Overview

File _patchinfo of Package patchinfo.18527

<patchinfo incident="18527">
  <issue tracker="bnc" id="1229591">VUL-0: chromium: multiple vulnerabilities fixed in 128.0.6613.84</issue>
  <issue tracker="bnc" id="1229426">chromium 128 track</issue>
  <issue tracker="cve" id="2024-7969"/>
  <issue tracker="cve" id="2024-7972"/>
  <issue tracker="cve" id="2024-7976"/>
  <issue tracker="cve" id="2024-7968"/>
  <issue tracker="cve" id="2024-7977"/>
  <issue tracker="cve" id="2024-7978"/>
  <issue tracker="cve" id="2024-7965"/>
  <issue tracker="cve" id="2024-7966"/>
  <issue tracker="cve" id="2024-8034"/>
  <issue tracker="cve" id="2024-8035"/>
  <issue tracker="cve" id="2024-7971"/>
  <issue tracker="cve" id="2024-7967"/>
  <issue tracker="cve" id="2024-7964"/>
  <issue tracker="cve" id="2024-7980"/>
  <issue tracker="cve" id="2024-7981"/>
  <issue tracker="cve" id="2024-7979"/>
  <issue tracker="cve" id="2024-8033"/>
  <issue tracker="cve" id="2024-7975"/>
  <issue tracker="cve" id="2024-7974"/>
  <issue tracker="cve" id="2024-7973"/>
  <packager>AndreasStieger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

- Chromium 128.0.6613.84 (boo#1229591)
  * CVE-2024-7964: Use after free in Passwords
  * CVE-2024-7965: Inappropriate implementation in V8
  * CVE-2024-7966: Out of bounds memory access in Skia
  * CVE-2024-7967: Heap buffer overflow in Fonts
  * CVE-2024-7968: Use after free in Autofill
  * CVE-2024-7969: Type Confusion in V8
  * CVE-2024-7971: Type confusion in V8
  * CVE-2024-7972: Inappropriate implementation in V8
  * CVE-2024-7973: Heap buffer overflow in PDFium
  * CVE-2024-7974: Insufficient data validation in V8 API
  * CVE-2024-7975: Inappropriate implementation in Permissions
  * CVE-2024-7976: Inappropriate implementation in FedCM
  * CVE-2024-7977: Insufficient data validation in Installer
  * CVE-2024-7978: Insufficient policy enforcement in Data Transfer
  * CVE-2024-7979: Insufficient data validation in Installer
  * CVE-2024-7980: Insufficient data validation in Installer
  * CVE-2024-7981: Inappropriate implementation in Views
  * CVE-2024-8033: Inappropriate implementation in WebApp Installs
  * CVE-2024-8034: Inappropriate implementation in Custom Tabs
  * CVE-2024-8035: Inappropriate implementation in Extensions
  * Various fixes from internal audits, fuzzing and other initiatives
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places