Bug 1213800

Summary: VUL-0: chromium: multiple security issues fixed in 96.0.4664.45
Product: [openSUSE] openSUSE Distribution Reporter: Thomas Leroy <thomas.leroy>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium    
Version: Leap 15.5   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2023-07-31 06:45:33 UTC 
https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html

CVE-2021-38008: Use after free in media.
CVE-2021-38009: Inappropriate implementation in cache.
CVE-2021-38006: Use after free in storage foundation.
CVE-2021-38007: Type Confusion in V8.
CVE-2021-38005: Use after free in loader.
CVE-2021-38010: Inappropriate implementation in service workers.
CVE-2021-38011: Use after free in storage foundation.
CVE-2021-38012: Type Confusion in V8.
CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
CVE-2021-38014: Out of bounds write in Swiftshader.
CVE-2021-38015: Inappropriate implementation in input.
CVE-2021-38016: Insufficient policy enforcement in background fetch.
CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
CVE-2021-38018: Inappropriate implementation in navigation.
CVE-2021-38019: Insufficient policy enforcement in CORS.
CVE-2021-38020: Insufficient policy enforcement in contacts picker.
CVE-2021-38021: Inappropriate implementation in referrer.
CVE-2021-4316: Inappropriate implementation in Cast UI.
CVE-2021-38022: Inappropriate implementation in WebAuthentication.
Comment 1 Thomas Leroy 2023-07-31 07:19:14 UTC 
Already fixed