Bugzilla – Bug 1213462
VUL-0: chromium: multiple security issues fixed in 115.0.5790.98
Last modified: 2023-07-27 07:12:58 UTC
https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-desktop.html CVE-2023-3727: Use after free in WebRTC CVE-2023-3728: Use after free in WebRTC CVE-2023-3730: Use after free in Tab Groups CVE-2023-3732: Out of bounds memory access in Mojo CVE-2023-3733: Inappropriate implementation in WebApp Installs CVE-2023-3734: Inappropriate implementation in Picture In Picture CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts CVE-2023-3736: Inappropriate implementation in Custom Tabs CVE-2023-3737: Inappropriate implementation in Notifications CVE-2023-3738: Inappropriate implementation in Autofill CVE-2023-3740: Insufficient validation of untrusted input in Themes Various fixes from internal audits, fuzzing and other initiatives
This is an autogenerated message for OBS integration: This bug (1213462) was mentioned in https://build.opensuse.org/request/show/1099461 Factory / chromium
This is an autogenerated message for OBS integration: This bug (1213462) was mentioned in https://build.opensuse.org/request/show/1099469 Factory / chromium
This is an autogenerated message for OBS integration: This bug (1213462) was mentioned in https://build.opensuse.org/request/show/1099562 Factory / ungoogled-chromium
Calling, I added some patches for Leap but we are at the failure below. I’ll be out for a couple of days, maybe you can take a look? [ 9886s] ld.lld: error: undefined symbol: re2::FilteredRE2::Add(std::basic_string_view<char, std::char_traits<char>>, re2::RE2::Options const&, int*) [ 9886s] >>> referenced by regex_set_matcher.cc [ 9886s] >>> thinlto-cache/llvmcache-3DFFBF1D83512989193250B5712DC1EF17E4AD78:(url_matcher::RegexSetMatcher::RebuildMatcher()) [ 9886s] [ 9886s] ld.lld: error: undefined symbol: re2::FilteredRE2::AllMatches(std::basic_string_view<char, std::char_traits<char>>, std::vector<int, std::allocator<int>> const&, std::vector<int, std::allocator<int>>*) const [ 9886s] >>> referenced by regex_set_matcher.cc [ 9886s] >>> thinlto-cache/llvmcache-3DFFBF1D83512989193250B5712DC1EF17E4AD78:(url_matcher::RegexSetMatcher::Match(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long>>*) const) [ 9886s] clang++: error: linker command failed with exit code 1 (use -v to see invocation) [ 9886s] ninja: build stopped: subcommand failed.
Submitted. comment #4 relates to a failure with re2 2023-07-01
This is an autogenerated message for OBS integration: This bug (1213462) was mentioned in https://build.opensuse.org/request/show/1100189 Backports:SLE-15-SP4+Backports:SLE-15-SP5 / chromium
openSUSE-SU-2023:0193-1: An update that fixes 11 vulnerabilities is now available. Category: security (important) Bug References: 1213462 CVE References: CVE-2023-3727,CVE-2023-3728,CVE-2023-3730,CVE-2023-3732,CVE-2023-3733,CVE-2023-3734,CVE-2023-3735,CVE-2023-3736,CVE-2023-3737,CVE-2023-3738,CVE-2023-3740 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): chromium-115.0.5790.102-bp155.2.13.1 openSUSE Backports SLE-15-SP4 (src): chromium-115.0.5790.102-bp154.2.99.1
done