openSUSE-SU-2020:1929-1

Опубликовано: 15 нояб. 2020

Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Update to 86.0.4240.198 (boo#1178703)

CVE-2020-16013: Inappropriate implementation in V8
CVE-2020-16017: Use after free in site isolation

Update to 86.0.4240.193 (boo#1178630)

CVE-2020-16016: Inappropriate implementation in base.

Список пакетов

SUSE Package Hub 15 SP1

chromedriver-86.0.4240.198-bp152.2.29.1

chromium-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2

chromedriver-86.0.4240.198-bp152.2.29.1

chromium-86.0.4240.198-bp152.2.29.1

openSUSE Leap 15.1

chromedriver-86.0.4240.198-bp152.2.29.1

chromium-86.0.4240.198-bp152.2.29.1

openSUSE Leap 15.2

chromedriver-86.0.4240.198-bp152.2.29.1

chromium-86.0.4240.198-bp152.2.29.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FGRLB34GVO6HCDVG2KNYFJ6QDDAJAJQL/
E-Mail link for openSUSE-SU-2020:1929-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1178630
SUSE Bug 1178630
https://bugzilla.suse.com/1178703
SUSE Bug 1178703
https://www.suse.com/security/cve/CVE-2020-16013/
SUSE CVE CVE-2020-16013 page
https://www.suse.com/security/cve/CVE-2020-16016/
SUSE CVE CVE-2020-16016 page
https://www.suse.com/security/cve/CVE-2020-16017/
SUSE CVE CVE-2020-16017 page

Описание

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Затронутые продукты

SUSE Package Hub 15 SP1:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP1:chromium-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromium-86.0.4240.198-bp152.2.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-16013.html
CVE-2020-16013
https://bugzilla.suse.com/1178703
SUSE Bug 1178703

Описание

Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Затронутые продукты

SUSE Package Hub 15 SP1:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP1:chromium-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromium-86.0.4240.198-bp152.2.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-16016.html
CVE-2020-16016
https://bugzilla.suse.com/1178630
SUSE Bug 1178630

Описание

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Затронутые продукты

SUSE Package Hub 15 SP1:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP1:chromium-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromedriver-86.0.4240.198-bp152.2.29.1

SUSE Package Hub 15 SP2:chromium-86.0.4240.198-bp152.2.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-16017.html
CVE-2020-16017
https://bugzilla.suse.com/1178703
SUSE Bug 1178703

openSUSE-SU-2020:1929-1

Описание

Список пакетов

SUSE Package Hub 15 SP1

SUSE Package Hub 15 SP2

openSUSE Leap 15.1

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-16013

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-16016

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-16017

Описание

Затронутые продукты

Ссылки