Описание
Security update for chromium
This update for Chromium to version 72.0.3626.96 fixes the following issues:
Security issues fixed (bsc#1123641 and bsc#1124936):
- CVE-2019-5784: Inappropriate implementation in V8
- CVE-2019-5754: Inappropriate implementation in QUIC Networking.
- CVE-2019-5782: Inappropriate implementation in V8.
- CVE-2019-5755: Inappropriate implementation in V8.
- CVE-2019-5756: Use after free in PDFium.
- CVE-2019-5757: Type Confusion in SVG.
- CVE-2019-5758: Use after free in Blink.
- CVE-2019-5759: Use after free in HTML select elements.
- CVE-2019-5760: Use after free in WebRTC.
- CVE-2019-5761: Use after free in SwiftShader.
- CVE-2019-5762: Use after free in PDFium.
- CVE-2019-5763: Insufficient validation of untrusted input in V8.
- CVE-2019-5764: Use after free in WebRTC.
- CVE-2019-5765: Insufficient policy enforcement in the browser.
- CVE-2019-5766: Insufficient policy enforcement in Canvas.
- CVE-2019-5767: Incorrect security UI in WebAPKs.
- CVE-2019-5768: Insufficient policy enforcement in DevTools.
- CVE-2019-5769: Insufficient validation of untrusted input in Blink.
- CVE-2019-5770: Heap buffer overflow in WebGL.
- CVE-2019-5771: Heap buffer overflow in SwiftShader.
- CVE-2019-5772: Use after free in PDFium.
- CVE-2019-5773: Insufficient data validation in IndexedDB.
- CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing.
- CVE-2019-5775: Insufficient policy enforcement in Omnibox.
- CVE-2019-5776: Insufficient policy enforcement in Omnibox.
- CVE-2019-5777: Insufficient policy enforcement in Omnibox.
- CVE-2019-5778: Insufficient policy enforcement in Extensions.
- CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
- CVE-2019-5780: Insufficient policy enforcement.
- CVE-2019-5781: Insufficient policy enforcement in Omnibox.
For a full list of changes refer to https://chromereleases.googleblog.com/2019/02/stable-channel-update-for-desktop.html
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2019:0205-1
- SUSE Security Ratings
Описание
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.
Затронутые продукты
Ссылки
- CVE-2019-5754
- SUSE Bug 1123641
Описание
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5755
- SUSE Bug 1123641
Описание
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2019-5756
- SUSE Bug 1123641
Описание
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5757
- SUSE Bug 1123641
Описание
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5758
- SUSE Bug 1123641
Описание
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5759
- SUSE Bug 1123641
Описание
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5760
- SUSE Bug 1123641
Описание
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5761
- SUSE Bug 1123641
Описание
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2019-5762
- SUSE Bug 1123641
Описание
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5763
- SUSE Bug 1123641
Описание
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5764
- SUSE Bug 1123641
Описание
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.
Затронутые продукты
Ссылки
- CVE-2019-5765
- SUSE Bug 1123641
Описание
Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5766
- SUSE Bug 1123641
Описание
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
Затронутые продукты
Ссылки
- CVE-2019-5767
- SUSE Bug 1123641
Описание
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2019-5768
- SUSE Bug 1123641
Описание
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5769
- SUSE Bug 1123641
Описание
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5770
- SUSE Bug 1123641
Описание
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5771
- SUSE Bug 1123641
Описание
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2019-5772
- SUSE Bug 1123641
Описание
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5773
- SUSE Bug 1123641
Описание
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.
Затронутые продукты
Ссылки
- CVE-2019-5774
- SUSE Bug 1123641
Описание
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2019-5775
- SUSE Bug 1123641
Описание
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2019-5776
- SUSE Bug 1123641
Описание
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2019-5777
- SUSE Bug 1123641
Описание
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2019-5778
- SUSE Bug 1123641
Описание
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5779
- SUSE Bug 1123641
Описание
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
Затронутые продукты
Ссылки
- CVE-2019-5780
- SUSE Bug 1123641
Описание
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2019-5781
- SUSE Bug 1123641
Описание
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5782
- SUSE Bug 1123641
Описание
Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2019-5784
- SUSE Bug 1124936