openSUSE Security Update: Security update for Chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:1816-1 Rating: moderate References: #950290 Cross-References: CVE-2015-6755 CVE-2015-6756 CVE-2015-6757 CVE-2015-6758 CVE-2015-6759 CVE-2015-6760 CVE-2015-6761 CVE-2015-6762 CVE-2015-6763 CVE-2015-6764 CVE-2015-7834 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: Chromium was update do the stable release 46.0.2490.71 to fix security issues. The following vulnerabilities were fixed: * CVE-2015-6755: Cross-origin bypass in Blink * CVE-2015-6756: Use-after-free in PDFium * CVE-2015-6757: Use-after-free in ServiceWorker * CVE-2015-6758: Bad-cast in PDFium * CVE-2015-6759: Information leakage in LocalStorage * CVE-2015-6760: Improper error handling in libANGLE * CVE-2015-6761: Memory corruption in FFMpeg * CVE-2015-6762: CORS bypass via CSS fonts * CVE-2015-6763: Various fixes from internal audits, fuzzing and other initiatives. * CVE-2015-7834: Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-679=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-679=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (armv7hl): chromedriver-46.0.2490.71-54.1 chromedriver-debuginfo-46.0.2490.71-54.1 chromium-46.0.2490.71-54.1 chromium-debuginfo-46.0.2490.71-54.1 chromium-debugsource-46.0.2490.71-54.1 chromium-desktop-gnome-46.0.2490.71-54.1 chromium-desktop-kde-46.0.2490.71-54.1 chromium-ffmpegsumo-46.0.2490.71-54.1 chromium-ffmpegsumo-debuginfo-46.0.2490.71-54.1 - openSUSE 13.1 (armv7hl): chromedriver-46.0.2490.71-109.1 chromedriver-debuginfo-46.0.2490.71-109.1 chromium-46.0.2490.71-109.1 chromium-debuginfo-46.0.2490.71-109.1 chromium-debugsource-46.0.2490.71-109.1 chromium-desktop-gnome-46.0.2490.71-109.1 chromium-desktop-kde-46.0.2490.71-109.1 chromium-ffmpegsumo-46.0.2490.71-109.1 chromium-ffmpegsumo-debuginfo-46.0.2490.71-109.1 References: https://www.suse.com/security/cve/CVE-2015-6755.html https://www.suse.com/security/cve/CVE-2015-6756.html https://www.suse.com/security/cve/CVE-2015-6757.html https://www.suse.com/security/cve/CVE-2015-6758.html https://www.suse.com/security/cve/CVE-2015-6759.html https://www.suse.com/security/cve/CVE-2015-6760.html https://www.suse.com/security/cve/CVE-2015-6761.html https://www.suse.com/security/cve/CVE-2015-6762.html https://www.suse.com/security/cve/CVE-2015-6763.html https://www.suse.com/security/cve/CVE-2015-6764.html https://www.suse.com/security/cve/CVE-2015-7834.html https://bugzilla.suse.com/950290