Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

openSUSE: 2019:0206-1 Important: Chromium Security Issues Fixed

opensuse
Calendar Grey February 18, 2019
Dist Opensuse Esm H88
Crucial security patch for openSUSE Chromium addresses 30 vulnerabilities, notably including use-after-free and buffer overflow flaws.
An update that fixes 30 vulnerabilities is now available.

Description

This update for Chromium to version 72.0.3626.96 fixes the following

issues:

Security issues fixed (bsc#1123641 and bsc#1124936):

- CVE-2019-5784: Inappropriate implementation in V8

- CVE-2019-5754: Inappropriate implementation in QUIC Networking.

- CVE-2019-5782: Inappropriate implementation in V8.

- CVE-2019-5755: Inappropriate implementation in V8.

- CVE-2019-5756: Use after free in PDFium.

- CVE-2019-5757: Type Confusion in SVG.

- CVE-2019-5758: Use after free in Blink.

- CVE-2019-5759: Use after free in HTML select elements.

- CVE-2019-5760: Use after free in WebRTC.

- CVE-2019-5761: Use after free in SwiftShader.

- CVE-2019-5762: Use after free in PDFium.

- CVE-2019-5763: Insufficient validation of untrusted input in V8.

- CVE-2019-5764: Use after free in WebRTC.

- CVE-2019-5765: Insufficient policy enforcement in the browser.

- CVE-2019-5766: Insufficient policy enforcement in Canvas.

-...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2019-206=1

Package List

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

chromedriver-72.0.3626.96-88.1

chromedriver-debuginfo-72.0.3626.96-88.1

chromium-72.0.3626.96-88.1

chromium-debuginfo-72.0.3626.96-88.1

chromium-debugsource-72.0.3626.96-88.1

References

https://www.suse.com/security/cve/CVE-2019-5754.html

https://www.suse.com/security/cve/CVE-2019-5755.html

https://www.suse.com/security/cve/CVE-2019-5756.html

https://www.suse.com/security/cve/CVE-2019-5757.html

https://www.suse.com/security/cve/CVE-2019-5758.html

https://www.suse.com/security/cve/CVE-2019-5759.html

https://www.suse.com/security/cve/CVE-2019-5760.html

https://www.suse.com/security/cve/CVE-2019-5761.html

https://www.suse.com/security/cve/CVE-2019-5762.html

https://www.suse.com/security/cve/CVE-2019-5763.html

https://www.suse.com/security/cve/CVE-2019-5764.html

https://www.suse.com/security/cve/CVE-2019-5765.html

https://www.suse.com/security/cve/CVE-2019-5766.html

https://www.suse.com/security/cve/CVE-2019-5767.html

https://www.suse.com/security/cve/CVE-2019-5768.html

https://www.suse.com/security/cve/CVE-2019-5769.html

https://www.suse.com/security/cve/CVE-2019-5770.html

https://www.suse.com/security/cve/CVE-2019-5771.html

https://www.suse.com/security/cve/CVE-2019-5772.html

https://www....

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:0206-1
Rating: important
Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here