Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 495
Alerts This Week
Warning Icon 1 495

openSUSE 12.1: 2012:0374-1 Important: Chromium Security Issues

opensuse
Calendar Grey March 16, 2012
Dist Opensuse Esm H88
Crucial openSUSE upgrade for Firefox and SpiderMonkey addresses 20 vulnerabilities, boosting overall security and system performance.
An update that fixes 16 vulnerabilities is now available

Description

Changes in chromium:

- Update to 19.0.1066

* Fixed Chrome install/update resets Google search

preferences (Issue: 105390)

* Don't trigger accelerated compositing on 3D CSS when

using swiftshader (Issue: 116401)

* Fixed a GPU crash (Issue: 116096)

* More fixes for Back button frequently hangs (Issue:

93427)

* Bastion now works (Issue: 116285)

* Fixed Composited layer sorting irregularity with

accelerated canvas (Issue: 102943)

* Fixed Composited layer sorting irregularity with

accelerated canvas (Issue: 102943)

* Fixed Google Feedback causes render process to use too

much memory (Issue: 114489)

* Fixed after upgrade, some pages are rendered as blank

(Issue: 109888)

* Fixed Pasting text into a single-line text field

shouldn't keep literal newlines (Issue: 106551)

- Security Fixes:

* Critical CVE-2011-3047: Errant plug-in load and GPU

process memory corruption

* Critical CVE-2011-3046: UXSS and bad history...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-165

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.1 (i586 x86_64):

chromium-19.0.1066.0-1.11.2

chromium-debuginfo-19.0.1066.0-1.11.2

chromium-debugsource-19.0.1066.0-1.11.2

chromium-desktop-gnome-19.0.1066.0-1.11.2

chromium-desktop-kde-19.0.1066.0-1.11.2

chromium-suid-helper-19.0.1066.0-1.11.2

chromium-suid-helper-debuginfo-19.0.1066.0-1.11.2

libv8-3-3.9.13.0-1.15.1

libv8-3-debuginfo-3.9.13.0-1.15.1

v8-debugsource-3.9.13.0-1.15.1

v8-devel-3.9.13.0-1.15.1

v8-private-headers-devel-3.9.13.0-1.15.1

References

https://www.suse.com/security/cve/CVE-2011-3031.html

https://www.suse.com/security/cve/CVE-2011-3032.html

https://www.suse.com/security/cve/CVE-2011-3033.html

https://www.suse.com/security/cve/CVE-2011-3034.html

https://www.suse.com/security/cve/CVE-2011-3035.html

https://www.suse.com/security/cve/CVE-2011-3036.html

https://www.suse.com/security/cve/CVE-2011-3037.html

https://www.suse.com/security/cve/CVE-2011-3038.html

https://www.suse.com/security/cve/CVE-2011-3039.html

https://www.suse.com/security/cve/CVE-2011-3040.html

https://www.suse.com/security/cve/CVE-2011-3041.html

https://www.suse.com/security/cve/CVE-2011-3042.html

https://www.suse.com/security/cve/CVE-2011-3043.html

https://www.suse.com/security/cve/CVE-2011-3044.html

https://www.suse.com/security/cve/CVE-2011-3046.html

https://www.suse.com/security/cve/CVE-2011-3047.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:0374-1
Rating: important
Affected Products: openSUSE 12.1 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.