Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 530
Alerts This Week
Warning Icon 1 530

Mageia 8 MGASA-2023-0044 High Threat: Chromium Browser Security Fix

mageia
Calendar Grey February 14, 2023
Dist Mageia Esm H88
The latest release of the chromium-browser-stable package addresses a total of six vulnerabilities, significantly boosting the security of Mageia 8.
The chromium-browser-stable package has been updated to the 109.0.5414.119 release, fixing 6 vulnerabilities

Summary

The chromium-browser-stable package has been updated to the 109.0.5414.119 release, fixing 6 vulnerabilities.
Some of the security fixes are: High CVE-2023-0471: Use after free in WebTransport. Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564) on 2022-10-19 High CVE-2023-0472: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-01-06 Medium CVE-2023-0473: Type Confusion in ServiceWorker API. Reported by raven at KunLun lab on 2023-01-03 Medium CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L on 2022-12-14

References

- https://bugs.mageia.org/show_bug.cgi?id=31465

- https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html

- https://www.androidpolice.com/google-chrome-109/

- https://www.cve.org/CVERecord?id=CVE-2023-0471

- https://www.cve.org/CVERecord?id=CVE-2023-0472

- https://www.cve.org/CVERecord?id=CVE-2023-0473

- https://www.cve.org/CVERecord?id=CVE-2023-0474

Resolution

SRPMS

- 8/core/chromium-browser-stable-109.0.5414.119-1.mga8

Publication date: 14 Feb 2023
URL: https://advisories.mageia.org/MGASA-2023-0044.html
Type: security
CVE: CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.