Mailinglist Archive: opensuse-bugs (6588 mails)

< Previous Next >
[Bug 1143492] New: VUL-0: chromium: multiple security issues fixed in 76.0.3809.87
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 30 Jul 2019 19:17:23 +0000
  • Message-id: <bug-1143492-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1143492


Bug ID: 1143492
Summary: VUL-0: chromium: multiple security issues fixed in
76.0.3809.87
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 15.1
Hardware: Other
OS: Other
Status: NEW
Severity: Major
Priority: P5 - None
Component: Security
Assignee: tchvatal@xxxxxxxx
Reporter: Andreas.Stieger@xxxxxx
QA Contact: security-team@xxxxxxx
Found By: ---
Blocker: ---

https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html

* CVE-2019-5850: Use-after-free in offline page fetcher
* CVE-2019-5860: Use-after-free in PDFium
* CVE-2019-5853: Memory corruption in regexp length check
* CVE-2019-5851: Use-after-poison in offline audio context
* CVE-2019-5859: res: URIs can load alternative browsers
* CVE-2019-5856: Insufficient checks on filesystem: URI permissions
* CVE-2019-5855: Integer overflow in PDFium
* CVE-2019-5865: Site isolation bypass from compromised renderer
* CVE-2019-5858: Insufficient filtering of Open URL service parameters
* CVE-2019-5864: Insufficient port filtering in CORS for extensions
* CVE-2019-5862: AppCache not robust to compromised renderers
* CVE-2019-5861: Click location incorrectly checked
* CVE-2019-5857: Comparison of -0 and null yields crash
* CVE-2019-5854: Integer overflow in PDFium text rendering
* CVE-2019-5852: Object leak of utility functions
* Various fixes from internal audits, fuzzing and other initiatives

Not affected:
* CVE-2019-5863: Use-after-free in WebUSB on Windows

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
This Thread
  • No further messages