Bug 1216549 (CVE-2023-5472) - VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 118.0.5993.117
Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 118.0.5...
Status: RESOLVED FIXED
Alias: CVE-2023-5472
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.5
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Security Team bot
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-24 21:19 UTC by Andreas Stieger
Modified: 2023-10-27 14:37 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2023-10-24 21:19:44 UTC 
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_24.html

Fixed in Chromium 118.0.5993.117 This update includes 2 security fixes. 

* CVE-2023-5472: Use after free in Profiles
* Various fixes from internal audits, fuzzing and other initiatives
Comment 2 Marcus Meissner 2023-10-26 13:05:17 UTC 
openSUSE-SU-2023:0325-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1216549
CVE References: CVE-2023-5472
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    chromium-118.0.5993.117-bp155.2.52.1
openSUSE Backports SLE-15-SP4 (src):    chromium-118.0.5993.117-bp154.2.138.1
Comment 3 OBSbugzilla Bot 2023-10-27 14:35:01 UTC 
This is an autogenerated message for OBS integration:
This bug (1216549) was mentioned in
https://build.opensuse.org/request/show/1120801 Factory / ungoogled-chromium
Comment 4 Andreas Stieger 2023-10-27 14:37:23 UTC 
done