openSUSE: 2020:0540-1 Important: Chromium 26 Security Issues Fixed
opensuse
April 18, 2020
An update that fixes 26 vulnerabilities is now available.
Description
This update for chromium fixes the following issues:
Chromium was updated to 81.0.4044.92 boo#1168911:
* CVE-2020-6454: Use after free in extensions
* CVE-2020-6423: Use after free in audio
* CVE-2020-6455: Out of bounds read in WebSQL
* CVE-2020-6430: Type Confusion in V8
* CVE-2020-6456: Insufficient validation of untrusted input in clipboard
* CVE-2020-6431: Insufficient policy enforcement in full screen
* CVE-2020-6432: Insufficient policy enforcement in navigations
* CVE-2020-6433: Insufficient policy enforcement in extensions
* CVE-2020-6434: Use after free in devtools
* CVE-2020-6435: Insufficient policy enforcement in extensions
* CVE-2020-6436: Use after free in window management
* CVE-2020-6437: Inappropriate implementation in WebView
* CVE-2020-6438: Insufficient policy enforcement in extensions
* CVE-2020-6439: Insufficient policy enforcement in navigations
* CVE-2020-6440: Inappropriate...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-540=1
Package List
- openSUSE Backports SLE-15-SP1 (aarch64 x86_64):
chromedriver-81.0.4044.92-bp151.3.66.1
chromium-81.0.4044.92-bp151.3.66.1
References
https://www.suse.com/security/cve/CVE-2020-6423.html
https://www.suse.com/security/cve/CVE-2020-6430.html
https://www.suse.com/security/cve/CVE-2020-6431.html
https://www.suse.com/security/cve/CVE-2020-6432.html
https://www.suse.com/security/cve/CVE-2020-6433.html
https://www.suse.com/security/cve/CVE-2020-6434.html
https://www.suse.com/security/cve/CVE-2020-6435.html
https://www.suse.com/security/cve/CVE-2020-6436.html
https://www.suse.com/security/cve/CVE-2020-6437.html
https://www.suse.com/security/cve/CVE-2020-6438.html
https://www.suse.com/security/cve/CVE-2020-6439.html
https://www.suse.com/security/cve/CVE-2020-6440.html
https://www.suse.com/security/cve/CVE-2020-6441.html
https://www.suse.com/security/cve/CVE-2020-6442.html
https://www.suse.com/security/cve/CVE-2020-6443.html
https://www.suse.com/security/cve/CVE-2020-6444.html
https://www.suse.com/security/cve/CVE-2020-6445.html
https://www.suse.com/security/cve/CVE-2020-6446.html
https://www.suse.com/security/cve/CVE-2020-6447.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2020:0540-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!