SUSE Package Hub - openSUSE-2017-1352

Update Info

openSUSE-2017-1352

Security update for chromium

Type: security

Severity: important

Issued: 2017-12-08

Description:

This update to Chromium 63.0.3239.84 fixes the following security issues:

- CVE-2017-5124: UXSS with MHTML
- CVE-2017-5125: Heap overflow in Skia
- CVE-2017-5126: Use after free in PDFium 
- CVE-2017-5127: Use after free in PDFium
- CVE-2017-5128: Heap overflow in WebGL
- CVE-2017-5129: Use after free in WebAudio  
- CVE-2017-5132: Incorrect stack manipulation in WebAssembly.
- CVE-2017-5130: Heap overflow in libxml2
- CVE-2017-5131: Out of bounds write in Skia 
- CVE-2017-5133: Out of bounds write in Skia  
- CVE-2017-15386: UI spoofing in Blink
- CVE-2017-15387: Content security bypass
- CVE-2017-15388: Out of bounds read in Skia
- CVE-2017-15389: URL spoofing in OmniBox
- CVE-2017-15390: URL spoofing in OmniBox 
- CVE-2017-15391: Extension limitation bypass in Extensions.
- CVE-2017-15392: Incorrect registry key handling in PlatformIntegration
- CVE-2017-15393: Referrer leak in Devtools
- CVE-2017-15394: URL spoofing in extensions UI
- CVE-2017-15395: Null pointer dereference in ImageCapture
- CVE-2017-15396: Stack overflow in V8
- CVE-2017-15398: Stack buffer overflow in QUIC
- CVE-2017-15399: Use after free in V8
- CVE-2017-15408: Heap buffer overflow in PDFium
- CVE-2017-15409: Out of bounds write in Skia
- CVE-2017-15410: Use after free in PDFium
- CVE-2017-15411: Use after free in PDFium
- CVE-2017-15412: Use after free in libXML
- CVE-2017-15413: Type confusion in WebAssembly
- CVE-2017-15415: Pointer information disclosure in IPC call
- CVE-2017-15416: Out of bounds read in Blink
- CVE-2017-15417: Cross origin information disclosure in Skia
- CVE-2017-15418: Use of uninitialized value in Skia
- CVE-2017-15419: Cross origin leak of redirect URL in Blink
- CVE-2017-15420: URL spoofing in Omnibox
- CVE-2017-15422: Integer overflow in ICU
- CVE-2017-15423: Issue with SPAKE implementation in BoringSSL
- CVE-2017-15424: URL Spoof in Omnibox
- CVE-2017-15425: URL Spoof in Omnibox
- CVE-2017-15426: URL Spoof in Omnibox
- CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox
    
The following tracked bug fixes are included:

- sandbox crash fixes (bsc#1064298)

References

CVE: CVE-2017-5133
CVE: CVE-2017-5132
CVE: CVE-2017-5131
CVE: CVE-2017-5130
CVE: CVE-2017-5129
CVE: CVE-2017-5128
CVE: CVE-2017-5127
CVE: CVE-2017-5126
CVE: CVE-2017-5125
CVE: CVE-2017-5124
CVE: CVE-2017-15427
CVE: CVE-2017-15426
CVE: CVE-2017-15425
CVE: CVE-2017-15424
CVE: CVE-2017-15423
CVE: CVE-2017-15422
CVE: CVE-2017-15420
CVE: CVE-2017-15419
CVE: CVE-2017-15418
CVE: CVE-2017-15417
CVE: CVE-2017-15416
CVE: CVE-2017-15415
CVE: CVE-2017-15413
CVE: CVE-2017-15412
CVE: CVE-2017-15411
CVE: CVE-2017-15410
CVE: CVE-2017-15409
CVE: CVE-2017-15408
CVE: CVE-2017-15399
CVE: CVE-2017-15398
CVE: CVE-2017-15396
CVE: CVE-2017-15395
CVE: CVE-2017-15394
CVE: CVE-2017-15393
CVE: CVE-2017-15392
CVE: CVE-2017-15391
CVE: CVE-2017-15390
CVE: CVE-2017-15389
CVE: CVE-2017-15388
CVE: CVE-2017-15387
CVE: CVE-2017-15386
Bugzilla: 1071691 https://bugzilla.opensuse.org/show_bug.cgi?id=1071691
Bugzilla: 1066851 https://bugzilla.opensuse.org/show_bug.cgi?id=1066851
Bugzilla: 1065405 https://bugzilla.opensuse.org/show_bug.cgi?id=1065405
Bugzilla: 1064298 https://bugzilla.opensuse.org/show_bug.cgi?id=1064298
Bugzilla: 1064066 VUL-0: chromium: tacker bug Oct/2017

Packages

chromium-63.0.3239.84-40.1