[Bug 1129059] New: VUL-0: chromium: 73.0.3683.75 update
http://bugzilla.suse.com/show_bug.cgi?id=1129059 Bug ID: 1129059 Summary: VUL-0: chromium: 73.0.3683.75 update Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: tchvatal@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desk... [$TBD][913964] High CVE-2019-5787: Use after free in Canvas. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11 [$N/A][925864] High CVE-2019-5788: Use after free in FileAPI. Reported by Mark Brand of Google Project Zero on 2019-01-28 [$N/A][921581] High CVE-2019-5789: Use after free in WebMIDI. Reported by Mark Brand of Google Project Zero on 2019-01-14 [$7500][914736] High CVE-2019-5790: Heap buffer overflow in V8. Reported by Dimitri Fourny (Blue Frost Security) on 2018-12-13 [$1000][926651] High CVE-2019-5791: Type confusion in V8. Reported by Choongwoo Han of Naver Corporation on 2019-01-30 [$500][914983] High CVE-2019-5792: Integer overflow in PDFium. Reported by pdknsk on 2018-12-13 [$TBD][937487] Medium CVE-2019-5793: Excessive permissions for private API in Extensions. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-03-01 [$TBD][935175] Medium CVE-2019-5794: Security UI spoofing. Reported by Juno Im of Theori on 2019-02-24 [$N/A][919643] Medium CVE-2019-5795: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07 [$N/A][918861] Medium CVE-2019-5796: Race condition in Extensions. Reported by Mark Brand of Google Project Zero on 2019-01-03 [$N/A][916523] Medium CVE-2019-5797: Race condition in DOMStorage. Reported by Mark Brand of Google Project Zero on 2018-12-19 [$N/A][883596] Medium CVE-2019-5798: Out of bounds read in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-13 [$1000][905301] Medium CVE-2019-5799: CSP bypass with blob URL. Reported by sohalt on 2018-11-14 [$1000][894228] Medium CVE-2019-5800: CSP bypass with blob URL. Reported by Jun Kokatsu (@shhnjk) on 2018-10-10 [$500][921390] Medium CVE-2019-5801: Incorrect Omnibox display on iOS. Reported by Khalil Zhani on 2019-01-13 [$500][632514] Medium CVE-2019-5802: Security UI spoofing. Reported by Ronni Skansing on 2016-07-28 [$1000][909865] Low CVE-2019-5803: CSP bypass with Javascript URLs'. Reported by Andrew Comminos of Facebook on 2018-11-28 [$500][933004] Low CVE-2019-5804: Command line command injection on Windows. Reported by Joshua Graham of TSS on 2019-02-17 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c1
--- Comment #1 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c5
--- Comment #5 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Tomáš Chvátal
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c6
--- Comment #6 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c7
--- Comment #7 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c8
--- Comment #8 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c9
--- Comment #9 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c10
Marcus Meissner
http://bugzilla.suse.com/show_bug.cgi?id=1129059
http://bugzilla.suse.com/show_bug.cgi?id=1129059#c11
Alexander Bergmann
participants (1)
-
bugzilla_noreply@novell.com