openSUSE: 2019:2692-1: important: chromium

    Date16 Dec 2019
    135
    Posted ByLinuxSecurity Advisories
    An update that fixes 37 vulnerabilities is now available.
       openSUSE Security Update: Security update for chromium
    ______________________________________________________________________________
    
    Announcement ID:    openSUSE-SU-2019:2692-1
    Rating:             important
    References:         #1158982 
    Cross-References:   CVE-2019-13725 CVE-2019-13726 CVE-2019-13727
                        CVE-2019-13728 CVE-2019-13729 CVE-2019-13730
                        CVE-2019-13732 CVE-2019-13734 CVE-2019-13735
                        CVE-2019-13736 CVE-2019-13737 CVE-2019-13738
                        CVE-2019-13739 CVE-2019-13740 CVE-2019-13741
                        CVE-2019-13742 CVE-2019-13743 CVE-2019-13744
                        CVE-2019-13745 CVE-2019-13746 CVE-2019-13747
                        CVE-2019-13748 CVE-2019-13749 CVE-2019-13750
                        CVE-2019-13751 CVE-2019-13752 CVE-2019-13753
                        CVE-2019-13754 CVE-2019-13755 CVE-2019-13756
                        CVE-2019-13757 CVE-2019-13758 CVE-2019-13759
                        CVE-2019-13761 CVE-2019-13762 CVE-2019-13763
                        CVE-2019-13764
    Affected Products:
                        SUSE Package Hub for SUSE Linux Enterprise 12
    ______________________________________________________________________________
    
       An update that fixes 37 vulnerabilities is now available.
    
    Description:
    
       This update for chromium fixes the following issues:
    
       Chromium was updated to 79.0.3945.79 (boo#1158982)
    
       -  CVE-2019-13725: Fixed a use after free in Bluetooth
       -  CVE-2019-13726: Fixed a heap buffer overflow in password manager
       -  CVE-2019-13727: Fixed an insufficient policy enforcement in WebSockets
       -  CVE-2019-13728: Fixed an out of bounds write in V8
       -  CVE-2019-13729: Fixed a use after free in WebSockets
       -  CVE-2019-13730: Fixed a type Confusion in V8
       -  CVE-2019-13732: Fixed a use after free in WebAudio
       -  CVE-2019-13734: Fixed an out of bounds write in SQLite
       -  CVE-2019-13735: Fixed an out of bounds write in V8
       -  CVE-2019-13764: Fixed a type Confusion in V8
       -  CVE-2019-13736: Fixed an integer overflow in PDFium
       -  CVE-2019-13737: Fixed an insufficient policy enforcement in autocomplete
       -  CVE-2019-13738: Fixed an insufficient policy enforcement in navigation
       -  CVE-2019-13739: Fixed an incorrect security UI in Omnibox
       -  CVE-2019-13740: Fixed an incorrect security UI in sharing
       -  CVE-2019-13741: Fixed an insufficient validation of untrusted input in
          Blink
       -  CVE-2019-13742: Fixed an incorrect security UI in Omnibox
       -  CVE-2019-13743: Fixed an incorrect security UI in external protocol
          handling
       -  CVE-2019-13744: Fixed an insufficient policy enforcement in cookies
       -  CVE-2019-13745: Fixed an insufficient policy enforcement in audio
       -  CVE-2019-13746: Fixed an insufficient policy enforcement in Omnibox
       -  CVE-2019-13747: Fixed an uninitialized Use in rendering
       -  CVE-2019-13748: Fixed an insufficient policy enforcement in developer
          tools
       -  CVE-2019-13749: Fixed an incorrect security UI in Omnibox
       -  CVE-2019-13750: Fixed an insufficient data validation in SQLite
       -  CVE-2019-13751: Fixed an uninitialized Use in SQLite
       -  CVE-2019-13752: Fixed an out of bounds read in SQLite
       -  CVE-2019-13753: Fixed an out of bounds read in SQLite
       -  CVE-2019-13754: Fixed an insufficient policy enforcement in extensions
       -  CVE-2019-13755: Fixed an insufficient policy enforcement in extensions
       -  CVE-2019-13756: Fixed an incorrect security UI in printing
       -  CVE-2019-13757: Fixed an incorrect security UI in Omnibox
       -  CVE-2019-13758: Fixed an insufficient policy enforcement in navigation
       -  CVE-2019-13759: Fixed an incorrect security UI in interstitials
       -  CVE-2019-13761: Fixed an incorrect security UI in Omnibox
       -  CVE-2019-13762: Fixed an insufficient policy enforcement in downloads
       -  CVE-2019-13763: Fixed an insufficient policy enforcement in payments
    
    
    Patch Instructions:
    
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Package Hub for SUSE Linux Enterprise 12:
    
          zypper in -t patch openSUSE-2019-2692=1
    
    
    
    Package List:
    
       - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 x86_64):
    
          chromedriver-79.0.3945.79-19.1
          chromedriver-debuginfo-79.0.3945.79-19.1
          chromium-79.0.3945.79-19.1
          chromium-debuginfo-79.0.3945.79-19.1
          chromium-debugsource-79.0.3945.79-19.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-13725.html
       https://www.suse.com/security/cve/CVE-2019-13726.html
       https://www.suse.com/security/cve/CVE-2019-13727.html
       https://www.suse.com/security/cve/CVE-2019-13728.html
       https://www.suse.com/security/cve/CVE-2019-13729.html
       https://www.suse.com/security/cve/CVE-2019-13730.html
       https://www.suse.com/security/cve/CVE-2019-13732.html
       https://www.suse.com/security/cve/CVE-2019-13734.html
       https://www.suse.com/security/cve/CVE-2019-13735.html
       https://www.suse.com/security/cve/CVE-2019-13736.html
       https://www.suse.com/security/cve/CVE-2019-13737.html
       https://www.suse.com/security/cve/CVE-2019-13738.html
       https://www.suse.com/security/cve/CVE-2019-13739.html
       https://www.suse.com/security/cve/CVE-2019-13740.html
       https://www.suse.com/security/cve/CVE-2019-13741.html
       https://www.suse.com/security/cve/CVE-2019-13742.html
       https://www.suse.com/security/cve/CVE-2019-13743.html
       https://www.suse.com/security/cve/CVE-2019-13744.html
       https://www.suse.com/security/cve/CVE-2019-13745.html
       https://www.suse.com/security/cve/CVE-2019-13746.html
       https://www.suse.com/security/cve/CVE-2019-13747.html
       https://www.suse.com/security/cve/CVE-2019-13748.html
       https://www.suse.com/security/cve/CVE-2019-13749.html
       https://www.suse.com/security/cve/CVE-2019-13750.html
       https://www.suse.com/security/cve/CVE-2019-13751.html
       https://www.suse.com/security/cve/CVE-2019-13752.html
       https://www.suse.com/security/cve/CVE-2019-13753.html
       https://www.suse.com/security/cve/CVE-2019-13754.html
       https://www.suse.com/security/cve/CVE-2019-13755.html
       https://www.suse.com/security/cve/CVE-2019-13756.html
       https://www.suse.com/security/cve/CVE-2019-13757.html
       https://www.suse.com/security/cve/CVE-2019-13758.html
       https://www.suse.com/security/cve/CVE-2019-13759.html
       https://www.suse.com/security/cve/CVE-2019-13761.html
       https://www.suse.com/security/cve/CVE-2019-13762.html
       https://www.suse.com/security/cve/CVE-2019-13763.html
       https://www.suse.com/security/cve/CVE-2019-13764.html
       https://bugzilla.suse.com/1158982
    
    -- 
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"35","type":"x","order":"1","pct":92.11,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":5.26,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":2.63,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.