FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple security fixes

Affected packages
	chromium	<	121.0.6167.139
	ungoogled-chromium	<	121.0.6167.139
	qt5-webengine	<	5.15.16.p5_5
	qt6-webengine	<	6.6.1_5

Details

VuXML ID	dc9e5237-c197-11ee-86bb-a8a1599412c6
Discovery	2024-01-30
Entry	2024-02-02

Chrome Releases reports:

This update includes 4 security fixes:

[1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14

[1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29

[1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13

[source]

References

CVE Name	CVE-2024-1059
CVE Name	CVE-2024-1060
CVE Name	CVE-2024-1077
URL	https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html