Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium was updated to version 80.0.3987.87 (boo#1162833).
Security issues fixed:
- CVE-2020-6381: Integer overflow in JavaScript (boo#1162833).
- CVE-2020-6382: Type Confusion in JavaScript (boo#1162833).
- CVE-2019-18197: Multiple vulnerabilities in XML (boo#1162833).
- CVE-2019-19926: Inappropriate implementation in SQLite (boo#1162833).
- CVE-2020-6385: Insufficient policy enforcement in storage (boo#1162833).
- CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite (boo#1162833).
- CVE-2020-6387: Out of bounds write in WebRTC (boo#1162833).
- CVE-2020-6388: Out of bounds memory access in WebAudio (boo#1162833).
- CVE-2020-6389: Out of bounds write in WebRTC (boo#1162833).
- CVE-2020-6390: Out of bounds memory access in streams (boo#1162833).
- CVE-2020-6391: Insufficient validation of untrusted input in Blink (boo#1162833).
- CVE-2020-6392: Insufficient policy enforcement in extensions (boo#1162833).
- CVE-2020-6393: Insufficient policy enforcement in Blink (boo#1162833).
- CVE-2020-6394: Insufficient policy enforcement in Blink (boo#1162833).
- CVE-2020-6395: Out of bounds read in JavaScript (boo#1162833).
- CVE-2020-6396: Inappropriate implementation in Skia (boo#1162833).
- CVE-2020-6397: Incorrect security UI in sharing (boo#1162833).
- CVE-2020-6398: Uninitialized use in PDFium (boo#1162833).
- CVE-2020-6399: Insufficient policy enforcement in AppCache (boo#1162833).
- CVE-2020-6400: Inappropriate implementation in CORS (boo#1162833).
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox (boo#1162833).
- CVE-2020-6402: Insufficient policy enforcement in downloads (boo#1162833).
- CVE-2020-6403: Incorrect security UI in Omnibox (boo#1162833).
- CVE-2020-6404: Inappropriate implementation in Blink (boo#1162833).
- CVE-2020-6405: Out of bounds read in SQLite (boo#1162833).
- CVE-2020-6406: Use after free in audio (boo#1162833).
- CVE-2019-19923: Out of bounds memory access in SQLite (boo#1162833).
- CVE-2020-6408: Insufficient policy enforcement in CORS (boo#1162833).
- CVE-2020-6409: Inappropriate implementation in Omnibox (boo#1162833).
- CVE-2020-6410: Insufficient policy enforcement in navigation (boo#1162833).
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox (boo#1162833).
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox (boo#1162833).
- CVE-2020-6413: Inappropriate implementation in Blink (boo#1162833).
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing (boo#1162833).
- CVE-2020-6415: Inappropriate implementation in JavaScript (boo#1162833).
- CVE-2020-6416: Insufficient data validation in streams (boo#1162833).
- CVE-2020-6417: Inappropriate implementation in installer (boo#1162833).
Список пакетов
openSUSE Leap 15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0189-1
- SUSE Security Ratings
- SUSE Bug 1162833
- SUSE CVE CVE-2019-18197 page
- SUSE CVE CVE-2019-19880 page
- SUSE CVE CVE-2019-19923 page
- SUSE CVE CVE-2019-19925 page
- SUSE CVE CVE-2019-19926 page
- SUSE CVE CVE-2020-6381 page
- SUSE CVE CVE-2020-6382 page
- SUSE CVE CVE-2020-6385 page
- SUSE CVE CVE-2020-6387 page
- SUSE CVE CVE-2020-6388 page
- SUSE CVE CVE-2020-6389 page
- SUSE CVE CVE-2020-6390 page
- SUSE CVE CVE-2020-6391 page
- SUSE CVE CVE-2020-6392 page
- SUSE CVE CVE-2020-6393 page
- SUSE CVE CVE-2020-6394 page
- SUSE CVE CVE-2020-6395 page
Описание
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
Затронутые продукты
Ссылки
- CVE-2019-18197
- SUSE Bug 1154609
- SUSE Bug 1157028
- SUSE Bug 1162833
- SUSE Bug 1169511
- SUSE Bug 1190108
Описание
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
Затронутые продукты
Ссылки
- CVE-2019-19880
- SUSE Bug 1159491
- SUSE Bug 1159715
- SUSE Bug 1162833
Описание
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Затронутые продукты
Ссылки
- CVE-2019-19923
- SUSE Bug 1160309
- SUSE Bug 1162833
Описание
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
Затронутые продукты
Ссылки
- CVE-2019-19925
- SUSE Bug 1159847
- SUSE Bug 1162833
Описание
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
Затронутые продукты
Ссылки
- CVE-2019-19926
- SUSE Bug 1159491
- SUSE Bug 1159715
- SUSE Bug 1162833
Описание
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6381
- SUSE Bug 1162833
Описание
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6382
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6385
- SUSE Bug 1162833
Описание
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
Затронутые продукты
Ссылки
- CVE-2020-6387
- SUSE Bug 1162833
Описание
Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6388
- SUSE Bug 1162833
Описание
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
Затронутые продукты
Ссылки
- CVE-2020-6389
- SUSE Bug 1162833
Описание
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6390
- SUSE Bug 1162833
Описание
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6391
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2020-6392
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6393
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6394
- SUSE Bug 1162833
Описание
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6395
- SUSE Bug 1162833
Описание
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6396
- SUSE Bug 1162833
Описание
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6397
- SUSE Bug 1162833
Описание
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2020-6398
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6399
- SUSE Bug 1162833
Описание
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6400
- SUSE Bug 1162833
Описание
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2020-6401
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2020-6402
- SUSE Bug 1162833
Описание
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6403
- SUSE Bug 1162833
Описание
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6404
- SUSE Bug 1162833
Описание
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6405
- SUSE Bug 1162833
Описание
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6406
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6408
- SUSE Bug 1162833
Описание
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2020-6409
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2020-6410
- SUSE Bug 1162833
Описание
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2020-6411
- SUSE Bug 1162833
Описание
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2020-6412
- SUSE Bug 1162833
Описание
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6413
- SUSE Bug 1162833
Описание
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6414
- SUSE Bug 1162833
Описание
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6415
- SUSE Bug 1162833
Описание
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6416
- SUSE Bug 1162833
Описание
Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.
Затронутые продукты
Ссылки
- CVE-2020-6417
- SUSE Bug 1162833