Linux Security
    Linux Security
    Linux Security

    openSUSE: 2020:1514-1: important: chromium

    Posted By
    An update that fixes 19 vulnerabilities is now available.
       openSUSE Security Update: Security update for chromium
    Announcement ID:    openSUSE-SU-2020:1514-1
    Rating:             important
    References:         #1175757 #1176306 #1176450 
    Cross-References:   CVE-2020-15959 CVE-2020-6558 CVE-2020-6559
                        CVE-2020-6560 CVE-2020-6561 CVE-2020-6562
                        CVE-2020-6563 CVE-2020-6564 CVE-2020-6565
                        CVE-2020-6566 CVE-2020-6567 CVE-2020-6568
                        CVE-2020-6569 CVE-2020-6570 CVE-2020-6571
                        CVE-2020-6573 CVE-2020-6574 CVE-2020-6575
    Affected Products:
                        openSUSE Backports SLE-15-SP1
       An update that fixes 19 vulnerabilities is now available.
       This update for chromium fixes the following issues:
       Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing:
       - CVE-2020-6573: Use after free in video.
       - CVE-2020-6574: Insufficient policy enforcement in installer.
       - CVE-2020-6575: Race in Mojo.
       - CVE-2020-6576: Use after free in offscreen canvas.
       - CVE-2020-15959: Insufficient policy enforcement in networking.
       Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing:
       - CVE-2020-6558: Insufficient policy enforcement in iOS
       - CVE-2020-6559: Use after free in presentation API
       - CVE-2020-6560: Insufficient policy enforcement in autofill
       - CVE-2020-6561: Inappropriate implementation in Content Security Policy
       - CVE-2020-6562: Insufficient policy enforcement in Blink
       - CVE-2020-6563: Insufficient policy enforcement in intent handling.
       - CVE-2020-6564: Incorrect security UI in permissions
       - CVE-2020-6565: Incorrect security UI in Omnibox.
       - CVE-2020-6566: Insufficient policy enforcement in media.
       - CVE-2020-6567: Insufficient validation of untrusted input in command
         line handling.
       - CVE-2020-6568: Insufficient policy enforcement in intent handling.
       - CVE-2020-6569: Integer overflow in WebUSB.
       - CVE-2020-6570: Side-channel information leakage in WebRTC.
       - CVE-2020-6571: Incorrect security UI in Omnibox.
       This update was imported from the openSUSE:Leap:15.1:Update update project.
    Patch Instructions:
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
       Alternatively you can run the command listed for your product:
       - openSUSE Backports SLE-15-SP1:
          zypper in -t patch openSUSE-2020-1514=1
    Package List:
       - openSUSE Backports SLE-15-SP1 (aarch64 x86_64):


    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.