Lucene search
SuseOPENSUSE-SU-2020:1731-1HistoryOct 25, 2020 - 12:00 a.m.
Security update for chromium (important)
2020-10-2500:00:00
lists.opensuse.org
60
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
An update that fixes 5 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
- Update to 86.0.4240.111 boo#1177936
- CVE-2020-16000: Inappropriate implementation in Blink.
- CVE-2020-16001: Use after free in media.
- CVE-2020-16002: Use after free in PDFium.
- CVE-2020-15999: Heap buffer overflow in Freetype.
- CVE-2020-16003: Use after free in printing.
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-1731=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP1 | aarch64 | - opensuse backports sle | < 15-SP1 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP1 | x86_64 | - opensuse backports sle | < 15-SP1 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 x86_64):.x86_64.rpm |
Related
suse
suse
Security update for chromium (important)
2020-10-24 00:00:00
Security update for chromium (important)
2020-10-25 00:00:00
Security update for opera (important)
2020-11-17 00:00:00
nessus
nessus
openSUSE Security Update : chromium (openSUSE-2020-1737)
2020-10-27 00:00:00
Google Chrome < 86.0.4240.111 Multiple Vulnerabilities
2020-10-20 00:00:00
RHEL 6 : chromium-browser (RHSA-2020:4351)
2020-10-28 00:00:00
openvas
openvas
kaspersky
kaspersky
KLA12013 Multiple vulnerabilities in Opera
2020-10-29 00:00:00
KLA11986 Multiple vulnerabilities in Google Chrome
2020-10-20 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2020-10-20 00:00:00
redhat
redhat
(RHSA-2020:4351) Important: chromium-browser security update
2020-10-26 19:49:04
(RHSA-2020:4952) Important: freetype security update
2020-11-05 08:26:43
(RHSA-2020:4907) Important: freetype security update
2020-11-04 09:39:15
freebsd
freebsd
chromium -- multiple vulnerabilities
2020-10-20 00:00:00
freetype2 -- heap buffer overlfow
2020-10-20 00:00:00
threatpost
threatpost
Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser
2020-10-21 12:23:29
Microsoft IE Browser Death March Hastens
2020-10-26 22:26:57
Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
2020-11-10 21:12:21
veracode
veracode
Arbitrary Code Execution
2020-12-21 18:50:39
Use After Free In PDFium
2020-12-21 18:50:40
Arbitrary Code Execution
2020-12-21 18:50:33
cve
cve
prion
prion
Design/Logic Flaw
2020-11-03 03:15:00
Design/Logic Flaw
2020-11-03 03:15:00
Design/Logic Flaw
2020-11-03 03:15:00
ubuntucve
ubuntucve
redhatcve
redhatcve
debiancve
debiancve
checkpoint_advisories
checkpoint_advisories
Google Chrome Memory Corruption (CVE-2020-15999)
2020-10-24 00:00:00
gitlab
gitlab
Out-of-bounds Write
2020-10-27 00:00:00
Out-of-bounds Write
2020-10-27 00:00:00
Out-of-bounds Write
2020-10-27 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Google Chrome
2020-10-28 16:16:25
Exploit for Out-of-bounds Write in Google Chrome
2020-12-30 19:58:33
Exploit for Out-of-bounds Write in Google Chrome
2020-12-30 18:02:23
osv
osv
freetype - security update
2020-10-25 00:00:00
Android Impact
2021-01-01 00:00:00
Important: freetype security update
2020-11-05 08:26:43
centos
centos
freetype security update
2020-11-06 21:57:09
amazon
amazon
Important: freetype
2020-12-08 20:55:00
github
github
Heap buffer overflow in CefSharp
2020-10-27 19:47:38
f5
f5
K000133070 : Freetype vulnerability CVE-2020-15999
2023-03-20 00:00:00
debian
debian
[SECURITY] [DSA 4777-1] freetype security update
2020-10-21 19:00:07
[SECURITY] [DSA 4777-1] freetype security update
2020-10-21 19:00:07
[SECURITY] [DLA 2415-1] freetype security update
2020-10-25 21:59:56
fedora
fedora
[SECURITY] Fedora 32 Update: freetype-2.10.4-1.fc32
2020-10-25 01:21:04
[SECURITY] Fedora 31 Update: freetype-2.10.0-4.fc31
2020-11-07 01:28:39
[SECURITY] Fedora 33 Update: freetype-2.10.4-1.fc33
2020-10-25 01:01:39
gentoo
gentoo
Opera: Multiple Vulnerabilities
2024-01-15 00:00:00
FreeType: Arbitrary code execution
2020-10-23 00:00:00
Chromium, Google Chrome: Multiple vulnerabilities
2020-11-11 00:00:00
slackware
slackware
[slackware-security] freetype
2020-10-20 22:26:01
ubuntu
ubuntu
FreeType vulnerability
2020-10-20 00:00:00
FreeType vulnerability
2020-10-22 00:00:00
oraclelinux
oraclelinux
freetype security update
2020-11-06 00:00:00
freetype security update
2020-11-13 00:00:00
thn
thn
New Chrome 0-day Under Active Attacks – Update Your Browser Now
2020-10-21 16:26:00
WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild
2020-11-02 09:43:00
New Chrome Zero-Day Under Active Attacks – Update Your Browser
2020-11-03 09:33:00
cbl_mariner
cbl_mariner
CVE-2020-15999 affecting package freetype 2.9.1-5
2022-04-09 06:51:42
CVE-2020-15999 affecting package freetype 2.9.1-4
2022-03-19 16:40:53
cloudfoundry
cloudfoundry
USN-4593-1: FreeType vulnerability | Cloud Foundry
2020-11-19 00:00:00
malwarebytes
malwarebytes
Google patches actively exploited zero-day bug that affects Chrome users
2020-10-26 10:58:14
Update your Chrome again as Google patches second zero-day in two weeks
2020-11-03 18:30:00
archlinux
archlinux
[ASA-202010-11] lib32-freetype2: arbitrary code execution
2020-10-20 00:00:00
[ASA-202010-10] freetype2: arbitrary code execution
2020-10-20 00:00:00
almalinux
almalinux
Important: freetype security update
2020-11-05 08:26:43
alpinelinux
alpinelinux
CVE-2020-15999
2020-11-03 03:15:00
qualysblog
qualysblog
Vulnerability Detection Pipeline (Beta)
2020-09-16 17:43:34
mageia
mageia
Updated freetype2 packages fix security vulnerability
2020-10-20 19:22:12
rocky
rocky
freetype security update
2020-11-05 08:26:43
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0442
2022-02-16 00:00:00
Critical Photon OS Security Update - PHSA-2022-0364
2022-02-22 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0156
2022-02-25 00:00:00
attackerkb
attackerkb
CVE-2020-15999 Chrome Freetype 0day
2020-11-03 00:00:00
CVE-2020-17087 Windows Kernel local privilege escalation 0day
2020-11-11 00:00:00
ibm
ibm
Security Bulletin: IBM Analyst's Notebook Premium uses a component with known vulnerabilities (CVE-2020-16013, CVE-2020-16009, CVE-2020-15999)
2021-07-23 15:10:10
cisa_kev
cisa_kev
Google Chrome FreeType Heap Buffer Overflow Vulnerability
2021-11-03 00:00:00
krebs
krebs
Patch Tuesday, November 2020 Edition
2020-11-11 01:56:41
ics
ics
Rockwell Automation Connected Components Workbench
2023-09-21 12:00:00
googleprojectzero
googleprojectzero
In-the-Wild Series: October 2020 0-day discovery
2021-03-18 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for OPENSUSE-SU-2020:1731-1