Bug 1198361 - VUL-0: chromium: multiple security issues fixed in 100.0.4896.88
VUL-0: chromium: multiple security issues fixed in 100.0.4896.88
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.3
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2022-04-11 19:56 UTC by Andreas Stieger
Modified: 2022-04-13 19:26 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2022-04-11 19:56:16 UTC
Fixed in 100.0.4896.88:

CVE-2022-1305: Use after free in storage
CVE-2022-1306: Inappropriate implementation in compositing
CVE-2022-1307: Inappropriate implementation in full screen
CVE-2022-1308: Use after free in BFCache
CVE-2022-1309: Insufficient policy enforcement in developer tools
CVE-2022-1310: Use after free in regular expressions
CVE-2022-1311: Use after free in Chrome OS shell
CVE-2022-1312: Use after free in storage
CVE-2022-1313: Use after free in tab groups
CVE-2022-1314: Type Confusion in V8
Various fixes from internal audits, fuzzing and other initiatives

Comment 1 OBSbugzilla Bot 2022-04-12 06:00:03 UTC
This is an autogenerated message for OBS integration:
This bug (1198361) was mentioned in
https://build.opensuse.org/request/show/969302 Factory / chromium
https://build.opensuse.org/request/show/969303 Backports:SLE-15-SP3 / chromium
https://build.opensuse.org/request/show/969304 Backports:SLE-15-SP4 / chromium
Comment 2 Andreas Stieger 2022-04-13 18:38:31 UTC
Comment 3 Swamp Workflow Management 2022-04-13 19:26:34 UTC
openSUSE-SU-2022:0112-1: An update that fixes 35 vulnerabilities is now available.

Category: security (important)
Bug References: 1194511,1194512,1194513,1194514,1197680,1198053,1198361
CVE References: CVE-2021-44531,CVE-2021-44532,CVE-2021-44533,CVE-2022-1125,CVE-2022-1127,CVE-2022-1128,CVE-2022-1129,CVE-2022-1130,CVE-2022-1131,CVE-2022-1132,CVE-2022-1133,CVE-2022-1134,CVE-2022-1135,CVE-2022-1136,CVE-2022-1137,CVE-2022-1138,CVE-2022-1139,CVE-2022-1141,CVE-2022-1142,CVE-2022-1143,CVE-2022-1144,CVE-2022-1145,CVE-2022-1146,CVE-2022-1232,CVE-2022-1305,CVE-2022-1306,CVE-2022-1307,CVE-2022-1308,CVE-2022-1309,CVE-2022-1310,CVE-2022-1311,CVE-2022-1312,CVE-2022-1313,CVE-2022-1314,CVE-2022-21824
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    nodejs14-14.18.3-15.24.1
openSUSE Backports SLE-15-SP3 (src):    chromium-100.0.4896.88-bp153.2.82.1