Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

openSUSE 13.1: 2014:0243-1 Important: Chromium Memory Fix

opensuse
Calendar Grey February 18, 2014
Dist Opensuse Esm H88
Safety Patch for Ubuntu resolves numerous vulnerabilities in firefox, bolstering defense against serious threats.
An update that fixes 7 vulnerabilities is now available

Description

Chromium was updated to version 32.0.1700.102: Stable

channel update:

- Security Fixes:

* CVE-2013-6649: Use-after-free in SVG images

* CVE-2013-6650: Memory corruption in V8

* and 12 other fixes

- Other:

* Mouse Pointer disappears after exiting full-screen

mode

* Drag and drop files into Chromium may not work

properly

* Quicktime Plugin crashes in Chromium

* Chromium becomes unresponsive

* Trackpad users may not be able to scroll horizontally

* Scrolling does not work in combo box

* Chromium does not work with all CSS minifiers such

as whitespace around a media query's `and` keyword

- Update to Chromium 32.0.1700.77 Stable channel update:

- Security fixes:

* CVE-2013-6646: Use-after-free in web workers * CVE-2013-6641: Use-after-free related to forms

* CVE-2013-6643: Unprompted sync with an attacker’s

Google account

* CVE-2013-6645: Use-after-free related to speech

input elements

* CVE-2013-6644:...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory memory corruption security fix important openSUSE use-after-free chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-135

- openSUSE 12.3:

zypper in -t patch openSUSE-2014-135

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 13.1 (i586 x86_64):

chromedriver-32.0.1700.102-17.2

chromedriver-debuginfo-32.0.1700.102-17.2

chromium-32.0.1700.102-17.2

chromium-debuginfo-32.0.1700.102-17.2

chromium-debugsource-32.0.1700.102-17.2

chromium-desktop-gnome-32.0.1700.102-17.2

chromium-desktop-kde-32.0.1700.102-17.2

chromium-ffmpegsumo-32.0.1700.102-17.2

chromium-ffmpegsumo-debuginfo-32.0.1700.102-17.2

chromium-suid-helper-32.0.1700.102-17.2

chromium-suid-helper-debuginfo-32.0.1700.102-17.2

- openSUSE 12.3 (i586 x86_64):

chromedriver-32.0.1700.102-1.25.2

chromedriver-debuginfo-32.0.1700.102-1.25.2

chromium-32.0.1700.102-1.25.2

chromium-debuginfo-32.0.1700.102-1.25.2

chromium-debugsource-32.0.1700.102-1.25.2

chromium-desktop-gnome-32.0.1700.102-1.25.2

chromium-desktop-kde-32.0.1700.102-1.25.2

chromium-ffmpegsumo-32.0.1700.102-1.25.2

chromium-ffmpegsumo-debuginfo-32.0.1700.102-1.25.2

chromium-suid-helper-32.0.1700.102-1.25.2

chromium-suid-helper-debuginfo-32.0.1700.102-1.25.2

References

https://www.suse.com/security/cve/CVE-2013-6641.html

https://www.suse.com/security/cve/CVE-2013-6643.html

https://www.suse.com/security/cve/CVE-2013-6644.html

https://www.suse.com/security/cve/CVE-2013-6645.html

https://www.suse.com/security/cve/CVE-2013-6646.html

https://www.suse.com/security/cve/CVE-2013-6649.html

https://www.suse.com/security/cve/CVE-2013-6650.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2014:0243-1
Rating: important
Affected Products: openSUSE 13.1 openSUSE 12.3 .

Topics%20covered

Topics Covered

security advisory memory corruption security fix important openSUSE use-after-free chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here