[Git][security-tracker-team/security-tracker][master] Add new chromium issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 15 21:29:39 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57ebe9d3 by Salvatore Bonaccorso at 2023-08-15T22:29:06+02:00
Add new chromium issues

Link: https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,45 +3,65 @@ CVE-2023-4371 (A vulnerability was found in phpRecDB 1.3.1. It has been rated as
 CVE-2023-4369 (Insufficient data validation in Systems Extensions in Google Chrome on ...)
 	TODO: check
 CVE-2023-4368 (Insufficient policy enforcement in Extensions API in Google Chrome pri ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4367 (Insufficient policy enforcement in Extensions API in Google Chrome pri ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4366 (Use after free in Extensions in Google Chrome prior to 116.0.5845.96 a ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4365 (Inappropriate implementation in Fullscreen in Google Chrome prior to 1 ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4364 (Inappropriate implementation in Permission Prompts in Google Chrome pr ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4363 (Inappropriate implementation in WebShare in Google Chrome on Android p ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4362 (Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845 ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4361 (Inappropriate implementation in Autofill in Google Chrome on Android p ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4360 (Inappropriate implementation in Color in Google Chrome prior to 116.0. ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4359 (Inappropriate implementation in App Launcher in Google Chrome on iOS p ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4358 (Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed  ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4357 (Insufficient validation of untrusted input in XML in Google Chrome pri ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4356 (Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowe ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4355 (Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845 ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4354 (Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 a ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4353 (Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96  ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4352 (Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4351 (Use after free in Network in Google Chrome prior to 116.0.5845.96 allo ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4350 (Inappropriate implementation in Fullscreen in Google Chrome on Android ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4349 (Use after free in Device Trust Connectors in Google Chrome prior to 11 ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-4345 (Broadcom RAID Controller web interface is vulnerable client-side contr ...)
 	TODO: check
 CVE-2023-4344 (Broadcom RAID Controller web interface is vulnerable to insufficient r ...)
@@ -12216,7 +12236,8 @@ CVE-2023-2313 (Inappropriate implementation in Sandbox in Google Chrome on Windo
 	- chromium 112.0.5615.49-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-2312 (Use after free in Offline in Google Chrome on Android prior to 116.0.5 ...)
-	TODO: check
+	- chromium <unfixed>
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-2311 (Insufficient policy enforcement in File System API in Google Chrome pr ...)
 	{DSA-5386-1}
 	- chromium 112.0.5615.49-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57ebe9d37243c0c5f77c14a0bec14a7177a95a1b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57ebe9d37243c0c5f77c14a0bec14a7177a95a1b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230815/2bd1443d/attachment.htm>

More information about the debian-security-tracker-commits mailing list