openSUSE-SU-2018:1484-1

Описание

This update for chromium to version 66.0.3359.181 fixes the following issues:

The following security issues were fixed (boo#1095163):

• CVE-2018-6123: Use after free in Blink.
• CVE-2018-6124: Type confusion in Blink.
• CVE-2018-6125: Overly permissive policy in WebUSB.
• CVE-2018-6126: Heap buffer overflow in Skia.
• CVE-2018-6127: Use after free in indexedDB.
• CVE-2018-6128: uXSS in Chrome on iOS.
• CVE-2018-6129: Out of bounds memory access in WebRTC.
• CVE-2018-6130: Out of bounds memory access in WebRTC.
• CVE-2018-6131: Incorrect mutability protection in WebAssembly.
• CVE-2018-6132: Use of uninitialized memory in WebRTC.
• CVE-2018-6133: URL spoof in Omnibox.
• CVE-2018-6134: Referrer Policy bypass in Blink.
• CVE-2018-6135: UI spoofing in Blink.
• CVE-2018-6136: Out of bounds memory access in V8.
• CVE-2018-6137: Leak of visited status of page in Blink.
• CVE-2018-6138: Overly permissive policy in Extensions.
• CVE-2018-6139: Restrictions bypass in the debugger extension API.
• CVE-2018-6140: Restrictions bypass in the debugger extension API.
• CVE-2018-6141: Heap buffer overflow in Skia.
• CVE-2018-6142: Out of bounds memory access in V8.
• CVE-2018-6143: Out of bounds memory access in V8.
• CVE-2018-6144: Out of bounds memory access in PDFium.
• CVE-2018-6145: Incorrect escaping of MathML in Blink.
• CVE-2018-6147: Password fields not taking advantage of OS protections in Views.

Additional changes:

• Autoplay: Force enable on desktop for Web Audio

This update enables the "Strict site isolation" feature for a larger percentage of users. This feature is a mitigation against the Spectre vulnerabilities. It can be turned on via: chrome://flags/#enable-site-per-process It can be disabled via: chrome://flags/#site-isolation-trial-opt-out