Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

openSUSE: 2019:2155-1 Important: Chromium Browser Update

opensuse
Calendar Grey September 20, 2019
Dist Opensuse Esm H88
Important news regarding chromium's latest release, addressing numerous security flaws. Make sure your openSUSE installation is current for optimal protection.
An update that fixes 35 vulnerabilities is now available.

Description

This update for chromium fixes the following issues:

Security issues fixed:

- CVE-2019-5870: Fixed a use-after-free in media. (boo#1150425)

- CVE-2019-5871: Fixed a heap overflow in Skia. (boo#1150425)

- CVE-2019-5872: Fixed a use-after-free in Mojo (boo#1150425)

- CVE-2019-5874: Fixed a behavior that made external URIs trigger other

browsers. (boo#1150425)

- CVE-2019-5875: Fixed a URL bar spoof via download redirect. (boo#1150425)

- CVE-2019-5876: Fixed a use-after-free in media (boo#1150425)

- CVE-2019-5877: Fixed an out-of-bounds access in V8. (boo#1150425)

- CVE-2019-5878: Fixed a use-after-free in V8. (boo#1150425)

- CVE-2019-5879: Fixed an extension issue that allowed the bypass of a

same origin policy. (boo#1150425)

- CVE-2019-5880: Fixed a SameSite cookie bypass. (boo#1150425)

- CVE-2019-5881: Fixed an arbitrary read in SwiftShader. (boo#1150425)

- CVE-2019-13659: Fixed an URL spoof. (boo#1150425)

- CVE-2019-13660:...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update vulnerability important openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2019-2155=1

Package List

- openSUSE Backports SLE-15 (aarch64 x86_64):

chromedriver-77.0.3865.75-bp150.231.1

chromium-77.0.3865.75-bp150.231.1

References

https://www.suse.com/security/cve/CVE-2019-13659.html

https://www.suse.com/security/cve/CVE-2019-13660.html

https://www.suse.com/security/cve/CVE-2019-13661.html

https://www.suse.com/security/cve/CVE-2019-13662.html

https://www.suse.com/security/cve/CVE-2019-13663.html

https://www.suse.com/security/cve/CVE-2019-13664.html

https://www.suse.com/security/cve/CVE-2019-13665.html

https://www.suse.com/security/cve/CVE-2019-13666.html

https://www.suse.com/security/cve/CVE-2019-13667.html

https://www.suse.com/security/cve/CVE-2019-13668.html

https://www.suse.com/security/cve/CVE-2019-13669.html

https://www.suse.com/security/cve/CVE-2019-13670.html

https://www.suse.com/security/cve/CVE-2019-13671.html

https://www.suse.com/security/cve/CVE-2019-13673.html

https://www.suse.com/security/cve/CVE-2019-13674.html

https://www.suse.com/security/cve/CVE-2019-13675.html

https://www.suse.com/security/cve/CVE-2019-13676.html

https://www.suse.com/security/cve/CVE-2019-13677.html

https://www.suse.com/security/cve/CVE-2019-136...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:2155-1
Rating: important
Affected Products: openSUSE Backports SLE-15

Topics%20covered

Topics Covered

security advisory update vulnerability important openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here