Bugzilla – Bug 1223845
VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 124.0.6367.78
Last modified: 2024-05-13 09:13:43 UTC
This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. Critical CVE-2024-4058: Type Confusion in ANGLE. Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure on 2024-04-02 High CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik on 2024-04-08 High CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09 https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html
Opened this for tracking purposes, there is a newer release in bsc#1223846
This is an autogenerated message for OBS integration: This bug (1223845) was mentioned in https://build.opensuse.org/request/show/1173380 Factory / chromium
This is an autogenerated message for OBS integration: This bug (1223845) was mentioned in https://build.opensuse.org/request/show/1173381 Backports:SLE-15-SP5 / chromium
openSUSE-SU-2024:0123-1: An update that fixes 35 vulnerabilities is now available. Category: security (important) Bug References: 1221732,1222035,1222260,1222707,1222958,1223845,1223846,1224045 CVE References: CVE-2024-2625,CVE-2024-2626,CVE-2024-2627,CVE-2024-2628,CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887,CVE-2024-3156,CVE-2024-3157,CVE-2024-3158,CVE-2024-3159,CVE-2024-3515,CVE-2024-3516,CVE-2024-3832,CVE-2024-3833,CVE-2024-3834,CVE-2024-3837,CVE-2024-3838,CVE-2024-3839,CVE-2024-3840,CVE-2024-3841,CVE-2024-3843,CVE-2024-3844,CVE-2024-3845,CVE-2024-3846,CVE-2024-3847,CVE-2024-4058,CVE-2024-4059,CVE-2024-4060,CVE-2024-4331,CVE-2024-4368,CVE-2024-4558,CVE-2024-4559,CVE-2024-4671 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): chromium-124.0.6367.201-bp155.2.78.1
Chromium 124.0.6367.201 is in, as I did not get any crashes anymore.