Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

openSUSE 12.2: SUSE-SU-2013:1777-1 Important: Memory Corruption Fixes

opensuse
Calendar Grey November 27, 2013
Dist Opensuse Esm H88
Crucial openSUSE Security Patch for Firefox tackling 15 severe vulnerabilities to maintain system safety and reliability.
An update that fixes 13 vulnerabilities is now available.

Description

Chromium was updated to 31.0.1650.57: Stable channel update:

- Security Fixes:

* CVE-2013-6632: Multiple memory corruption issues.

- Update to Chromium 31.0.1650.48 (bnc#850430) Stable

Channel update:

- Security fixes:

* CVE-2013-6621: Use after free related to speech input

elements..

* CVE-2013-6622: Use after free related to media

elements.

* CVE-2013-6623: Out of bounds read in SVG.

* CVE-2013-6624: Use after free related to “id”

attribute strings.

* CVE-2013-6625: Use after free in DOM ranges.

* CVE-2013-6626: Address bar spoofing related to

interstitial warnings.

* CVE-2013-6627: Out of bounds read in HTTP parsing.

* CVE-2013-6628: Issue with certificates not being

checked during TLS renegotiation.

* CVE-2013-2931: Various fixes from internal audits,

fuzzing and other initiatives.

* CVE-2013-6629: Read of uninitialized memory in

libjpeg and libjpeg-turbo.

* CVE-2013-6630: Read of uninitialized memory...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update memory corruption important system integrity openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-904

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.2 (i586 x86_64):

chromedriver-31.0.1650.57-1.54.1

chromedriver-debuginfo-31.0.1650.57-1.54.1

chromium-31.0.1650.57-1.54.1

chromium-debuginfo-31.0.1650.57-1.54.1

chromium-debugsource-31.0.1650.57-1.54.1

chromium-desktop-gnome-31.0.1650.57-1.54.1

chromium-desktop-kde-31.0.1650.57-1.54.1

chromium-ffmpegsumo-31.0.1650.57-1.54.1

chromium-ffmpegsumo-debuginfo-31.0.1650.57-1.54.1

chromium-suid-helper-31.0.1650.57-1.54.1

chromium-suid-helper-debuginfo-31.0.1650.57-1.54.1

References

https://www.suse.com/security/cve/CVE-2013-2931.html

https://www.suse.com/security/cve/CVE-2013-6621.html

https://www.suse.com/security/cve/CVE-2013-6622.html

https://www.suse.com/security/cve/CVE-2013-6623.html

https://www.suse.com/security/cve/CVE-2013-6624.html

https://www.suse.com/security/cve/CVE-2013-6625.html

https://www.suse.com/security/cve/CVE-2013-6626.html

https://www.suse.com/security/cve/CVE-2013-6627.html

https://www.suse.com/security/cve/CVE-2013-6628.html

https://www.suse.com/security/cve/CVE-2013-6629.html

https://www.suse.com/security/cve/CVE-2013-6630.html

https://www.suse.com/security/cve/CVE-2013-6631.html

https://www.suse.com/security/cve/CVE-2013-6632.html

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2013:1777-1
Rating: important
Affected Products: openSUSE 12.2

Topics%20covered

Topics Covered

security advisory update memory corruption important system integrity openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here