Описание
Security update for chromium
This update for chromium fixes the following issues:
Update to version 83.0.4103.106 (boo#1173029):
- CVE-2020-6505: Use after free in speech
- CVE-2020-6506: Insufficient policy enforcement in WebView
- CVE-2020-6507: Out of bounds write in V8
- Enforce to not use system borders bsc#1173063
Список пакетов
openSUSE Leap 15.1
chromedriver-83.0.4103.106-lp151.2.101.1
chromium-83.0.4103.106-lp151.2.101.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0845-1
- SUSE Security Ratings
- SUSE Bug 1173029
- SUSE Bug 1173063
- SUSE CVE CVE-2020-6505 page
- SUSE CVE CVE-2020-6506 page
- SUSE CVE CVE-2020-6507 page
Описание
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-83.0.4103.106-lp151.2.101.1
openSUSE Leap 15.1:chromium-83.0.4103.106-lp151.2.101.1
Ссылки
- CVE-2020-6505
- SUSE Bug 1173029
Описание
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-83.0.4103.106-lp151.2.101.1
openSUSE Leap 15.1:chromium-83.0.4103.106-lp151.2.101.1
Ссылки
- CVE-2020-6506
- SUSE Bug 1173029
Описание
Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
openSUSE Leap 15.1:chromedriver-83.0.4103.106-lp151.2.101.1
openSUSE Leap 15.1:chromium-83.0.4103.106-lp151.2.101.1
Ссылки
- CVE-2020-6507
- SUSE Bug 1173029