Security update for chromium (important)

2018-06-01T03:07:21
ID OPENSUSE-SU-2018:1485-1
Type suse
Reporter Suse
Modified 2018-06-01T03:07:21

Description

This update for chromium to version 66.0.3359.181 fixes the following issues:

The following security issues were fixed (boo#1095163):

  • CVE-2018-6123: Use after free in Blink.
  • CVE-2018-6124: Type confusion in Blink.
  • CVE-2018-6125: Overly permissive policy in WebUSB.
  • CVE-2018-6126: Heap buffer overflow in Skia.
  • CVE-2018-6127: Use after free in indexedDB.
  • CVE-2018-6128: uXSS in Chrome on iOS.
  • CVE-2018-6129: Out of bounds memory access in WebRTC.
  • CVE-2018-6130: Out of bounds memory access in WebRTC.
  • CVE-2018-6131: Incorrect mutability protection in WebAssembly.
  • CVE-2018-6132: Use of uninitialized memory in WebRTC.
  • CVE-2018-6133: URL spoof in Omnibox.
  • CVE-2018-6134: Referrer Policy bypass in Blink.
  • CVE-2018-6135: UI spoofing in Blink.
  • CVE-2018-6136: Out of bounds memory access in V8.
  • CVE-2018-6137: Leak of visited status of page in Blink.
  • CVE-2018-6138: Overly permissive policy in Extensions.
  • CVE-2018-6139: Restrictions bypass in the debugger extension API.
  • CVE-2018-6140: Restrictions bypass in the debugger extension API.
  • CVE-2018-6141: Heap buffer overflow in Skia.
  • CVE-2018-6142: Out of bounds memory access in V8.
  • CVE-2018-6143: Out of bounds memory access in V8.
  • CVE-2018-6144: Out of bounds memory access in PDFium.
  • CVE-2018-6145: Incorrect escaping of MathML in Blink.
  • CVE-2018-6147: Password fields not taking advantage of OS protections in Views.

Additional changes:

  • Autoplay: Force enable on desktop for Web Audio

This update enables the "Strict site isolation" feature for a larger percentage of users. This feature is a mitigation against the Spectre vulnerabilities. It can be turned on via: chrome://flags/#enable-site-per-process It can be disabled via: chrome://flags/#site-isolation-trial-opt-out