Package chromium: Information

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all Internet users to experience the web.
- New version (109.0.5414.74).
- Security fixes:
  - CVE-2023-0128: Use after free in Overview Mode.
  - CVE-2023-0129: Heap buffer overflow in Network Service.
  - CVE-2023-0130: Inappropriate implementation in Fullscreen API.
  - CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
  - CVE-2023-0132: Inappropriate implementation in Permission prompts.
  - CVE-2023-0133: Inappropriate implementation in Permission prompts.
  - CVE-2023-0134: Use after free in Cart.
  - CVE-2023-0135: Use after free in Cart.
  - CVE-2023-0136: Inappropriate implementation in Fullscreen API.
  - CVE-2023-0137: Heap buffer overflow in Platform Apps.
  - CVE-2023-0138: Heap buffer overflow in libphonenumber.
  - CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
  - CVE-2023-0140: Inappropriate implementation in File System API.
  - CVE-2023-0141: Insufficient policy enforcement in CORS.
- New version (108.0.5359.71).
- Use LLVM 15.
- Security fixes:
  - CVE-2022-4174: Type Confusion in V8.
  - CVE-2022-4175: Use after free in Camera Capture.
  - CVE-2022-4176: Out of bounds write in Lacros Graphics.
  - CVE-2022-4177: Use after free in Extensions.
  - CVE-2022-4178: Use after free in Mojo.
  - CVE-2022-4179: Use after free in Audio.
  - CVE-2022-4180: Use after free in Mojo.
  - CVE-2022-4181: Use after free in Forms.
  - CVE-2022-4182: Inappropriate implementation in Fenced Frames.
  - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
  - CVE-2022-4184: Insufficient policy enforcement in Autofill.
  - CVE-2022-4185: Inappropriate implementation in Navigation.
  - CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
  - CVE-2022-4187: Insufficient policy enforcement in DevTools.
  - CVE-2022-4188: Insufficient validation of untrusted input in CORS.
  - CVE-2022-4189: Insufficient policy enforcement in DevTools.
  - CVE-2022-4190: Insufficient data validation in Directory.
  - CVE-2022-4191: Use after free in Sign-In.
  - CVE-2022-4192: Use after free in Live Caption.
  - CVE-2022-4193: Insufficient policy enforcement in File System API.
  - CVE-2022-4194: Use after free in Accessibility.
  - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
- New version (107.0.5304.110).
- Security fixes:
  - CVE-2022-3885: Use after free in V8.
  - CVE-2022-3886: Use after free in Speech Recognition.
  - CVE-2022-3887: Use after free in Web Workers.
  - CVE-2022-3888: Use after free in WebCodecs.
  - CVE-2022-3889: Type Confusion in V8.
  - CVE-2022-3890: Heap buffer overflow in Crashpad.

Package chromium: Information

Last changed