Lucene search
SuseOPENSUSE-SU-2018:3835-1HistoryNov 21, 2018 - 12:11 a.m.
Security update for chromium (important)
2018-11-2100:11:39
lists.opensuse.org
257
0.973 High
EPSS
Percentile
99.8%
This update contains Chromium 70.0.3538.102 and fixes security issues and
bugs.
Vulnerabilities fixed in 70.0.3538.102:
- CVE-2018-17478: Out of bounds memory access in V8 (boo#1115537)
Vulnerabilities fixed in 70.0.3538.67 (bsc#1112111):
- CVE-2018-17462: Sandbox escape in AppCache
- CVE-2018-17463: Remote code execution in V8
- Heap buffer overflow in Little CMS in PDFium
- CVE-2018-17464: URL spoof in Omnibox
- CVE-2018-17465: Use after free in V8
- CVE-2018-17466: Memory corruption in Angle
- CVE-2018-17467: URL spoof in Omnibox
- CVE-2018-17468: Cross-origin URL disclosure in Blink
- CVE-2018-17469: Heap buffer overflow in PDFium
- CVE-2018-17470: Memory corruption in GPU Internals
- CVE-2018-17471: Security UI occlusion in full screen mode
- CVE-2018-17473: URL spoof in Omnibox
- CVE-2018-17474: Use after free in Blink
- CVE-2018-17475: URL spoof in Omnibox
- CVE-2018-17476: Security UI occlusion in full screen mode
- CVE-2018-5179: Lack of limits on update() in ServiceWorker
- CVE-2018-17477: UI spoof in Extensions
This update contains the following packaging changes:
- VAAPI hardware accelerated rendering is now enabled by default.
- Use the system libusb-1.0 library
- Use bundled harfbuzz library
- Disable gnome-keyring to avoid crashes
- noto-emoji-fonts is no longer a recommended dependency
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Package Hub for SUSE Linux Enterprise | 12 | x86_64 | chromium | < 70.0.3538.102-74.1 | chromium-70.0.3538.102-74.1.x86_64.rpm |
| SUSE Package Hub for SUSE Linux Enterprise | 12 | x86_64 | chromedriver | < 70.0.3538.102-74.1 | chromedriver-70.0.3538.102-74.1.x86_64.rpm |
Related
chrome
chrome
Stable Channel Update for Desktop
2018-10-16 00:00:00
Stable Channel Update for Desktop
2018-11-09 00:00:00
nessus
nessus
openSUSE Security Update : Chromium (openSUSE-2019-712)
2019-03-27 00:00:00
Google Chrome < 70.0.3538.67 Multiple Vulnerabilities
2018-10-16 00:00:00
openSUSE Security Update : Chromium (openSUSE-2018-1253)
2018-10-25 00:00:00
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:3273-1)
2018-10-26 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:3396-1)
2018-10-25 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: chromium-70.0.3538.77-4.fc29
2018-11-23 02:32:21
[SECURITY] Fedora 28 Update: chromium-70.0.3538.110-1.fc28
2018-11-30 02:14:11
[SECURITY] Fedora 29 Update: chromium-70.0.3538.110-1.fc29
2018-11-30 02:52:09
suse
suse
Security update for Chromium (important)
2018-10-22 15:16:54
Security update for Chromium (important)
2018-10-24 21:09:13
Security update for chromium (moderate)
2018-11-21 00:12:41
kaspersky
kaspersky
KLA11338 Multiple vulnerabilities in Google Chrome
2018-10-16 00:00:00
KLA11348 Out of bounds memory access vulnerability in Google Chrome
2018-11-09 00:00:00
KLA11733 Memory vulnerability in Opera
2018-11-16 00:00:00
debian
debian
[SECURITY] [DSA 4330-1] chromium-browser security update
2018-11-02 11:47:45
[SECURITY] [DSA 4330-1] chromium-browser security update
2018-11-02 11:47:45
[SECURITY] [DSA 4340-1] chromium-browser security update
2018-11-18 07:36:44
archlinux
archlinux
[ASA-201810-12] chromium: multiple issues
2018-10-17 00:00:00
[ASA-201811-16] chromium: information disclosure
2018-11-20 00:00:00
redhat
redhat
(RHSA-2018:3004) Important: chromium-browser security update
2018-10-24 20:52:49
(RHSA-2018:3648) Important: chromium-browser security update
2018-11-26 08:24:19
(RHSA-2019:0159) Important: thunderbird security update
2019-01-24 21:47:18
osv
osv
chromium-browser - security update
2018-11-02 00:00:00
chromium-browser - security update
2018-11-18 00:00:00
firefox-esr - security update
2018-12-12 00:00:00
threatpost
threatpost
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
2018-10-17 14:04:48
gentoo
gentoo
Chromium: Multiple vulnerabilities
2018-11-23 00:00:00
debiancve
debiancve
cve
cve
prion
prion
Hardcoded credentials
2018-11-14 15:29:00
Design/Logic Flaw
2019-06-27 17:15:00
Cross site scripting
2018-11-14 15:29:00
redhatcve
redhatcve
ubuntucve
ubuntucve
attackerkb
attackerkb
CVE-2018-17463
2018-11-14 00:00:00
zdt
zdt
Google Chrome 67 / 68 / 69 Object.create Type Confusion Exploit
2020-03-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Google Chrome V8 Remote Code Execution (CVE-2018-17463)
2020-09-05 00:00:00
cisa_kev
cisa_kev
Google Chromium V8 Remote Code Execution Vulnerability
2022-06-08 00:00:00
packetstorm
packetstorm
Google Chrome 67 / 68 / 69 Object.create Type Confusion
2020-03-05 00:00:00
veracode
veracode
Information Disclosure
2019-05-16 03:23:44
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-10-23 18:56:55
github
github
Getting RCE in Chrome with incorrect side effect in the JIT compiler
2023-09-26 15:00:54
myhack58
myhack58
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.4 — Mozilla
2018-12-11 00:00:00
Security vulnerabilities fixed in Thunderbird 60.4 — Mozilla
2018-12-21 00:00:00
centos
centos
firefox security update
2018-12-21 19:07:59
thunderbird security update
2019-02-01 23:12:43
amazon
amazon
Critical: thunderbird
2019-03-07 05:55:00
oraclelinux
oraclelinux
thunderbird security update
2019-01-25 00:00:00
firefox security update
2018-12-18 00:00:00
thunderbird security update
2019-01-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 60.4.0-alt1
2018-12-24 00:00:00
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2019-05-02 08:10:01
slackware
slackware
[slackware-security] mozilla-firefox
2018-12-12 04:59:01