Mailinglist Archive: opensuse-updates (170 mails)

< Previous Next >
openSUSE-SU-2016:0491-1: moderate: Security update for Chromium
openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:0491-1
Rating: moderate
References: #965566 #965738 #965999 #966082
Cross-References: CVE-2016-1622 CVE-2016-1623 CVE-2016-1624
CVE-2016-1625 CVE-2016-1626 CVE-2016-1627

Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update to Chromium 48.0.2564.109 fixes the following issues:

Security fixes (boo#965999):

- CVE-2016-1622: Same-origin bypass in Extensions
- CVE-2016-1623: Same-origin bypass in DOM
- CVE-2016-1624: Buffer overflow in Brotli
- CVE-2016-1625: Navigation bypass in Chrome Instant
- CVE-2016-1626: Out-of-bounds read in PDFium
- CVE-2016-1627: Various fixes from internal audits, fuzzing and other
initiatives

Non-security bug fixes:

- boo#965738: resolve issues with specific banking websites when built
against system libraries
- boo#966082: chromium: sandbox related stacktrace printed
- boo#965566: Drop libva support
- Prevent graphical issues related to libjpeg
- On KDE 5 kwallet5 is the default password store now


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2016-221=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

chromedriver-48.0.2564.109-49.1
chromedriver-debuginfo-48.0.2564.109-49.1
chromium-48.0.2564.109-49.1
chromium-debuginfo-48.0.2564.109-49.1
chromium-debugsource-48.0.2564.109-49.1
chromium-desktop-gnome-48.0.2564.109-49.1
chromium-desktop-kde-48.0.2564.109-49.1
chromium-ffmpegsumo-48.0.2564.109-49.1
chromium-ffmpegsumo-debuginfo-48.0.2564.109-49.1


References:

https://www.suse.com/security/cve/CVE-2016-1622.html
https://www.suse.com/security/cve/CVE-2016-1623.html
https://www.suse.com/security/cve/CVE-2016-1624.html
https://www.suse.com/security/cve/CVE-2016-1625.html
https://www.suse.com/security/cve/CVE-2016-1626.html
https://www.suse.com/security/cve/CVE-2016-1627.html
https://bugzilla.suse.com/965566
https://bugzilla.suse.com/965738
https://bugzilla.suse.com/965999
https://bugzilla.suse.com/966082


< Previous Next >
This Thread
  • No further messages