Lucene search

K
suseSuseOPENSUSE-SU-2018:2664-1
HistorySep 08, 2018 - 12:13 p.m.

Security update for chromium (important)

2018-09-0812:13:32
lists.opensuse.org
368

0.119 Low

EPSS

Percentile

94.8%

This update for Chromium to version 69.0.3497.81 fixes multiple issues.

Security issues fixed (boo#1107235):

  • CVE-2018-16065: Out of bounds write in V8
  • CVE-2018-16066:Out of bounds read in Blink
  • CVE-2018-16067: Out of bounds read in WebAudio
  • CVE-2018-16068: Out of bounds write in Mojo
  • CVE-2018-16069:Out of bounds read in SwiftShader
  • CVE-2018-16070: Integer overflow in Skia
  • CVE-2018-16071: Use after free in WebRTC
  • CVE-2018-16073: Site Isolation bypass after tab restore
  • CVE-2018-16074: Site Isolation bypass using Blob URLS
  • Out of bounds read in Little-CMS
  • CVE-2018-16075: Local file access in Blink
  • CVE-2018-16076: Out of bounds read in PDFium
  • CVE-2018-16077: Content security policy bypass in Blink
  • CVE-2018-16078: Credit card information leak in Autofill
  • CVE-2018-16079: URL spoof in permission dialogs
  • CVE-2018-16080: URL spoof in full screen mode
  • CVE-2018-16081: Local file access in DevTools
  • CVE-2018-16082: Stack buffer overflow in SwiftShader
  • CVE-2018-16083: Out of bounds read in WebRTC
  • CVE-2018-16084: User confirmation bypass in external protocol handling
  • CVE-2018-16085: Use after free in Memory Instrumentation
  • CVE-2017-15430: Unsafe navigation in Chromecast (boo#1106341)
  • CVE-2018-16086: Script injection in New Tab Page
  • CVE-2018-16087: Multiple download restriction bypass
  • CVE-2018-16088: User gesture requirement bypass

The re2 regular expression library was updated to the current version
2018-09-01.