Bug 1217142 - VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 119.0.6045.159
Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 119.0.6...
Status: RESOLVED FIXED
Alias: None
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.5
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Security Team bot
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-11-14 20:24 UTC by Andreas Stieger
Modified: 2023-11-17 11:49 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2023-11-14 20:24:14 UTC 
https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html

Fixed in Chromium 119.0.6045.159:

* CVE-2023-5997: Use after free in Garbage Collection
* CVE-2023-6112: Use after free in Navigation
* Various fixes from internal audits, fuzzing and other initiatives
Comment 1 Andreas Stieger 2023-11-15 06:55:45 UTC 
Submitted:
https://build.opensuse.org/request/show/1126528
https://build.opensuse.org/request/show/1126529
Over to  Michał for ungoogled-chromium
Comment 2 Marcus Meissner 2023-11-16 11:05:05 UTC 
openSUSE-SU-2023:0372-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1217142
CVE References: CVE-2023-5997,CVE-2023-6112
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    chromium-119.0.6045.159-bp155.2.58.1
openSUSE Backports SLE-15-SP4 (src):    chromium-119.0.6045.159-bp154.2.144.1
Comment 3 Andreas Stieger 2023-11-17 11:49:29 UTC 
https://build.opensuse.org/request/show/1127290

done