Bug 1213800 - VUL-0: chromium: multiple security issues fixed in 96.0.4664.45
Summary: VUL-0: chromium: multiple security issues fixed in 96.0.4664.45
Status: RESOLVED FIXED
Alias: None
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.5
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-07-31 06:45 UTC by Thomas Leroy
Modified: 2023-07-31 07:19 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2023-07-31 06:45:33 UTC 
https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html

CVE-2021-38008: Use after free in media.
CVE-2021-38009: Inappropriate implementation in cache.
CVE-2021-38006: Use after free in storage foundation.
CVE-2021-38007: Type Confusion in V8.
CVE-2021-38005: Use after free in loader.
CVE-2021-38010: Inappropriate implementation in service workers.
CVE-2021-38011: Use after free in storage foundation.
CVE-2021-38012: Type Confusion in V8.
CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
CVE-2021-38014: Out of bounds write in Swiftshader.
CVE-2021-38015: Inappropriate implementation in input.
CVE-2021-38016: Insufficient policy enforcement in background fetch.
CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
CVE-2021-38018: Inappropriate implementation in navigation.
CVE-2021-38019: Insufficient policy enforcement in CORS.
CVE-2021-38020: Insufficient policy enforcement in contacts picker.
CVE-2021-38021: Inappropriate implementation in referrer.
CVE-2021-4316: Inappropriate implementation in Cast UI.
CVE-2021-38022: Inappropriate implementation in WebAuthentication.
Comment 1 Thomas Leroy 2023-07-31 07:19:14 UTC 
Already fixed