Alerts This Week
Warning Icon 1 924
Alerts This Week
Warning Icon 1 924

openSUSE: 2020:0893-1 Important: Chromium Software Fixes and Patches

opensuse
Calendar Grey June 28, 2020
Dist Opensuse Esm H88
OpenSUSE chromium update fixes multiple issues, addressing vulnerabilities to enhance software integrity and security.
An update that solves four vulnerabilities and has four fixes is now available.

Description

This update for chromium fixes the following issues:

Chromium was updated to 83.0.4103.116 (boo#1173251):

* CVE-2020-6509: Use after free in extensions

Chromium was updated to 83.0.4103.106 (boo#1173029):

* CVE-2020-6505: Use after free in speech

* CVE-2020-6506: Insufficient policy enforcement in WebView

* CVE-2020-6507: Out of bounds write in V8

Other fixes:

- Add patch to work with new ffmpeg wrt boo#1173292:

- Add multimedia fix for disabled location and also try one additional

patch from Debian on the same issue boo#1173107

- Disable wayland integration on 15.x boo#1173187 boo#1173188 boo#1173254

- Enforce to not use system borders boo#1173063

Topics%20covered

Topics Covered

security advisory update software patch important fixed issues openSUSE chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-893=1

Package List

- openSUSE Leap 15.2 (x86_64):

chromedriver-83.0.4103.116-lp152.2.3.1

chromedriver-debuginfo-83.0.4103.116-lp152.2.3.1

chromium-83.0.4103.116-lp152.2.3.1

chromium-debuginfo-83.0.4103.116-lp152.2.3.1

chromium-debugsource-83.0.4103.116-lp152.2.3.1

References

https://www.suse.com/security/cve/CVE-2020-6505.html

https://www.suse.com/security/cve/CVE-2020-6506.html

https://www.suse.com/security/cve/CVE-2020-6507.html

https://www.suse.com/security/cve/CVE-2020-6509.html

https://bugzilla.suse.com/1173029

https://bugzilla.suse.com/1173063

https://bugzilla.suse.com/1173107

https://bugzilla.suse.com/1173187

https://bugzilla.suse.com/1173188

https://bugzilla.suse.com/1173251

https://bugzilla.suse.com/1173254

https://bugzilla.suse.com/1173292

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2020:0893-1
Rating: important
Affected Products: openSUSE Leap 15.2 le.

Topics%20covered

Topics Covered

security advisory update software patch important fixed issues openSUSE chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here