Bug 1218719 - VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.216
Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6...
Status: RESOLVED FIXED
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security (show other bugs)
Version: Current
Hardware: Other Other
: P3 - Medium : Major (vote)
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-01-11 09:34 UTC by Thomas Leroy
Modified: 2024-01-16 11:44 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2024-01-11 09:34:42 UTC 
The Stable channel has been updated to 120.0.6099.216 for Mac,Linux and 120.0.6099.216/217 to Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

- CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg

References:
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html
Comment 1 OBSbugzilla Bot 2024-01-12 15:35:08 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138331 Factory / chromium
Comment 2 OBSbugzilla Bot 2024-01-12 21:35:08 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138394 Factory / chromium
Comment 3 OBSbugzilla Bot 2024-01-13 15:35:11 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138475 Factory / chromium
Comment 4 Michał Szczepaniak 2024-01-14 08:56:40 UTC 
@Andreas.Stieger@gmx.de Would you mind giving me a hand with ungoogled-chromium?
Comment 5 OBSbugzilla Bot 2024-01-14 09:45:09 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138548 Backports:SLE-15-SP5 / chromium
Comment 6 Andreas Stieger 2024-01-14 10:19:27 UTC 
(In reply to Michał Szczepaniak from comment #4)
> Would you mind giving me a hand with ungoogled-chromium?

Sure, it's done.
Comment 7 OBSbugzilla Bot 2024-01-14 11:35:09 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138553 Factory / ungoogled-chromium
Comment 8 OBSbugzilla Bot 2024-01-14 13:45:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138570 Backports:SLE-15-SP5 / chromium
Comment 9 OBSbugzilla Bot 2024-01-14 15:35:10 UTC 
This is an autogenerated message for OBS integration:
This bug (1218719) was mentioned in
https://build.opensuse.org/request/show/1138578 Factory / ungoogled-chromium
Comment 10 Marcus Meissner 2024-01-16 11:05:14 UTC 
openSUSE-SU-2024:0020-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 1217839,1218048,1218302,1218303,1218533,1218719
CVE References: CVE-2023-6508,CVE-2023-6509,CVE-2023-6510,CVE-2023-6511,CVE-2023-6512,CVE-2023-6702,CVE-2023-6703,CVE-2023-6704,CVE-2023-6705,CVE-2023-6706,CVE-2023-6707,CVE-2023-7024,CVE-2024-0222,CVE-2024-0223,CVE-2024-0224,CVE-2024-0225,CVE-2024-0333
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    chromium-120.0.6099.216-bp155.2.64.1
Comment 11 Andreas Stieger 2024-01-16 11:44:42 UTC 
done