Mailinglist Archive: opensuse-updates (174 mails)
< Previous | Next > |
openSUSE-SU-2015:1873-1: moderate: Security update for Chromium
- From: opensuse-security@xxxxxxxxxxxx
- Date: Mon, 2 Nov 2015 16:34:31 +0100 (CET)
- Message-id: <20151102153431.90399320B7@maintenance.suse.de>
openSUSE Security Update: Security update for Chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1873-1
Rating: moderate
References: #944144
Cross-References: CVE-2015-1291 CVE-2015-1292 CVE-2015-1293
CVE-2015-1294 CVE-2015-1295 CVE-2015-1296
CVE-2015-1297 CVE-2015-1298 CVE-2015-1299
CVE-2015-1300 CVE-2015-1301
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
Chromium was updated to the 45.0.2454.85 of the stable channel to fix
multiple security issues.
The following vulnerabilities were fixed:
* CVE-2015-1291: Cross-origin bypass in DOM
* CVE-2015-1292: Cross-origin bypass in ServiceWorker
* CVE-2015-1293: Cross-origin bypass in DOM
* CVE-2015-1294: Use-after-free in Skia
* CVE-2015-1295: Use-after-free in Printing
* CVE-2015-1296: Character spoofing in omnibox
* CVE-2015-1297: Permission scoping error in WebRequest
* CVE-2015-1298: URL validation error in extensions
* CVE-2015-1299: Use-after-free in Blink
* CVE-2015-1300: Information leak in Blink
* CVE-2015-1301: Various fixes from internal audits, fuzzing and other
initiatives.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2015-595=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):
chromedriver-45.0.2454.85-17.1
chromedriver-debuginfo-45.0.2454.85-17.1
chromium-45.0.2454.85-17.1
chromium-debuginfo-45.0.2454.85-17.1
chromium-debugsource-45.0.2454.85-17.1
chromium-desktop-gnome-45.0.2454.85-17.1
chromium-desktop-kde-45.0.2454.85-17.1
chromium-ffmpegsumo-45.0.2454.85-17.1
chromium-ffmpegsumo-debuginfo-45.0.2454.85-17.1
References:
https://www.suse.com/security/cve/CVE-2015-1291.html
https://www.suse.com/security/cve/CVE-2015-1292.html
https://www.suse.com/security/cve/CVE-2015-1293.html
https://www.suse.com/security/cve/CVE-2015-1294.html
https://www.suse.com/security/cve/CVE-2015-1295.html
https://www.suse.com/security/cve/CVE-2015-1296.html
https://www.suse.com/security/cve/CVE-2015-1297.html
https://www.suse.com/security/cve/CVE-2015-1298.html
https://www.suse.com/security/cve/CVE-2015-1299.html
https://www.suse.com/security/cve/CVE-2015-1300.html
https://www.suse.com/security/cve/CVE-2015-1301.html
https://bugzilla.suse.com/944144
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1873-1
Rating: moderate
References: #944144
Cross-References: CVE-2015-1291 CVE-2015-1292 CVE-2015-1293
CVE-2015-1294 CVE-2015-1295 CVE-2015-1296
CVE-2015-1297 CVE-2015-1298 CVE-2015-1299
CVE-2015-1300 CVE-2015-1301
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
Chromium was updated to the 45.0.2454.85 of the stable channel to fix
multiple security issues.
The following vulnerabilities were fixed:
* CVE-2015-1291: Cross-origin bypass in DOM
* CVE-2015-1292: Cross-origin bypass in ServiceWorker
* CVE-2015-1293: Cross-origin bypass in DOM
* CVE-2015-1294: Use-after-free in Skia
* CVE-2015-1295: Use-after-free in Printing
* CVE-2015-1296: Character spoofing in omnibox
* CVE-2015-1297: Permission scoping error in WebRequest
* CVE-2015-1298: URL validation error in extensions
* CVE-2015-1299: Use-after-free in Blink
* CVE-2015-1300: Information leak in Blink
* CVE-2015-1301: Various fixes from internal audits, fuzzing and other
initiatives.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2015-595=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):
chromedriver-45.0.2454.85-17.1
chromedriver-debuginfo-45.0.2454.85-17.1
chromium-45.0.2454.85-17.1
chromium-debuginfo-45.0.2454.85-17.1
chromium-debugsource-45.0.2454.85-17.1
chromium-desktop-gnome-45.0.2454.85-17.1
chromium-desktop-kde-45.0.2454.85-17.1
chromium-ffmpegsumo-45.0.2454.85-17.1
chromium-ffmpegsumo-debuginfo-45.0.2454.85-17.1
References:
https://www.suse.com/security/cve/CVE-2015-1291.html
https://www.suse.com/security/cve/CVE-2015-1292.html
https://www.suse.com/security/cve/CVE-2015-1293.html
https://www.suse.com/security/cve/CVE-2015-1294.html
https://www.suse.com/security/cve/CVE-2015-1295.html
https://www.suse.com/security/cve/CVE-2015-1296.html
https://www.suse.com/security/cve/CVE-2015-1297.html
https://www.suse.com/security/cve/CVE-2015-1298.html
https://www.suse.com/security/cve/CVE-2015-1299.html
https://www.suse.com/security/cve/CVE-2015-1300.html
https://www.suse.com/security/cve/CVE-2015-1301.html
https://bugzilla.suse.com/944144
< Previous | Next > |