Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2023:0249-1

Опубликовано: 19 сент. 2023
Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Update to verion 117.0.5938.88 (boo#1215279):

  • CVE-2023-4900: Inappropriate implementation in Custom Tabs
  • CVE-2023-4901: Inappropriate implementation in Prompts
  • CVE-2023-4902: Inappropriate implementation in Input
  • CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs
  • CVE-2023-4904: Insufficient policy enforcement in Downloads
  • CVE-2023-4905: Inappropriate implementation in Prompts
  • CVE-2023-4906: Insufficient policy enforcement in Autofill
  • CVE-2023-4907: Inappropriate implementation in Intents
  • CVE-2023-4908: Inappropriate implementation in Picture in Picture
  • CVE-2023-4909: Inappropriate implementation in Interstitials

Список пакетов

SUSE Package Hub 15 SP4
chromedriver-117.0.5938.88-bp155.2.37.1
chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5
chromedriver-117.0.5938.88-bp155.2.37.1
chromium-117.0.5938.88-bp155.2.37.1
openSUSE Leap 15.4
chromedriver-117.0.5938.88-bp155.2.37.1
chromium-117.0.5938.88-bp155.2.37.1
openSUSE Leap 15.5
chromedriver-117.0.5938.88-bp155.2.37.1
chromium-117.0.5938.88-bp155.2.37.1

Ссылки

Описание

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки

Описание

Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP4:chromium-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromedriver-117.0.5938.88-bp155.2.37.1
SUSE Package Hub 15 SP5:chromium-117.0.5938.88-bp155.2.37.1
Ссылки
Уязвимость openSUSE-SU-2023:0249-1