Mailinglist Archive: opensuse-updates (174 mails)

< Previous Next >
openSUSE-SU-2015:1873-1: moderate: Security update for Chromium
openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:1873-1
Rating: moderate
References: #944144
Cross-References: CVE-2015-1291 CVE-2015-1292 CVE-2015-1293
CVE-2015-1294 CVE-2015-1295 CVE-2015-1296
CVE-2015-1297 CVE-2015-1298 CVE-2015-1299
CVE-2015-1300 CVE-2015-1301
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes 11 vulnerabilities is now available.

Description:

Chromium was updated to the 45.0.2454.85 of the stable channel to fix
multiple security issues.

The following vulnerabilities were fixed:

* CVE-2015-1291: Cross-origin bypass in DOM
* CVE-2015-1292: Cross-origin bypass in ServiceWorker
* CVE-2015-1293: Cross-origin bypass in DOM
* CVE-2015-1294: Use-after-free in Skia
* CVE-2015-1295: Use-after-free in Printing
* CVE-2015-1296: Character spoofing in omnibox
* CVE-2015-1297: Permission scoping error in WebRequest
* CVE-2015-1298: URL validation error in extensions
* CVE-2015-1299: Use-after-free in Blink
* CVE-2015-1300: Information leak in Blink
* CVE-2015-1301: Various fixes from internal audits, fuzzing and other
initiatives.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2015-595=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

chromedriver-45.0.2454.85-17.1
chromedriver-debuginfo-45.0.2454.85-17.1
chromium-45.0.2454.85-17.1
chromium-debuginfo-45.0.2454.85-17.1
chromium-debugsource-45.0.2454.85-17.1
chromium-desktop-gnome-45.0.2454.85-17.1
chromium-desktop-kde-45.0.2454.85-17.1
chromium-ffmpegsumo-45.0.2454.85-17.1
chromium-ffmpegsumo-debuginfo-45.0.2454.85-17.1


References:

https://www.suse.com/security/cve/CVE-2015-1291.html
https://www.suse.com/security/cve/CVE-2015-1292.html
https://www.suse.com/security/cve/CVE-2015-1293.html
https://www.suse.com/security/cve/CVE-2015-1294.html
https://www.suse.com/security/cve/CVE-2015-1295.html
https://www.suse.com/security/cve/CVE-2015-1296.html
https://www.suse.com/security/cve/CVE-2015-1297.html
https://www.suse.com/security/cve/CVE-2015-1298.html
https://www.suse.com/security/cve/CVE-2015-1299.html
https://www.suse.com/security/cve/CVE-2015-1300.html
https://www.suse.com/security/cve/CVE-2015-1301.html
https://bugzilla.suse.com/944144


< Previous Next >
This Thread
  • No further messages