openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:2792-1
Rating:             important
References:         #1009892 #1009893 #1009894 #1009895 
Cross-References:   CVE-2016-5199 CVE-2016-5200 CVE-2016-5201
                    CVE-2016-5202
Affected Products:
                    SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.

Description:

   This update to Chromium 54.0.2840.100 fixes the following vulnerabilities:

   - CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892)
   - CVE-2016-5200: out of bounds memory access in v8 (boo#1009893)
   - CVE-2016-5201: info leak in extensions (boo#1009894)
   - CVE-2016-5202: various fixes from internal audits (boo#1009895)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Package Hub for SUSE Linux Enterprise 12:

      zypper in -t patch openSUSE-2016-1292=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

      chromedriver-54.0.2840.100-118.1
      chromedriver-debuginfo-54.0.2840.100-118.1
      chromium-54.0.2840.100-118.1
      chromium-debuginfo-54.0.2840.100-118.1
      chromium-debugsource-54.0.2840.100-118.1
      chromium-ffmpegsumo-54.0.2840.100-118.1
      chromium-ffmpegsumo-debuginfo-54.0.2840.100-118.1


References:

   https://www.suse.com/security/cve/CVE-2016-5199.html
   https://www.suse.com/security/cve/CVE-2016-5200.html
   https://www.suse.com/security/cve/CVE-2016-5201.html
   https://www.suse.com/security/cve/CVE-2016-5202.html
   https://bugzilla.suse.com/1009892
   https://bugzilla.suse.com/1009893
   https://bugzilla.suse.com/1009894
   https://bugzilla.suse.com/1009895

openSUSE: 2016:2792-1: important: Chromium

November 15, 2016
An update that fixes four vulnerabilities is now available

Description

This update to Chromium 54.0.2840.100 fixes the following vulnerabilities: - CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - CVE-2016-5201: info leak in extensions (boo#1009894) - CVE-2016-5202: various fixes from internal audits (boo#1009895)

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2016-1292=1 To bring your system up-to-date, use "zypper patch".


Package List

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): chromedriver-54.0.2840.100-118.1 chromedriver-debuginfo-54.0.2840.100-118.1 chromium-54.0.2840.100-118.1 chromium-debuginfo-54.0.2840.100-118.1 chromium-debugsource-54.0.2840.100-118.1 chromium-ffmpegsumo-54.0.2840.100-118.1 chromium-ffmpegsumo-debuginfo-54.0.2840.100-118.1


References

https://www.suse.com/security/cve/CVE-2016-5199.html https://www.suse.com/security/cve/CVE-2016-5200.html https://www.suse.com/security/cve/CVE-2016-5201.html https://www.suse.com/security/cve/CVE-2016-5202.html https://bugzilla.suse.com/1009892 https://bugzilla.suse.com/1009893 https://bugzilla.suse.com/1009894 https://bugzilla.suse.com/1009895


Severity
Announcement ID: openSUSE-SU-2016:2792-1
Rating: important
Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 .

Related News

21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved