SuseOPENSUSE-SU-2019:1666-1Security update for chromium (important)
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.271 Low
EPSS
Percentile
96.3%
An update that fixes 53 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287):
- CVE-2019-5842: Use-after-free in Blink.
Also updated to 75.0.3770.80 boo#1137332:
- CVE-2019-5828: Use after free in ServiceWorker
- CVE-2019-5829: Use after free in Download Manager
- CVE-2019-5830: Incorrectly credentialed requests in CORS
- CVE-2019-5831: Incorrect map processing in V8
- CVE-2019-5832: Incorrect CORS handling in XHR
- CVE-2019-5833: Inconsistent security UI placemen
- CVE-2019-5835: Out of bounds read in Swiftshader
- CVE-2019-5836: Heap buffer overflow in Angle
- CVE-2019-5837: Cross-origin resources size disclosure in Appcache
- CVE-2019-5838: Overly permissive tab access in Extensions
- CVE-2019-5839: Incorrect handling of certain code points in Blink
- CVE-2019-5840: Popup blocker bypass
- Various fixes from internal audits, fuzzing and other initiatives
- CVE-2019-5834: URL spoof in Omnibox on iOS
Update to 74.0.3729.169:
- Feature fixes update only
Update to 74.0.3729.157:
- Various security fixes from internal audits, fuzzing and other
initiatives
Includes security fixes from 74.0.3729.131 (boo#1134218):
- CVE-2019-5827: Out-of-bounds access in SQLite
- CVE-2019-5824: Parameter passing error in media player
Update to 74.0.3729.108 boo#1133313:
- CVE-2019-5805: Use after free in PDFium
- CVE-2019-5806: Integer overflow in Angle
- CVE-2019-5807: Memory corruption in V8
- CVE-2019-5808: Use after free in Blink
- CVE-2019-5809: Use after free in Blink
- CVE-2019-5810: User information disclosure in Autofill
- CVE-2019-5811: CORS bypass in Blink
- CVE-2019-5813: Out of bounds read in V8
- CVE-2019-5814: CORS bypass in Blink
- CVE-2019-5815: Heap buffer overflow in Blink
- CVE-2019-5818: Uninitialized value in media reader
- CVE-2019-5819: Incorrect escaping in developer tools
- CVE-2019-5820: Integer overflow in PDFium
- CVE-2019-5821: Integer overflow in PDFium
- CVE-2019-5822: CORS bypass in download manager
- CVE-2019-5823: Forced navigation from service worker
- CVE-2019-5812: URL spoof in Omnibox on iOS
- CVE-2019-5816: Exploit persistence extension on Android
- CVE-2019-5817: Heap buffer overflow in Angle on Windows
Update to 73.0.3686.103:
- Various feature fixes
Update to 73.0.3683.86:
- Just feature fixes around
- Update conditions to use system harfbuzz on TW+
- Require java during build
- Enable using pipewire when available
- Rebase chromium-vaapi.patch to match up the Fedora one
Update to 73.0.3683.75 boo#1129059:
- CVE-2019-5787: Use after free in Canvas.
- CVE-2019-5788: Use after free in FileAPI.
- CVE-2019-5789: Use after free in WebMIDI.
- CVE-2019-5790: Heap buffer overflow in V8.
- CVE-2019-5791: Type confusion in V8.
- CVE-2019-5792: Integer overflow in PDFium.
- CVE-2019-5793: Excessive permissions for private API in Extensions.
- CVE-2019-5794: Security UI spoofing.
- CVE-2019-5795: Integer overflow in PDFium.
- CVE-2019-5796: Race condition in Extensions.
- CVE-2019-5797: Race condition in DOMStorage.
- CVE-2019-5798: Out of bounds read in Skia.
- CVE-2019-5799: CSP bypass with blob URL.
- CVE-2019-5800: CSP bypass with blob URL.
- CVE-2019-5801: Incorrect Omnibox display on iOS.
- CVE-2019-5802: Security UI spoofing.
- CVE-2019-5803: CSP bypass with Javascript URLs’.
- CVE-2019-5804: Command line command injection on Windows.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 42.3:
zypper in -t patch openSUSE-2019-1666=1
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2019-1666=1
-
openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-1666=1
-
openSUSE Backports SLE-15:
zypper in -t patch openSUSE-2019-1666=1
-
SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2019-1666=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | x86_64 | < - openSUSE Leap 42.3 (x86_64): | - openSUSE Leap 42.3 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.0 | x86_64 | < - openSUSE Leap 15.0 (x86_64): | - openSUSE Leap 15.0 (x86_64):.x86_64.rpm | |
| openSUSE Backports SLE | 15 | aarch64 | < openSUSE Backports SLE-15 (aarch64 x86_64): | - openSUSE Backports SLE-15 (aarch64 x86_64):.aarch64.rpm | |
| openSUSE Backports SLE | 15 | x86_64 | < openSUSE Backports SLE-15 (aarch64 x86_64): | - openSUSE Backports SLE-15 (aarch64 x86_64):.x86_64.rpm | |
| SUSE Package Hub for SUSE Linux Enterprise | 12 | x86_64 | < - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): | - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):.x86_64.rpm |
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.271 Low
EPSS
Percentile
96.3%