Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
openSUSE Update for chromium openSUSE-SU-2019:1666-1 (chromium)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2019:1666_1 advisory.
Insight
Insight
This update for chromium fixes the following issues: Chromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287): * CVE-2019-5842: Use-after-free in Blink. Also updated to 75.0.3770.80 boo#1137332: * CVE-2019-5828: Use after free in ServiceWorker * CVE-2019-5829: Use after free in Download Manager * CVE-2019-5830: Incorrectly credentialed requests in CORS * CVE-2019-5831: Incorrect map processing in V8 * CVE-2019-5832: Incorrect CORS handling in XHR * CVE-2019-5833: Inconsistent security UI placemen * CVE-2019-5835: Out of bounds read in Swiftshader * CVE-2019-5836: Heap buffer overflow in Angle * CVE-2019-5837: Cross-origin resources size disclosure in Appcache * CVE-2019-5838: Overly permissive tab access in Extensions * CVE-2019-5839: Incorrect handling of certain code points in Blink * CVE-2019-5840: Popup blocker bypass * Various fixes from internal audits, fuzzing and other initiatives * CVE-2019-5834: URL spoof in Omnibox on iOS Update to 74.0.3729.169: * Feature fixes update only Update to 74.0.3729.157: * Various security fixes from internal audits, fuzzing and other initiatives Includes security fixes from 74.0.3729.131 (boo#1134218): * CVE-2019-5827: Out-of-bounds access in SQLite * CVE-2019-5824: Parameter passing error in media player Update to 74.0.3729.108 boo#1133313: * CVE-2019-5805: Use after free in PDFium * CVE-2019-5806: Integer overflow in Angle * CVE-2019-5807: Memory corruption in V8 * CVE-2019-5808: Use after free in Blink * CVE-2019-5809: Use after free in Blink * CVE-2019-5810: User information disclosure in Autofill * CVE-2019-5811: CORS bypass in Blink * CVE-2019-5813: Out of bounds read in V8 * CVE-2019-5814: CORS bypass in Blink * CVE-2019-5815: Heap buffer overflow in Blink * CVE-2019-5818: Uninitialized value in media reader * CVE-2019-5819: Incorrect escaping in developer tools * CVE-2019-5820: Integer overflow in PDFium * CVE-2019-5821: Integer overflow in PDFium * CVE-2019-5822: CORS bypass in download manager * CVE-2019-5823: Forced navigation from service worker * CVE-2019-5812: URL spoof in Omnibox on iOS * CVE-2019-5816: Exploit persistence extension on Android * CVE-2019-5817: Heap buffer overflow in Angle on Windows Update to 73.0.3686.103: * Various feature fixes Update to 73.0.3683.86: * Just feature fixes around - Update conditions to use system harfbuzz on TW+ - Require java during build - Enable using pipewire when available - Rebase chromium-vaapi.patch to match up the Fedora one Update to 73 ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'chromium' package(s) on openSUSE Leap 42.3, openSUSE Leap 15.0.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).
Common Vulnerabilities and Exposures (CVE)
- CVE-2019-5787
- CVE-2019-5788
- CVE-2019-5789
- CVE-2019-5790
- CVE-2019-5791
- CVE-2019-5792
- CVE-2019-5793
- CVE-2019-5794
- CVE-2019-5795
- CVE-2019-5796
- CVE-2019-5797
- CVE-2019-5798
- CVE-2019-5799
- CVE-2019-5800
- CVE-2019-5801
- CVE-2019-5802
- CVE-2019-5803
- CVE-2019-5804
- CVE-2019-5805
- CVE-2019-5806
- CVE-2019-5807
- CVE-2019-5808
- CVE-2019-5809
- CVE-2019-5810
- CVE-2019-5811
- CVE-2019-5812
- CVE-2019-5813
- CVE-2019-5814
- CVE-2019-5815
- CVE-2019-5816
- CVE-2019-5817
- CVE-2019-5818
- CVE-2019-5819
- CVE-2019-5820
- CVE-2019-5821
- CVE-2019-5822
- CVE-2019-5823
- CVE-2019-5824
- CVE-2019-5827
- CVE-2019-5828
- CVE-2019-5829
- CVE-2019-5830
- CVE-2019-5831
- CVE-2019-5832
- CVE-2019-5833
- CVE-2019-5834
- CVE-2019-5835
- CVE-2019-5836
- CVE-2019-5837
- CVE-2019-5838
- CVE-2019-5839
- CVE-2019-5840
- CVE-2019-5842