openSUSE-SU-2020:0093-1

Опубликовано: 22 янв. 2020

Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Update to version 79.0.3945.130 (boo#1161252):

CVE-2020-6378, CVE-2020-6379: Fixed a use-after-free in speech recognizer
CVE-2020-6380: Fixed an extension message verification error
Various fixes from audits, fuzzing and other initiatives

Список пакетов

SUSE Package Hub 12 SP3

chromedriver-79.0.3945.130-bp151.3.56.3

chromium-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1

chromedriver-79.0.3945.130-bp151.3.56.3

chromium-79.0.3945.130-bp151.3.56.3

openSUSE Leap 15.1

chromedriver-79.0.3945.130-bp151.3.56.3

chromium-79.0.3945.130-bp151.3.56.3

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7P463JI3EMQMYRADFFAJVMHZTRSK6UDY/
E-Mail link for openSUSE-SU-2020:0093-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1161252
SUSE Bug 1161252
https://www.suse.com/security/cve/CVE-2020-6378/
SUSE CVE CVE-2020-6378 page
https://www.suse.com/security/cve/CVE-2020-6379/
SUSE CVE CVE-2020-6379 page
https://www.suse.com/security/cve/CVE-2020-6380/
SUSE CVE CVE-2020-6380 page

Описание

Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Затронутые продукты

SUSE Package Hub 12 SP3:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 12 SP3:chromium-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromium-79.0.3945.130-bp151.3.56.3

Ссылки

https://www.suse.com/security/cve/CVE-2020-6378.html
CVE-2020-6378
https://bugzilla.suse.com/1161252
SUSE Bug 1161252

Описание

Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Затронутые продукты

SUSE Package Hub 12 SP3:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 12 SP3:chromium-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromium-79.0.3945.130-bp151.3.56.3

Ссылки

https://www.suse.com/security/cve/CVE-2020-6379.html
CVE-2020-6379
https://bugzilla.suse.com/1161252
SUSE Bug 1161252

Описание

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.

Затронутые продукты

SUSE Package Hub 12 SP3:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 12 SP3:chromium-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromedriver-79.0.3945.130-bp151.3.56.3

SUSE Package Hub 15 SP1:chromium-79.0.3945.130-bp151.3.56.3

Ссылки

https://www.suse.com/security/cve/CVE-2020-6380.html
CVE-2020-6380
https://bugzilla.suse.com/1161252
SUSE Bug 1161252

openSUSE-SU-2020:0093-1

Описание

Список пакетов

SUSE Package Hub 12 SP3

SUSE Package Hub 15 SP1

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2020-6378

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-6379

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-6380

Описание

Затронутые продукты

Ссылки