Mailinglist Archive: opensuse-bugs (4652 mails)

< Previous Next >
[Bug 1044348] New: VUL-1: CVE-2017-5084: chromium: Local access to local files via dbus
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 14 Jun 2017 16:56:05 +0000
  • Message-id: <bug-1044348-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1044348


Bug ID: 1044348
Summary: VUL-1: CVE-2017-5084: chromium: Local access to local
files via dbus
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team@xxxxxxx
Reporter: abergmann@xxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: Security Response Team
Blocker: ---

CVE-2017-5084

The Stable channel has been updated to 59.0.3071.91, 59.0.3071.92 (Platform
version: 9460.60.0, 9460.60.2) for all Chrome OS devices except the Google
Chromebook Pixel (2015). This build contains a number of bug fixes, security
updates, and feature enhancements. Systems will be receiving updates over the
next several days.
Some highlights of these changes are:

Chrome apps running in kiosk mode can access Networking APIs for kiosk
network management and Audio APIs
Chrome OS Native Printing

Security Fixes:
Note: Access to bug details and links may be kept restricted until a majority
of users are updated with a fix. We will also retain restrictions if the bug
exists in a third party library that other projects similarly depend on, but
haven’t yet fixed.

[$N/A] [702030] Low CVE-2017-5084: Local access to local files via dbus.
Reported by Rory McNamara on 2017-03-17

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5084
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5084.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5084
https://bugs.chromium.org/p/chromium/issues/detail?id=702030
https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-chrome-os.html

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
Follow Ups