openSUSE-SU-2024:14429-1: moderate: Botan-3.6.0-1.1 on GA media
openSUSE-SU-2024:14430-1: moderate: python313-3.13.0-3.1 on GA media
openSUSE-SU-2024:0341-1: important: Security update for chromium
openSUSE-SU-2024:14429-1: moderate: Botan-3.6.0-1.1 on GA media
# Botan-3.6.0-1.1 on GA media
Announcement ID: openSUSE-SU-2024:14429-1
Rating: moderate
Cross-References:
* CVE-2024-50382
CVSS scores:
* CVE-2024-50382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-50382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the Botan-3.6.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* Botan 3.6.0-1.1
* Botan-doc 3.6.0-1.1
* libbotan-3-6 3.6.0-1.1
* libbotan-devel 3.6.0-1.1
* python3-botan 3.6.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2024-50382.html
openSUSE-SU-2024:14430-1: moderate: python313-3.13.0-3.1 on GA media
# python313-3.13.0-3.1 on GA media
Announcement ID: openSUSE-SU-2024:14430-1
Rating: moderate
Cross-References:
* CVE-2024-9287
CVSS scores:
* CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the python313-3.13.0-3.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* python313 3.13.0-3.1
* python313-curses 3.13.0-3.1
* python313-dbm 3.13.0-3.1
* python313-idle 3.13.0-3.1
* python313-tk 3.13.0-3.1
* python313-x86-64-v3 3.13.0-3.1
## References:
* https://www.suse.com/security/cve/CVE-2024-9287.html
openSUSE-SU-2024:0341-1: important: Security update for chromium
openSUSE Security Update: Security update for chromium
_______________________________
Announcement ID: openSUSE-SU-2024:0341-1
Rating: important
References: #1232060
Cross-References: CVE-2024-10229 CVE-2024-10230 CVE-2024-10231
Affected Products:
openSUSE Backports SLE-15-SP5
openSUSE Backports SLE-15-SP6
_______________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 130.0.6723.69 (boo#1232060)
* CVE-2024-10229: Inappropriate implementation in Extensions
* CVE-2024-10230: Type Confusion in V8
* CVE-2024-10231: Type Confusion in V8
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP6:
zypper in -t patch openSUSE-2024-341=1
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-341=1
Package List:
- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):
chromedriver-130.0.6723.69-bp156.2.44.1
chromedriver-debuginfo-130.0.6723.69-bp156.2.44.1
chromium-130.0.6723.69-bp156.2.44.1
chromium-debuginfo-130.0.6723.69-bp156.2.44.1
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-130.0.6723.69-bp155.2.132.1
chromium-130.0.6723.69-bp155.2.132.1
References:
https://www.suse.com/security/cve/CVE-2024-10229.html
https://www.suse.com/security/cve/CVE-2024-10230.html
https://www.suse.com/security/cve/CVE-2024-10231.html
https://bugzilla.suse.com/1232060
