Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

openSUSE: 2021:1372-1 Critical Update for Firefox Security Issue

opensuse
Calendar Grey September 22, 2020
Dist Opensuse Esm H88
openSUSE Security Update: Security update for chromium _____________________________________________
An update that fixes 19 vulnerabilities is now available.

Description

This update for chromium fixes the following issues:

Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing:

- CVE-2020-6573: Use after free in video.

- CVE-2020-6574: Insufficient policy enforcement in installer.

- CVE-2020-6575: Race in Mojo.

- CVE-2020-6576: Use after free in offscreen canvas.

- CVE-2020-15959: Insufficient policy enforcement in networking.

Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing:

- CVE-2020-6558: Insufficient policy enforcement in iOS

- CVE-2020-6559: Use after free in presentation API

- CVE-2020-6560: Insufficient policy enforcement in autofill

- CVE-2020-6561: Inappropriate implementation in Content Security Policy

- CVE-2020-6562: Insufficient policy enforcement in Blink

- CVE-2020-6563: Insufficient policy enforcement in intent handling.

- CVE-2020-6564: Incorrect security UI in permissions

- CVE-2020-6565: Incorrect security UI in Omnibox.

- CVE-2020-6566:...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1499=1

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1499=1

Package List

- openSUSE Leap 15.2 (x86_64):

chromedriver-85.0.4183.102-lp152.2.30.1

chromedriver-debuginfo-85.0.4183.102-lp152.2.30.1

chromium-85.0.4183.102-lp152.2.30.1

chromium-debuginfo-85.0.4183.102-lp152.2.30.1

chromium-debugsource-85.0.4183.102-lp152.2.30.1

- openSUSE Leap 15.1 (x86_64):

chromedriver-85.0.4183.102-lp151.2.133.1

chromedriver-debuginfo-85.0.4183.102-lp151.2.133.1

chromium-85.0.4183.102-lp151.2.133.1

chromium-debuginfo-85.0.4183.102-lp151.2.133.1

chromium-debugsource-85.0.4183.102-lp151.2.133.1

References

https://www.suse.com/security/cve/CVE-2020-15959.html

https://www.suse.com/security/cve/CVE-2020-6558.html

https://www.suse.com/security/cve/CVE-2020-6559.html

https://www.suse.com/security/cve/CVE-2020-6560.html

https://www.suse.com/security/cve/CVE-2020-6561.html

https://www.suse.com/security/cve/CVE-2020-6562.html

https://www.suse.com/security/cve/CVE-2020-6563.html

https://www.suse.com/security/cve/CVE-2020-6564.html

https://www.suse.com/security/cve/CVE-2020-6565.html

https://www.suse.com/security/cve/CVE-2020-6566.html

https://www.suse.com/security/cve/CVE-2020-6567.html

https://www.suse.com/security/cve/CVE-2020-6568.html

https://www.suse.com/security/cve/CVE-2020-6569.html

https://www.suse.com/security/cve/CVE-2020-6570.html

https://www.suse.com/security/cve/CVE-2020-6571.html

https://www.suse.com/security/cve/CVE-2020-6573.html

https://www.suse.com/security/cve/CVE-2020-6574.html

https://www.suse.com/security/cve/CVE-2020-6575.html

https://www.suse.com/security/cve/CVE-2020-6576.html

https://bug...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2020:1499-1
Rating: important
Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.