openSUSE: 2023:0234-1 Important Security Update For Chromium
opensuse
August 21, 2023
An update that fixes 21 vulnerabilities is now available
Description
This update for chromium fixes the following issues:
Chromium 116.0.5845.96
* New CSS features: Motion Path, and "display" and "content-visibility"
animations
* Web APIs: AbortSignal.any(), BYOB support for Fetch, Back/ forward cache
NotRestoredReason API, Document Picture-in- Picture, Expanded Wildcards
in Permissions Policy Origins, FedCM bundle: Login Hint API, User Info
API, and RP Context API, Non-composed Mouse and Pointer enter/leave
events, Remove document.open sandbox inheritance, Report Critical-CH
caused restart in NavigationTiming
This update fixes a number of security issues (boo#1214301):
* CVE-2023-2312: Use after free in Offline
* CVE-2023-4349: Use after free in Device Trust Connectors
* CVE-2023-4350: Inappropriate implementation in Fullscreen
* CVE-2023-4351: Use after free in Network
* CVE-2023-4352: Type Confusion in V8
* CVE-2023-4353: Heap buffer overflow in ANGLE
*...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-234=1
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-234=1
Package List
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-116.0.5845.96-bp155.2.19.1
chromedriver-debuginfo-116.0.5845.96-bp155.2.19.1
chromium-116.0.5845.96-bp155.2.19.1
chromium-debuginfo-116.0.5845.96-bp155.2.19.1
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-116.0.5845.96-bp154.2.105.1
chromium-116.0.5845.96-bp154.2.105.1
References
https://www.suse.com/security/cve/CVE-2023-2312.html
https://www.suse.com/security/cve/CVE-2023-4349.html
https://www.suse.com/security/cve/CVE-2023-4350.html
https://www.suse.com/security/cve/CVE-2023-4351.html
https://www.suse.com/security/cve/CVE-2023-4352.html
https://www.suse.com/security/cve/CVE-2023-4353.html
https://www.suse.com/security/cve/CVE-2023-4354.html
https://www.suse.com/security/cve/CVE-2023-4355.html
https://www.suse.com/security/cve/CVE-2023-4356.html
https://www.suse.com/security/cve/CVE-2023-4357.html
https://www.suse.com/security/cve/CVE-2023-4358.html
https://www.suse.com/security/cve/CVE-2023-4359.html
https://www.suse.com/security/cve/CVE-2023-4360.html
https://www.suse.com/security/cve/CVE-2023-4361.html
https://www.suse.com/security/cve/CVE-2023-4362.html
https://www.suse.com/security/cve/CVE-2023-4363.html
https://www.suse.com/security/cve/CVE-2023-4364.html
https://www.suse.com/security/cve/CVE-2023-4365.html
https://www.suse.com/security/cve/CVE-2023-4366.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2023:0234-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP4
openSUSE Backports SLE-15-SP5
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!