Bug 1226933

Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 126.0.6478.126
Product: [openSUSE] openSUSE Distribution Reporter: Robert Frohl <rfrohl>
Component: SecurityAssignee: Callum Farmer <gmbr3>
Status: NEW --- QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: Andreas.Stieger
Version: Leap 15.5   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/412039/
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Robert Frohl 2024-06-25 06:15:43 UTC 
The Stable channel has been updated to 126.0.6478.126/127 for Windows, Mac and 126.0.6478.126 for Linux which will roll out over the coming days/weeks.

- CVE-2024-6290: Use after free in Dawn. Reported by wgslfuzz on 2024-05-23
- CVE-2024-6291: Use after free in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-15
- CVE-2024-6292: Use after free in Dawn. Reported by wgslfuzz on 2024-05-24
- CVE-2024-6293: Use after free in Dawn. Reported by wgslfuzz on 2024-06-09

https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html
Comment 1 OBSbugzilla Bot 2024-07-09 11:15:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1226933) was mentioned in
https://build.opensuse.org/request/show/1186366 Factory / chromium
Comment 2 OBSbugzilla Bot 2024-07-09 12:05:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1226933) was mentioned in
https://build.opensuse.org/request/show/1186376 Factory / chromium
Comment 3 OBSbugzilla Bot 2024-07-13 10:35:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1226933) was mentioned in
https://build.opensuse.org/request/show/1187290 Backports:SLE-15-SP5+Backports:SLE-15-SP6 / chromium
Comment 4 OBSbugzilla Bot 2024-07-17 20:35:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1226933) was mentioned in
https://build.opensuse.org/request/show/1188248 Backports:SLE-15-SP5+Backports:SLE-15-SP6 / chromium
Comment 5 Marcus Meissner 2024-07-18 22:04:57 UTC 
openSUSE-SU-2024:0204-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1226170,1226205,1226504,1226933
CVE References: CVE-2024-5830,CVE-2024-5831,CVE-2024-5832,CVE-2024-5833,CVE-2024-5834,CVE-2024-5835,CVE-2024-5836,CVE-2024-5837,CVE-2024-5838,CVE-2024-5839,CVE-2024-5840,CVE-2024-5841,CVE-2024-5842,CVE-2024-5843,CVE-2024-5844,CVE-2024-5845,CVE-2024-5846,CVE-2024-5847,CVE-2024-6100,CVE-2024-6101,CVE-2024-6102,CVE-2024-6103,CVE-2024-6290,CVE-2024-6291,CVE-2024-6292,CVE-2024-6293
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    chromium-126.0.6478.126-bp155.2.94.1