Описание
Security update for Chromium
This update for Chromium to version 66.0.3359.170 fixes the following issues:
Security issues fixed (boo#1092923):
- CVE-2018-6121: Privilege Escalation in extensions
- CVE-2018-6122: Type confusion in V8
- CVE-2018-6120: Heap buffer overflow in PDFium
- Various fixes from internal audits, fuzzing and other initiatives
The following bugs are fixed:
- boo#1092272: Improved support for subpixel rending
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2018:1275-1
- SUSE Security Ratings
Описание
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2018-6120
- SUSE Bug 1092923
Описание
Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-6121
- SUSE Bug 1092923
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-6122
- SUSE Bug 1092923