Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

openSUSE: 2022:10138-1 Important: Chromium 18 Security Issues Fixed

opensuse
Calendar Grey October 3, 2022
Dist Opensuse Esm H88
An important patch for Fedora's Firefox addresses 21 vulnerabilities to bolster system security.
An update that fixes 18 vulnerabilities is now available

Description

This update for chromium fixes the following issues:

Chromium 106.0.5249.91 (boo#1203808):

* CVE-2022-3370: Use after free in Custom Elements

* CVE-2022-3373: Out of bounds write in V8

includes changes from 106.0.5249.61:

* CVE-2022-3304: Use after free in CSS

* CVE-2022-3201: Insufficient validation of untrusted input in Developer

Tools

* CVE-2022-3305: Use after free in Survey

* CVE-2022-3306: Use after free in Survey

* CVE-2022-3307: Use after free in Media

* CVE-2022-3308: Insufficient policy enforcement in Developer Tools

* CVE-2022-3309: Use after free in Assistant

* CVE-2022-3310: Insufficient policy enforcement in Custom Tabs

* CVE-2022-3311: Use after free in Import

* CVE-2022-3312: Insufficient validation of untrusted input in VPN

* CVE-2022-3313: Incorrect security UI in Full Screen

* CVE-2022-3314: Use after free in Logging

* CVE-2022-3315: Type confusion in Blink

* CVE-2022-3316: Insufficient validation of...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue software update patch important openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP4:

zypper in -t patch openSUSE-2022-10138=1

Package List

- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):

chromedriver-106.0.5249.91-bp154.2.32.1

chromium-106.0.5249.91-bp154.2.32.1

References

https://www.suse.com/security/cve/CVE-2022-3201.html

https://www.suse.com/security/cve/CVE-2022-3304.html

https://www.suse.com/security/cve/CVE-2022-3305.html

https://www.suse.com/security/cve/CVE-2022-3306.html

https://www.suse.com/security/cve/CVE-2022-3307.html

https://www.suse.com/security/cve/CVE-2022-3308.html

https://www.suse.com/security/cve/CVE-2022-3309.html

https://www.suse.com/security/cve/CVE-2022-3310.html

https://www.suse.com/security/cve/CVE-2022-3311.html

https://www.suse.com/security/cve/CVE-2022-3312.html

https://www.suse.com/security/cve/CVE-2022-3313.html

https://www.suse.com/security/cve/CVE-2022-3314.html

https://www.suse.com/security/cve/CVE-2022-3315.html

https://www.suse.com/security/cve/CVE-2022-3316.html

https://www.suse.com/security/cve/CVE-2022-3317.html

https://www.suse.com/security/cve/CVE-2022-3318.html

https://www.suse.com/security/cve/CVE-2022-3370.html

https://www.suse.com/security/cve/CVE-2022-3373.html

https://bugzilla.suse.com/1203808

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:10138-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP4 .

Topics%20covered

Topics Covered

security advisory security issue software update patch important openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here