Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 635
Alerts This Week
Warning Icon 1 635

Mageia 9 MGASA-2023-0322 High: Chromium Security Threat Fix

mageia
Calendar Grey November 20, 2023
Dist Mageia Esm H88
The latest version of firefox-browser-stable ensures better protection by resolving significant vulnerabilities and boosting reliability for its audience.
The chromium-browser-stable package has been updated to the 119.0.6045.159 release, fixing bugs and 15 vulnerabilities, together with 119.0.6045.123 and 119.0.6045.105; some of the...

Summary

The chromium-browser-stable package has been updated to the 119.0.6045.159 release, fixing bugs and 15 vulnerabilities, together with 119.0.6045.123 and 119.0.6045.105; some of them are listed below:
High CVE-2023-5480: Inappropriate implementation in Payments. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2023-10-14
High CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy on 2023-10-13
High CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy on 2023-10-13
High CVE-2023-5996: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023 on 2023-10-30
High CVE-2023-5997: Use after free in Garbage Collection. Reported by Anonymous on 2023-10-31
High CVE-2023-6112: Use after free in Navigation. Reported by Sergei Glazunov of Google Project Zero on 2023-11-04
Medium CVE-2023-5850: Incorrect security UI in Downloads. Reported by Mohit Raj (shadow2639) on 2021-12-22
Medium CVE-2023-5851: Inappropriate im...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=32529

- https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html

- https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html

- https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html

- https://www.gearrice.com/

- https://www.cve.org/CVERecord?id=CVE-2023-5480

- https://www.cve.org/CVERecord?id=CVE-2023-5482

- https://www.cve.org/CVERecord?id=CVE-2023-5849

- https://www.cve.org/CVERecord?id=CVE-2023-5996

- https://www.cve.org/CVERecord?id=CVE-2023-5997

- https://www.cve.org/CVERecord?id=CVE-2023-6112

- https://www.cve.org/CVERecord?id=CVE-2023-5850

- https://www.cve.org/CVERecord?id=CVE-2023-5851

- https://www.cve.org/CVERecord?id=CVE-2023-5852

- https://www.cve.org/CVERecord?id=CVE-2023-5853

- https://www.cve.org/CVERecord?id=CVE-2023-5854

- https://www.cve.org/CVERecord?id=CVE-2023-5855

- https://www.cve.org/CVERecord?id=CVE-2023-5856

- https://www.cve.org/CVERecord?id=CVE-2023-5857

- https://www.cve.org/CVERecord?id=CVE-2023-5858

Resolution

SRPMS

- 9/tainted/chromium-browser-stable-119.0.6045.159-1.mga9.tainted

Publication date: 20 Nov 2023
URL: https://advisories.mageia.org/MGASA-2023-0322.html
Type: security
CVE: CVE-2023-5480, CVE-2023-5482, CVE-2023-5849, CVE-2023-5996, CVE-2023-5997, CVE-2023-6112, CVE-2023-5850, CVE-2023-5851, CVE-2023-5852, CVE-2023-5853, CVE-2023-5854, CVE-2023-5855, CVE-2023-5856, CVE-2023-5857, CVE-2023-5858

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.