Oval Definition:
oval:org.opensuse.security:def:110056
Revision Date
:
2019-11-01
Version
:
1
Title
:
Security update for chromium, re2 (Important)
Description
:
This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
CVE-2019-13699: Use-after-free in media * CVE-2019-13700: Buffer overrun in Blink * CVE-2019-13701: URL spoof in navigation * CVE-2019-13702: Privilege elevation in Installer * CVE-2019-13703: URL bar spoofing * CVE-2019-13704: CSP bypass * CVE-2019-13705: Extension permission bypass * CVE-2019-13706: Out-of-bounds read in PDFium * CVE-2019-13707: File storage disclosure * CVE-2019-13708: HTTP authentication spoof * CVE-2019-13709: File download protection bypass * CVE-2019-13710: File download protection bypass * CVE-2019-13711: Cross-context information leak * CVE-2019-15903: Buffer overflow in expat * CVE-2019-13713: Cross-origin data leak * CVE-2019-13714: CSS injection * CVE-2019-13715: Address bar spoofing * CVE-2019-13716: Service worker state error * CVE-2019-13717: Notification obscured * CVE-2019-13718: IDN spoof * CVE-2019-13719: Notification obscured * Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1154806
CVE-2019-13699
CVE-2019-13700
CVE-2019-13701
CVE-2019-13702
CVE-2019-13703
CVE-2019-13704
CVE-2019-13705
CVE-2019-13706
CVE-2019-13707
CVE-2019-13708
CVE-2019-13709
CVE-2019-13710
CVE-2019-13711
CVE-2019-13713
CVE-2019-13714
CVE-2019-13715
CVE-2019-13716
CVE-2019-13717
CVE-2019-13718
CVE-2019-13719
CVE-2019-15903
openSUSE-SU-2019:2420-1
Platform(s)
:
openSUSE Leap 15.1
Product(s)
:
Definition Synopsis
openSUSE Leap 15.1 is installed
AND
Package Information
chromedriver-78.0.3904.70-lp151.2.39.1 is installed
OR
chromium-78.0.3904.70-lp151.2.39.1 is installed
OR
libre2-0-20190901-lp151.10.3.1 is installed
OR
libre2-0-32bit-20190901-lp151.10.3.1 is installed
OR
re2-devel-20190901-lp151.10.3.1 is installed
BACK