Alerts This Week
Warning Icon 1 1,020
Alerts This Week
Warning Icon 1 1,020

openSUSE Backports SLE-15-SP5 and 15-SP6: Important Chromium Issues

opensuse
Calendar Grey October 18, 2024
Dist Opensuse Esm H88
Recent update for openSUSE addresses 13 vulnerabilities in chromium with critical security enhancements. Ensure your systems are fortified now.
An update that fixes 13 vulnerabilities is now available

Description

This update for chromium fixes the following issues:

Chromium 130.0.6723.58 (boo#1231694)

* CVE-2024-9954: Use after free in AI

* CVE-2024-9955: Use after free in Web Authentication

* CVE-2024-9956: Inappropriate implementation in Web Authentication

* CVE-2024-9957: Use after free in UI

* CVE-2024-9958: Inappropriate implementation in PictureInPicture

* CVE-2024-9959: Use after free in DevTools

* CVE-2024-9960: Use after free in Dawn

* CVE-2024-9961: Use after free in Parcel Tracking

* CVE-2024-9962: Inappropriate implementation in Permissions

* CVE-2024-9963: Insufficient data validation in Downloads

* CVE-2024-9964: Inappropriate implementation in Payments

* CVE-2024-9965: Insufficient data validation in DevTools

* CVE-2024-9966: Inappropriate implementation in Navigations

Topics%20covered

Topics Covered

security advisory update threat important fixes openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2024-337=1

- openSUSE Backports SLE-15-SP5:

zypper in -t patch openSUSE-2024-337=1

Package List

- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

chromedriver-130.0.6723.58-bp156.2.41.1

chromedriver-debuginfo-130.0.6723.58-bp156.2.41.1

chromium-130.0.6723.58-bp156.2.41.1

chromium-debuginfo-130.0.6723.58-bp156.2.41.1

- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):

chromedriver-130.0.6723.58-bp155.2.129.1

chromium-130.0.6723.58-bp155.2.129.1

References

https://www.suse.com/security/cve/CVE-2024-9954.html

https://www.suse.com/security/cve/CVE-2024-9955.html

https://www.suse.com/security/cve/CVE-2024-9956.html

https://www.suse.com/security/cve/CVE-2024-9957.html

https://www.suse.com/security/cve/CVE-2024-9958.html

https://www.suse.com/security/cve/CVE-2024-9959.html

https://www.suse.com/security/cve/CVE-2024-9960.html

https://www.suse.com/security/cve/CVE-2024-9961.html

https://www.suse.com/security/cve/CVE-2024-9962.html

https://www.suse.com/security/cve/CVE-2024-9963.html

https://www.suse.com/security/cve/CVE-2024-9964.html

https://www.suse.com/security/cve/CVE-2024-9965.html

https://www.suse.com/security/cve/CVE-2024-9966.html

https://bugzilla.suse.com/1231694

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2024:0337-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP5 openSUSE Backports SLE-15-SP6 .

Topics%20covered

Topics Covered

security advisory update threat important fixes openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here