[Bug 1162833] New: VUL-0: chromium: update to 80.0.3987.87
http://bugzilla.suse.com/show_bug.cgi?id=1162833 Bug ID: 1162833 Summary: VUL-0: chromium: update to 80.0.3987.87 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: tchvatal@suse.com Reporter: atoptsoglou@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- This update includes 56 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$5000][1034394] High CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's National Cyber Security Centre (NCSC) on 2019-12-09 [$2000][1031909] High CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu from SSLab, Gatech on 2019-12-08 [$500][1020745] High CVE-2019-18197: Multiple vulnerabilities in XML. Reported by BlackBerry Security Incident Response Team on 2019-11-01 [$500][1042700] High CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16 [$N/A][1035399] High CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov of Google Project Zero on 2019-12-18 [$N/A][1038863] High CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite. Reported by Richard Lorenz, SAP on 2020-01-03 [$N/A][1042535] High CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16 [$N/A][1042879] High CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-16 [$N/A][1042933] High CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16 [$N/A][1045874] High CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27 [$10000][1017871] Medium CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by Michał Bentkowski of Securitum on 2019-10-24 [$5000][1030411] Medium CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team on 2019-12-03 [$5000][1035058] Medium CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery on 2019-12-17 [$3000][1014371] Medium CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo on 2019-10-15 [$3000][1022855] Medium CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois from Arm on 2019-11-08 [$3000][1035271] Medium CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie on 2019-12-18 [$2000][1027408] Medium CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani on 2019-11-22 [$2000][1032090] Medium CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk on 2019-12-09 [$2000][1039869] Medium CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07 [$1000][1038036] Medium CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi (@y0n3uchy) on 2019-12-27 [$500][1017707] Medium CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh on 2019-10-24 [$500][1029375] Medium CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew (@vladimir_metnew) on 2019-11-28 [$TBD][1006012] Medium CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani on 2019-09-19 [$N/A][1024256] Medium CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi on 2019-11-13 [$N/A][1042145] Medium CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen(Ne0) & Rui Zhong(zr33) on 2020-01-15 [$N/A][1042254] Medium CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-15 [$N/A][1042578] Medium CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16 [$1000][1026546] Low CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen of andsecurity.cn on 2019-11-20 [$1000][1037889] Low CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V from Karya Technologies on 2019-12-26 [$500][881675] Low CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 of Bilibili Security Team on 2018-09-07 [$500][929711] Low CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani on 2019-02-07 [$N/A][968505] Low CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng (@zzh1996) of University of Science and Technology of China on 2019-05-30 [$N/A][1005713] Low CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał Bentkowski of Securitum on 2019-09-19 [$N/A][1021855] Low CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T on 2019-11-06 [$N/A][1029576] Low CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-11-30 [$N/A][1031895] Low CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2019-12-08 [$N/A][1033824] Low CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato "Wrath" Moraes and Altieres "FallenHawk" Rohr on 2019-12-13 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes: [1048330] Various fixes from internal audits, fuzzing and other initiatives Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. Thank you, Srinivas Sista -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c1 --- Comment #1 from Alexandros Toptsoglou <atoptsoglou@suse.com> --- Reference https://chromereleases.googleblog.com/ -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c2 --- Comment #2 from Tomáš Chvátal <tchvatal@suse.com> --- On leap 15 and sle15 this is blocked by eco update of opus. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 Maintenance Robot <maint-coord+maintenance_robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c3 --- Comment #3 from Tomáš Chvátal <tchvatal@suse.com> --- Submissions to Leap/Backports/TW done. Note that 15.1:Update can be really processed after the ECO on opus is completed. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 Tomáš Chvátal <tchvatal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|tchvatal@suse.com |security-team@suse.de -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c4 --- Comment #4 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1162833) was mentioned in https://build.opensuse.org/request/show/770276 Factory / chromium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c6 --- Comment #6 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1162833) was mentioned in https://build.opensuse.org/request/show/770277 15.1 / chromium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c7 --- Comment #7 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2020:0189-1: An update that fixes 38 vulnerabilities is now available. Category: security (important) Bug References: 1162833 CVE References: CVE-2019-18197,CVE-2019-19880,CVE-2019-19923,CVE-2019-19925,CVE-2019-19926,CVE-2020-6381,CVE-2020-6382,CVE-2020-6385,CVE-2020-6387,CVE-2020-6388,CVE-2020-6389,CVE-2020-6390,CVE-2020-6391,CVE-2020-6392,CVE-2020-6393,CVE-2020-6394,CVE-2020-6395,CVE-2020-6396,CVE-2020-6397,CVE-2020-6398,CVE-2020-6399,CVE-2020-6400,CVE-2020-6401,CVE-2020-6402,CVE-2020-6403,CVE-2020-6404,CVE-2020-6405,CVE-2020-6406,CVE-2020-6408,CVE-2020-6409,CVE-2020-6410,CVE-2020-6411,CVE-2020-6412,CVE-2020-6413,CVE-2020-6414,CVE-2020-6415,CVE-2020-6416,CVE-2020-6417 Sources used: openSUSE Leap 15.1 (src): chromium-80.0.3987.87-lp151.2.63.1 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c8 --- Comment #8 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2020:0210-1: An update that fixes 38 vulnerabilities is now available. Category: security (important) Bug References: 1162833 CVE References: CVE-2019-18197,CVE-2019-19880,CVE-2019-19923,CVE-2019-19925,CVE-2019-19926,CVE-2020-6381,CVE-2020-6382,CVE-2020-6385,CVE-2020-6387,CVE-2020-6388,CVE-2020-6389,CVE-2020-6390,CVE-2020-6391,CVE-2020-6392,CVE-2020-6393,CVE-2020-6394,CVE-2020-6395,CVE-2020-6396,CVE-2020-6397,CVE-2020-6398,CVE-2020-6399,CVE-2020-6400,CVE-2020-6401,CVE-2020-6402,CVE-2020-6403,CVE-2020-6404,CVE-2020-6405,CVE-2020-6406,CVE-2020-6408,CVE-2020-6409,CVE-2020-6410,CVE-2020-6411,CVE-2020-6412,CVE-2020-6413,CVE-2020-6414,CVE-2020-6415,CVE-2020-6416,CVE-2020-6417 Sources used: openSUSE Backports SLE-15-SP1 (src): chromium-80.0.3987.87-bp151.3.59.1 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c9 --- Comment #9 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1162833) was mentioned in https://build.opensuse.org/request/show/773714 Factory / chromium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c10 --- Comment #10 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1162833) was mentioned in https://build.opensuse.org/request/show/774592 Backports:SLE-12-SP3 / chromium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c11 --- Comment #11 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1162833) was mentioned in https://build.opensuse.org/request/show/774614 Backports:SLE-12+Backports:SLE-12-SP3 / chromium+re2 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c12 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #12 from Marcus Meissner <meissner@suse.com> --- done -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1162833 http://bugzilla.suse.com/show_bug.cgi?id=1162833#c13 --- Comment #13 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2020:0233-1: An update that fixes 38 vulnerabilities is now available. Category: security (important) Bug References: 1162833 CVE References: CVE-2019-18197,CVE-2019-19880,CVE-2019-19923,CVE-2019-19925,CVE-2019-19926,CVE-2020-6381,CVE-2020-6382,CVE-2020-6385,CVE-2020-6387,CVE-2020-6388,CVE-2020-6389,CVE-2020-6390,CVE-2020-6391,CVE-2020-6392,CVE-2020-6393,CVE-2020-6394,CVE-2020-6395,CVE-2020-6396,CVE-2020-6397,CVE-2020-6398,CVE-2020-6399,CVE-2020-6400,CVE-2020-6401,CVE-2020-6402,CVE-2020-6403,CVE-2020-6404,CVE-2020-6405,CVE-2020-6406,CVE-2020-6408,CVE-2020-6409,CVE-2020-6410,CVE-2020-6411,CVE-2020-6412,CVE-2020-6413,CVE-2020-6414,CVE-2020-6415,CVE-2020-6416,CVE-2020-6417 Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): chromium-80.0.3987.87-31.1, re2-20200101-25.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1162833 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| | |CVSSv2:NVD:CVE-2019-18197:5 |CVSSv3.1:SUSE:CVE-2019-1992 |.1:(AV:N/AC:H/Au:N/C:P/I:P/ |3:6.3:(AV:N/AC:L/PR:L/UI:N/ |A:P) |S:U/C:L/I:L/A:L) |CVSSv2:NVD:CVE-2019-19880:5 |CVSSv3:SUSE:CVE-2019-18197: |.0:(AV:N/AC:L/Au:N/C:N/I:N/ |4.9:(AV:L/AC:H/PR:N/UI:N/S: |A:P) |U/C:L/I:L/A:L) |CVSSv2:NVD:CVE-2019-19923:5 | |.0:(AV:N/AC:L/Au:N/C:N/I:N/ | |A:P) | |CVSSv2:NVD:CVE-2019-19926:5 | |.0:(AV:N/AC:L/Au:N/C:N/I:N/ | |A:P) | |CVSSv2:NVD:CVE-2020-6382:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6387:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6388:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6389:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6390:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6395:4. | |3:(AV:N/AC:M/Au:N/C:P/I:N/A | |:N) | |CVSSv2:NVD:CVE-2020-6409:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6410:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6411:5. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:N) | |CVSSv2:NVD:CVE-2020-6415:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv2:NVD:CVE-2020-6416:6. | |8:(AV:N/AC:M/Au:N/C:P/I:P/A | |:P) | |CVSSv3.1:NVD:CVE-2019-18197 | |:7.5:(AV:N/AC:H/PR:N/UI:R/S | |:U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2019-19880 | |:7.5:(AV:N/AC:L/PR:N/UI:N/S | |:U/C:N/I:N/A:H) | |CVSSv3.1:NVD:CVE-2019-19923 | |:7.5:(AV:N/AC:L/PR:N/UI:N/S | |:U/C:N/I:N/A:H) | |CVSSv3.1:NVD:CVE-2019-19926 | |:7.5:(AV:N/AC:L/PR:N/UI:N/S | |:U/C:N/I:N/A:H) | |CVSSv3.1:NVD:CVE-2020-6382: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6387: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6388: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6389: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6390: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6395: | |6.5:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:N/A:N) | |CVSSv3.1:NVD:CVE-2020-6409: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6410: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6411: | |5.4:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:L/I:L/A:N) | |CVSSv3.1:NVD:CVE-2020-6415: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:NVD:CVE-2020-6416: | |8.8:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:H/A:H) | |CVSSv3.1:SUSE:CVE-2019-1992 | |3:6.3:(AV:N/AC:L/PR:L/UI:N/ | |S:U/C:L/I:L/A:L) | |CVSSv3:SUSE:CVE-2019-18197: | |4.9:(AV:L/AC:H/PR:N/UI:N/S: | |U/C:L/I:L/A:L) | |CVSSv2:NVD:CVE-2020-6399:4. | |3:(AV:N/AC:M/Au:N/C:P/I:N/A | |:N) | |CVSSv3.1:NVD:CVE-2020-6399: | |6.5:(AV:N/AC:L/PR:N/UI:R/S: | |U/C:H/I:N/A:N) | -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1162833 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| | |CVSSv3.1:SUSE:CVE-2019-1992 |CVSSv3.1:SUSE:CVE-2019-1819 |3:6.3:(AV:N/AC:L/PR:L/UI:N/ |7:7.5:(AV:N/AC:H/PR:N/UI:R/ |S:U/C:L/I:L/A:L) |S:U/C:H/I:H/A:H) |CVSSv3:SUSE:CVE-2019-18197: |CVSSv3.1:SUSE:CVE-2019-1992 |4.9:(AV:L/AC:H/PR:N/UI:N/S: |3:6.3:(AV:N/AC:L/PR:L/UI:N/ |U/C:L/I:L/A:L) |S:U/C:L/I:L/A:L) -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1162833 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| | |CVSSv3.1:SUSE:CVE-2019-1819 |CVSSv3.1:SUSE:CVE-2019-1992 |7:7.5:(AV:N/AC:H/PR:N/UI:R/ |3:6.3:(AV:N/AC:L/PR:L/UI:N/ |S:U/C:H/I:H/A:H) |S:U/C:L/I:L/A:L) |CVSSv3.1:SUSE:CVE-2019-1992 |CVSSv3.1:SUSE:CVE-2019-1992 |3:6.3:(AV:N/AC:L/PR:L/UI:N/ |6:7.5:(AV:N/AC:L/PR:N/UI:N/ |S:U/C:L/I:L/A:L) |S:U/C:N/I:N/A:H) -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com