Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 504
Alerts This Week
Warning Icon 1 504

openSUSE 13.2 Security Update: Important Fix for Chromium Executions

opensuse
Calendar Grey April 8, 2015
Dist Opensuse Esm H88
A crucial patch for openSUSE targeting vulnerabilities in Firefox to avert unauthorized code execution and additional issues.
An update that fixes two vulnerabilities is now available.

Description

Chromium was updated to 41.0.2272.118 to fix two security issues.

The following vulnerabilities were fixed:

* A combination of V8, Gamepad and IPC bugs could lead to remote code

execution outside of the sandbox (CVE-2015-1233, boo#925713)

* Buffer overflow via race condition in GPU (CVE-2015-1234, boo#925714)

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-298=1

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-298=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 13.2 (i586 x86_64):

chromedriver-41.0.2272.118-20.1

chromedriver-debuginfo-41.0.2272.118-20.1

chromium-41.0.2272.118-20.1

chromium-debuginfo-41.0.2272.118-20.1

chromium-debugsource-41.0.2272.118-20.1

chromium-desktop-gnome-41.0.2272.118-20.1

chromium-desktop-kde-41.0.2272.118-20.1

chromium-ffmpegsumo-41.0.2272.118-20.1

chromium-ffmpegsumo-debuginfo-41.0.2272.118-20.1

- openSUSE 13.1 (i586 x86_64):

chromedriver-41.0.2272.118-75.1

chromedriver-debuginfo-41.0.2272.118-75.1

chromium-41.0.2272.118-75.1

chromium-debuginfo-41.0.2272.118-75.1

chromium-debugsource-41.0.2272.118-75.1

chromium-desktop-gnome-41.0.2272.118-75.1

chromium-desktop-kde-41.0.2272.118-75.1

chromium-ffmpegsumo-41.0.2272.118-75.1

chromium-ffmpegsumo-debuginfo-41.0.2272.118-75.1

References

https://www.suse.com/security/cve/CVE-2015-1233.html

https://www.suse.com/security/cve/CVE-2015-1234.html

https://bugzilla.suse.com/925713

https://bugzilla.suse.com/925714

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2015:0682-1
Rating: important
Affected Products: openSUSE 13.2 openSUSE 13.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.