Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

openSUSE: 2022:10139-1 Critical: Chromium Security Update

opensuse
Calendar Grey October 3, 2022
Dist Opensuse Esm H88
A critical security patch for openSUSE tackles 18 flaws in Firefox, providing improved defense for the operating system.
An update that fixes 18 vulnerabilities is now available

Description

This update for chromium fixes the following issues:

Chromium 106.0.5249.91 (boo#1203808):

* CVE-2022-3370: Use after free in Custom Elements

* CVE-2022-3373: Out of bounds write in V8

Uncludes changes from 106.0.5249.61:

* CVE-2022-3304: Use after free in CSS

* CVE-2022-3201: Insufficient validation of untrusted input in Developer

Tools

* CVE-2022-3305: Use after free in Survey

* CVE-2022-3306: Use after free in Survey

* CVE-2022-3307: Use after free in Media

* CVE-2022-3308: Insufficient policy enforcement in Developer Tools

* CVE-2022-3309: Use after free in Assistant

* CVE-2022-3310: Insufficient policy enforcement in Custom Tabs

* CVE-2022-3311: Use after free in Import

* CVE-2022-3312: Insufficient validation of untrusted input in VPN

* CVE-2022-3313: Incorrect security UI in Full Screen

* CVE-2022-3314: Use after free in Logging

* CVE-2022-3315: Type confusion in Blink

* CVE-2022-3316: Insufficient validation of...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update critical software patch vulnerability openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-10139=1

Package List

- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):

chromedriver-106.0.5249.91-bp153.2.125.1

chromium-106.0.5249.91-bp153.2.125.1

References

https://www.suse.com/security/cve/CVE-2022-3201.html

https://www.suse.com/security/cve/CVE-2022-3304.html

https://www.suse.com/security/cve/CVE-2022-3305.html

https://www.suse.com/security/cve/CVE-2022-3306.html

https://www.suse.com/security/cve/CVE-2022-3307.html

https://www.suse.com/security/cve/CVE-2022-3308.html

https://www.suse.com/security/cve/CVE-2022-3309.html

https://www.suse.com/security/cve/CVE-2022-3310.html

https://www.suse.com/security/cve/CVE-2022-3311.html

https://www.suse.com/security/cve/CVE-2022-3312.html

https://www.suse.com/security/cve/CVE-2022-3313.html

https://www.suse.com/security/cve/CVE-2022-3314.html

https://www.suse.com/security/cve/CVE-2022-3315.html

https://www.suse.com/security/cve/CVE-2022-3316.html

https://www.suse.com/security/cve/CVE-2022-3317.html

https://www.suse.com/security/cve/CVE-2022-3318.html

https://www.suse.com/security/cve/CVE-2022-3370.html

https://www.suse.com/security/cve/CVE-2022-3373.html

https://bugzilla.suse.com/1203808

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:10139-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP3 .

Topics%20covered

Topics Covered

security advisory update critical software patch vulnerability openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here