Overview

File _patchinfo of Package patchinfo.18472

<patchinfo incident="18472">
  <issue tracker="bnc" id="1226504">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 126.0.6478.114</issue>
  <issue tracker="bnc" id="1226170">Chromium - widevine not being loaded in arm64 Linux</issue>
  <issue tracker="bnc" id="1226205">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 126.0.6478.54</issue>
  <issue tracker="bnc" id="1226933">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 126.0.6478.126</issue>
  <issue tracker="cve" id="2024-6290"/>
  <issue tracker="cve" id="2024-5836"/>
  <issue tracker="cve" id="2024-5830"/>
  <issue tracker="cve" id="2024-5843"/>
  <issue tracker="cve" id="2024-5842"/>
  <issue tracker="cve" id="2024-6293"/>
  <issue tracker="cve" id="2024-5840"/>
  <issue tracker="cve" id="2024-5844"/>
  <issue tracker="cve" id="2024-5838"/>
  <issue tracker="cve" id="2024-5834"/>
  <issue tracker="cve" id="2024-5839"/>
  <issue tracker="cve" id="2024-5846"/>
  <issue tracker="cve" id="2024-5831"/>
  <issue tracker="cve" id="2024-5841"/>
  <issue tracker="cve" id="2024-5833"/>
  <issue tracker="cve" id="2024-5847"/>
  <issue tracker="cve" id="2024-6102"/>
  <issue tracker="cve" id="2024-6292"/>
  <issue tracker="cve" id="2024-6100"/>
  <issue tracker="cve" id="2024-5835"/>
  <issue tracker="cve" id="2024-5832"/>
  <issue tracker="cve" id="2024-6101"/>
  <issue tracker="cve" id="2024-6291"/>
  <issue tracker="cve" id="2024-5837"/>
  <issue tracker="cve" id="2024-6103"/>
  <issue tracker="cve" id="2024-5845"/>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933)

  * CVE-2024-6290: Use after free in Dawn
  * CVE-2024-6291: Use after free in Swiftshader
  * CVE-2024-6292: Use after free in Dawn
  * CVE-2024-6293: Use after free in Dawn
  * CVE-2024-6100: Type Confusion in V8
  * CVE-2024-6101: Inappropriate implementation in WebAssembly
  * CVE-2024-6102: Out of bounds memory access in Dawn
  * CVE-2024-6103: Use after free in Dawn
  * CVE-2024-5830: Type Confusion in V8
  * CVE-2024-5831: Use after free in Dawn
  * CVE-2024-5832: Use after free in Dawn
  * CVE-2024-5833: Type Confusion in V8
  * CVE-2024-5834: Inappropriate implementation in Dawn
  * CVE-2024-5835: Heap buffer overflow in Tab Groups
  * CVE-2024-5836: Inappropriate Implementation in DevTools
  * CVE-2024-5837: Type Confusion in V8
  * CVE-2024-5838: Type Confusion in V8
  * CVE-2024-5839: Inappropriate Implementation in Memory Allocator
  * CVE-2024-5840: Policy Bypass in CORS
  * CVE-2024-5841: Use after free in V8
  * CVE-2024-5842: Use after free in Browser UI
  * CVE-2024-5843: Inappropriate implementation in Downloads
  * CVE-2024-5844: Heap buffer overflow in Tab Strip
  * CVE-2024-5845: Use after free in Audio
  * CVE-2024-5846: Use after free in PDFium
  * CVE-2024-5847: Use after free in PDFium

- Amend fix_building_widevinecdm_with_chromium.patch to allow
  Widevine on ARM64 (boo#1226170)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places