Описание
Security update for chromium
This update for chromium fixes the following issues:
Update to 81.0.4044.138 (boo#1171247):
- CVE-2020-6831: Stack buffer overflow in SCTP
- CVE-2020-6464: Type Confusion in Blink
Список пакетов
openSUSE Leap 15.1
chromedriver-81.0.4044.138-lp151.2.88.1
chromium-81.0.4044.138-lp151.2.88.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0620-1
- SUSE Security Ratings
- SUSE Bug 1171247
- SUSE CVE CVE-2020-6464 page
- SUSE CVE CVE-2020-6831 page
Описание
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-81.0.4044.138-lp151.2.88.1
openSUSE Leap 15.1:chromium-81.0.4044.138-lp151.2.88.1
Ссылки
- CVE-2020-6464
- SUSE Bug 1171247
Описание
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-81.0.4044.138-lp151.2.88.1
openSUSE Leap 15.1:chromium-81.0.4044.138-lp151.2.88.1
Ссылки
- CVE-2020-6831
- SUSE Bug 1171186
- SUSE Bug 1171247