Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2018:3273-1
HistoryOct 22, 2018 - 3:16 p.m.

Security update for Chromium (important)

2018-10-2215:16:54
lists.opensuse.org
100

0.973 High

EPSS

Percentile

99.8%

JSON

This update for Chromium to version 70.0.3538.67 fixes multiple issues.

Security issues fixed (bsc#1112111):

  • CVE-2018-17462: Sandbox escape in AppCache
  • CVE-2018-17463: Remote code execution in V8
  • Heap buffer overflow in Little CMS in PDFium
  • CVE-2018-17464: URL spoof in Omnibox
  • CVE-2018-17465: Use after free in V8
  • CVE-2018-17466: Memory corruption in Angle
  • CVE-2018-17467: URL spoof in Omnibox
  • CVE-2018-17468: Cross-origin URL disclosure in Blink
  • CVE-2018-17469: Heap buffer overflow in PDFium
  • CVE-2018-17470: Memory corruption in GPU Internals
  • CVE-2018-17471: Security UI occlusion in full screen mode
  • CVE-2018-17473: URL spoof in Omnibox
  • CVE-2018-17474: Use after free in Blink
  • CVE-2018-17475: URL spoof in Omnibox
  • CVE-2018-17476: Security UI occlusion in full screen mode
  • CVE-2018-5179: Lack of limits on update() in ServiceWorker
  • CVE-2018-17477: UI spoof in Extensions

VAAPI hardware accelerated rendering is now enabled by default.

This update contains the following packaging changes:

  • Use the system libusb-1.0 library
  • Use bundled harfbuzz library
  • Disable gnome-keyring to avoid crashes
OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0x86_64chromium< 70.0.3538.67-lp150.2.20.1chromium-70.0.3538.67-lp150.2.20.1.x86_64.rpm
openSUSE Backports SLE15x86_64chromedriver< 70.0.3538.67-bp150.2.14.1chromedriver-70.0.3538.67-bp150.2.14.1.x86_64.rpm
openSUSE Leap15.0x86_64chromium-debugsource< 70.0.3538.67-lp150.2.20.1chromium-debugsource-70.0.3538.67-lp150.2.20.1.x86_64.rpm
openSUSE Backports SLE15x86_64chromium-debuginfo< 70.0.3538.67-bp150.2.14.1chromium-debuginfo-70.0.3538.67-bp150.2.14.1.x86_64.rpm
openSUSE Backports SLE15x86_64chromedriver-debuginfo< 70.0.3538.67-bp150.2.14.1chromedriver-debuginfo-70.0.3538.67-bp150.2.14.1.x86_64.rpm
openSUSE Leap15.0x86_64chromedriver< 70.0.3538.67-lp150.2.20.1chromedriver-70.0.3538.67-lp150.2.20.1.x86_64.rpm
openSUSE Leap15.0x86_64chromium-debuginfo< 70.0.3538.67-lp150.2.20.1chromium-debuginfo-70.0.3538.67-lp150.2.20.1.x86_64.rpm
openSUSE Backports SLE15x86_64chromium-debugsource< 70.0.3538.67-bp150.2.14.1chromium-debugsource-70.0.3538.67-bp150.2.14.1.x86_64.rpm
openSUSE Leap15.0x86_64chromedriver-debuginfo< 70.0.3538.67-lp150.2.20.1chromedriver-debuginfo-70.0.3538.67-lp150.2.20.1.x86_64.rpm
openSUSE Backports SLE15x86_64chromium< 70.0.3538.67-bp150.2.14.1chromium-70.0.3538.67-bp150.2.14.1.x86_64.rpm

Related

openvas 22
nessus 39
chrome 1
debian 4
suse 4
kaspersky 2
fedora 2
archlinux 2
osv 5
redhat 5
threatpost 1
gentoo 1
debiancve 17
cve 17
prion 17
ubuntucve 17
redhatcve 17
attackerkb 1
zdt 1
veracode 1
checkpoint_advisories 1
packetstorm 1
cisa_kev 1
rapid7blog 1
github 1
myhack58 1
amazon 1
centos 4
mozilla 2
oraclelinux 4
altlinux 2
ibm 1
slackware 1
mageia 1
googleprojectzero 1
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:3273-1)
2018-10-26 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:3396-1)
2018-10-25 00:00:00
Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Mac OS X
2018-10-17 00:00:00
nessus
nessus
openSUSE Security Update : Chromium (openSUSE-2019-712)
2019-03-27 00:00:00
openSUSE Security Update : Chromium (openSUSE-2018-1208)
2018-10-23 00:00:00
RHEL 6 : chromium-browser (RHSA-2018:3004)
2018-10-25 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2018-10-16 00:00:00
debian
debian
[SECURITY] [DSA 4330-1] chromium-browser security update
2018-11-02 11:47:45
[SECURITY] [DSA 4330-1] chromium-browser security update
2018-11-02 11:47:45
[SECURITY] [DSA 4354-1] firefox-esr security update
2018-12-12 21:08:52
suse
suse
Security update for Chromium (important)
2018-10-24 21:09:13
Security update for chromium (important)
2018-11-21 00:11:39
Security update for Mozilla Firefox (important)
2018-12-13 12:09:13
kaspersky
kaspersky
KLA11338 Multiple vulnerabilities in Google Chrome
2018-10-16 00:00:00
KLA11406 Multiple vulnerabilities in Mozilla Thunderbird
2018-12-21 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: chromium-70.0.3538.77-4.fc29
2018-11-23 02:32:21
[SECURITY] Fedora 28 Update: chromium-70.0.3538.110-1.fc28
2018-11-30 02:14:11
archlinux
archlinux
[ASA-201810-12] chromium: multiple issues
2018-10-17 00:00:00
[ASA-201812-9] firefox: multiple issues
2018-12-12 00:00:00
osv
osv
chromium-browser - security update
2018-11-02 00:00:00
firefox-esr - security update
2018-12-12 00:00:00
thunderbird - security update
2019-01-02 00:00:00
redhat
redhat
(RHSA-2018:3004) Important: chromium-browser security update
2018-10-24 20:52:49
(RHSA-2019:0159) Important: thunderbird security update
2019-01-24 21:47:18
(RHSA-2018:3831) Critical: firefox security update
2018-12-17 13:56:10
threatpost
threatpost
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
2018-10-17 14:04:48
gentoo
gentoo
Chromium: Multiple vulnerabilities
2018-11-23 00:00:00
debiancve
debiancve
CVE-2018-17472
2018-11-14 15:29:00
CVE-2018-17475
2018-11-14 15:29:00
CVE-2018-17465
2018-11-14 15:29:00
cve
cve
CVE-2018-17471
2018-11-14 15:29:00
CVE-2018-17468
2018-11-14 15:29:00
CVE-2018-17470
2019-01-09 19:29:00
prion
prion
Hardcoded credentials
2018-11-14 15:29:00
Hardcoded credentials
2018-11-14 15:29:00
Cross site scripting
2018-11-14 15:29:00
ubuntucve
ubuntucve
CVE-2018-17472
2018-11-14 00:00:00
CVE-2018-17477
2018-11-14 00:00:00
CVE-2018-17465
2018-11-14 00:00:00
redhatcve
redhatcve
CVE-2018-17477
2018-10-17 11:58:12
CVE-2018-17464
2019-10-10 04:07:07
CVE-2018-17465
2018-10-17 12:00:24
attackerkb
attackerkb
CVE-2018-17463
2018-11-14 00:00:00
zdt
zdt
Google Chrome 67 / 68 / 69 Object.create Type Confusion Exploit
2020-03-06 00:00:00
veracode
veracode
Information Disclosure
2019-05-16 03:23:44
checkpoint_advisories
checkpoint_advisories
Google Chrome V8 Remote Code Execution (CVE-2018-17463)
2020-09-05 00:00:00
packetstorm
packetstorm
Google Chrome 67 / 68 / 69 Object.create Type Confusion
2020-03-05 00:00:00
cisa_kev
cisa_kev
Google Chromium V8 Remote Code Execution Vulnerability
2022-06-08 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-10-23 18:56:55
github
github
Getting RCE in Chrome with incorrect side effect in the JIT compiler
2023-09-26 15:00:54
myhack58
myhack58
In-depth exploration found in the wild iOS exploit chain VI-vulnerability warning-the black bar safety net
2019-09-17 00:00:00
amazon
amazon
Critical: thunderbird
2019-03-07 05:55:00
centos
centos
firefox security update
2018-12-21 19:07:59
thunderbird security update
2019-02-01 23:12:43
firefox security update
2018-12-21 19:08:51
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.4 — Mozilla
2018-12-11 00:00:00
Security vulnerabilities fixed in Thunderbird 60.4 — Mozilla
2018-12-21 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2019-01-25 00:00:00
thunderbird security update
2019-01-25 00:00:00
firefox security update
2018-12-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 60.4.0-alt1
2018-12-24 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 60.4.0-alt1
2018-12-11 00:00:00
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2019-05-02 08:10:01
slackware
slackware
[slackware-security] mozilla-firefox
2018-12-12 04:59:01
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-12-16 00:29:48
googleprojectzero
googleprojectzero
JSC Exploits
2019-08-29 00:00:00

0.973 High

EPSS

Percentile

99.8%

JSON
Related for OPENSUSE-SU-2018:3273-1
openvas22nessus39chrome1debian4suse4kaspersky2fedora2archlinux2osv5redhat5threatpost1gentoo1debiancve17cve17prion17ubuntucve17redhatcve17attackerkb1zdt1veracode1checkpoint_advisories1packetstorm1cisa_kev1rapid7blog1github1myhack581amazon1centos4mozilla2oraclelinux4altlinux2ibm1slackware1mageia1googleprojectzero1