Advisories ยป MGASA-2023-0044

Updated chromium-browser-stable packages fix security vulnerability

Publication date: 14 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-0471 , CVE-2023-0472 , CVE-2023-0473 , CVE-2023-0474

Description

The chromium-browser-stable package has been updated to the 109.0.5414.119
release, fixing 6 vulnerabilities.

Some of the security fixes are:
High CVE-2023-0471: Use after free in WebTransport. Reported by chichoo
Kim(chichoo) and Cassidy Kim(@cassidy6564) on 2022-10-19
High CVE-2023-0472: Use after free in WebRTC. Reported by Cassidy
Kim(@cassidy6564) on 2023-01-06
Medium CVE-2023-0473: Type Confusion in ServiceWorker API. Reported by
raven at KunLun lab on 2023-01-03
Medium CVE-2023-0474: Use after free in GuestView. Reported by avaue at
S.S.L on 2022-12-14
                

References

SRPMS

8/core