Описание
Security update for chromium
This update for chromium version 79.0.3945.117 fixes the following issues:
- CVE-2020-6377: Fixed a use-after-free in audio
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
openSUSE Leap 15.1
chromedriver-79.0.3945.117-lp151.2.57.2
chromium-79.0.3945.117-lp151.2.57.2
libre2-0-20200101-lp151.10.6.1
libre2-0-32bit-20200101-lp151.10.6.1
re2-devel-20200101-lp151.10.6.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0006-1
- SUSE Security Ratings
- SUSE Bug 1160337
- SUSE CVE CVE-2019-5844 page
- SUSE CVE CVE-2019-5845 page
- SUSE CVE CVE-2019-5846 page
- SUSE CVE CVE-2020-6377 page
Описание
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:chromium-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:libre2-0-20200101-lp151.10.6.1
openSUSE Leap 15.1:libre2-0-32bit-20200101-lp151.10.6.1
Ссылки
- CVE-2019-5844
- SUSE Bug 1129059
Описание
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:chromium-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:libre2-0-20200101-lp151.10.6.1
openSUSE Leap 15.1:libre2-0-32bit-20200101-lp151.10.6.1
Ссылки
- CVE-2019-5845
- SUSE Bug 1129059
Описание
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:chromium-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:libre2-0-20200101-lp151.10.6.1
openSUSE Leap 15.1:libre2-0-32bit-20200101-lp151.10.6.1
Ссылки
- CVE-2019-5846
- SUSE Bug 1129059
Описание
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:chromium-79.0.3945.117-lp151.2.57.2
openSUSE Leap 15.1:libre2-0-20200101-lp151.10.6.1
openSUSE Leap 15.1:libre2-0-32bit-20200101-lp151.10.6.1
Ссылки
- CVE-2020-6377
- SUSE Bug 1160337