs
  * Various fixes from internal audits, fuzzing and other initiatives

- Chromium 113.0.5672.92 (boo#1211211)
- Multiple security fixes (boo#1211036):
  * CVE-2023-2459: Inappropriate implementation in Prompts
  * CVE-2023-2460: Insufficient validation of untrusted input in Extensions
  * CVE-2023-2461: Use after free in OS Inputs
  * CVE-2023-2462: Inappropriate implementation in Prompts
  * CVE-2023-2463: Inappropriate implementation in Full Screen Mode
  * CVE-2023-2464: Inappropriate implementation in PictureInPicture
  * CVE-2023-2465: Inappropriate implementation in CORS
  * CVE-2023-2466: Inappropriate implementation in Prompts
  * CVE-2023-2467: Inappropriate implementation in Prompts
  * CVE-2023-2468: Inappropriate implementation in PictureInPicture
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places