Lucene search
SuseOPENSUSE-SU-2018:4142-1HistoryDec 15, 2018 - 3:08 p.m.
Security update for Chromium (important)
2018-12-1515:08:49
lists.opensuse.org
141
0.068 Low
EPSS
Percentile
93.2%
This update to Chromium 71.0.3578.98 fixes the following issues:
Security issues fixed (boo#1118529):
- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
- Various fixes from internal audits, fuzzing and other initiatives
- CVE-2018-17481: Use after free in PDFium (boo#1119364)
The following changes are included:
- advertisements posing as error messages are now blocked
- Automatic playing of content at page load mostly disabled
- New JavaScript API for relative time display
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | x86_64 | chromium-debugsource | < 71.0.3578.98-189.1 | chromium-debugsource-71.0.3578.98-189.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | chromium | < 71.0.3578.98-189.1 | chromium-71.0.3578.98-189.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | chromium-debuginfo | < 71.0.3578.98-189.1 | chromium-debuginfo-71.0.3578.98-189.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | chromedriver-debuginfo | < 71.0.3578.98-189.1 | chromedriver-debuginfo-71.0.3578.98-189.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | chromedriver | < 71.0.3578.98-189.1 | chromedriver-71.0.3578.98-189.1.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : Chromium (openSUSE-2018-1557)
2018-12-17 00:00:00
Fedora 28 : chromium (2019-348547a32d)
2019-01-16 00:00:00
RHEL 6 : chromium-browser (RHSA-2018:3803)
2018-12-11 00:00:00
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4142-1)
2018-12-18 00:00:00
Fedora Update for chromium FEDORA-2019-348547a32d
2019-01-16 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4056-1)
2018-12-10 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2018-12-04 00:00:00
chromium -- Use after free in PDFium
2018-12-12 00:00:00
suse
suse
Security update for Chromium (important)
2018-12-15 15:09:21
Security update for Chromium (important)
2018-12-08 15:14:53
Security update for MozillaFirefox (important)
2019-02-18 00:00:00
archlinux
archlinux
[ASA-201812-2] chromium: multiple issues
2018-12-08 00:00:00
[ASA-201902-23] thunderbird: multiple issues
2019-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: chromium-71.0.3578.98-1.fc28
2019-01-16 01:43:05
[SECURITY] Fedora 29 Update: chromium-71.0.3578.98-1.fc29
2019-01-05 02:32:22
debian
debian
[SECURITY] [DSA 4352-1] chromium-browser security update
2018-12-08 01:45:46
[SECURITY] [DSA 4352-1] chromium-browser security update
2018-12-08 01:41:52
kaspersky
kaspersky
KLA11379 Multiple vulnerabilities in Google Chrome
2018-12-04 00:00:00
KLA11734 Multiple vulnerabilities in Opera
2018-12-12 00:00:00
KLA11416 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2019-02-12 00:00:00
redhat
redhat
(RHSA-2018:3803) Important: chromium-browser security update
2018-12-10 10:22:08
osv
osv
chromium-browser - security update
2018-12-07 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2018-12-04 00:00:00
Stable Channel Update for Desktop
2018-12-12 00:00:00
threatpost
threatpost
Google Chrome 71 Touts 43 Fixes, Fights Ad Abuse
2018-12-05 04:34:29
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2019-08-15 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2019-02-14 00:00:16
[slackware-security] mozilla-thunderbird
2019-02-15 00:52:46
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.5.1-alt1
2019-02-15 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 60.5.1-alt1
2019-02-15 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.5.1 — Mozilla
2019-02-12 00:00:00
Security vulnerabilities fixed in Thunderbird 60.5.1 — Mozilla
2019-02-14 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2019-02-17 20:17:45
redhatcve
redhatcve
ubuntucve
ubuntucve
veracode
veracode
Same-Origin Policy Bypass
2020-12-06 04:44:19
Denial Of Service (DoS)
2020-12-06 04:45:30
Heap Corruption
2020-12-06 04:45:30
cve
cve
debiancve
debiancve
prion
prion
Design/Logic Flaw
2018-12-11 16:29:00
Code injection
2018-12-11 16:29:00
Design/Logic Flaw
2018-12-11 16:29:00
attackerkb
attackerkb
CVE-2018-17480
2018-12-11 00:00:00
alpinelinux
alpinelinux
CVE-2018-18335
2018-12-11 16:29:00