Bugzilla – Bug 1218892
VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.224
Last modified: 2024-01-19 02:04:54 UTC
The Stable channel has been updated to 120.0.6099.224 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. CVE-2024-0517: Out of bounds write in V8. CVE-2024-0518: Type Confusion in V8. CVE-2024-0519: Out of bounds memory access in V8. Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild. As usual, our ongoing internal security work was responsible for a wide range of fixes: [1518006] Various fixes from internal audits, fuzzing and other initiatives
*** Bug 1218891 has been marked as a duplicate of this bug. ***
submitted
over to ungoogle-chromium
This is an autogenerated message for OBS integration: This bug (1218892) was mentioned in https://build.opensuse.org/request/show/1139408 Factory / chromium https://build.opensuse.org/request/show/1139411 Backports:SLE-15-SP5 / chromium
done
This is an autogenerated message for OBS integration: This bug (1218892) was mentioned in https://build.opensuse.org/request/show/1139807 Factory / ungoogled-chromium
openSUSE-SU-2024:0025-1: An update that fixes three vulnerabilities is now available. Category: security (critical) Bug References: 1218892 CVE References: CVE-2024-0517,CVE-2024-0518,CVE-2024-0519 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): chromium-120.0.6099.224-bp155.2.67.1