Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Chromium
ID: openSUSE-SU-2015:0505-1
Distribution: SUSE
Plattformen: SUSE openSUSE 13.1, SUSE openSUSE 13.2
Datum: Mo, 16. März 2015, 18:57
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1229
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1230
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1231

Originalnachricht

   openSUSE Security Update: Security update to Chromium 41.0.2272.76
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0505-1
Rating: important
References: #920825
Cross-References: CVE-2015-1212 CVE-2015-1213 CVE-2015-1214
CVE-2015-1215 CVE-2015-1216 CVE-2015-1217
CVE-2015-1218 CVE-2015-1219 CVE-2015-1220
CVE-2015-1221 CVE-2015-1222 CVE-2015-1223
CVE-2015-1224 CVE-2015-1225 CVE-2015-1226
CVE-2015-1227 CVE-2015-1228 CVE-2015-1229
CVE-2015-1230 CVE-2015-1231
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________

An update that fixes 20 vulnerabilities is now available.

Description:

Chromium was updated to 41.0.2272.76 (bnc#920825)

Security fixes:
* CVE-2015-1212: Out-of-bounds write in media
* CVE-2015-1213: Out-of-bounds write in skia filters
* CVE-2015-1214: Out-of-bounds write in skia filters
* CVE-2015-1215: Out-of-bounds write in skia filters
* CVE-2015-1216: Use-after-free in v8 bindings
* CVE-2015-1217: Type confusion in v8 bindings
* CVE-2015-1218: Use-after-free in dom
* CVE-2015-1219: Integer overflow in webgl
* CVE-2015-1220: Use-after-free in gif decoder
* CVE-2015-1221: Use-after-free in web databases
* CVE-2015-1222: Use-after-free in service workers
* CVE-2015-1223: Use-after-free in dom
* CVE-2015-1230: Type confusion in v8
* CVE-2015-1224: Out-of-bounds read in vpxdecoder
* CVE-2015-1225: Out-of-bounds read in pdfium
* CVE-2015-1226: Validation issue in debugger
* CVE-2015-1227: Uninitialized value in blink
* CVE-2015-1228: Uninitialized value in rendering
* CVE-2015-1229: Cookie injection via proxies
* CVE-2015-1231: Various fixes from internal audits
* Multiple vulnerabilities in V8 fixed at the tip of the 4.1 branch


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-228=1

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-228=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (i586 x86_64):

chromedriver-41.0.2272.76-17.1
chromedriver-debuginfo-41.0.2272.76-17.1
chromium-41.0.2272.76-17.1
chromium-debuginfo-41.0.2272.76-17.1
chromium-debugsource-41.0.2272.76-17.1
chromium-desktop-gnome-41.0.2272.76-17.1
chromium-desktop-kde-41.0.2272.76-17.1
chromium-ffmpegsumo-41.0.2272.76-17.1
chromium-ffmpegsumo-debuginfo-41.0.2272.76-17.1

- openSUSE 13.1 (i586 x86_64):

chromedriver-41.0.2272.76-72.1
chromedriver-debuginfo-41.0.2272.76-72.1
chromium-41.0.2272.76-72.1
chromium-debuginfo-41.0.2272.76-72.1
chromium-debugsource-41.0.2272.76-72.1
chromium-desktop-gnome-41.0.2272.76-72.1
chromium-desktop-kde-41.0.2272.76-72.1
chromium-ffmpegsumo-41.0.2272.76-72.1
chromium-ffmpegsumo-debuginfo-41.0.2272.76-72.1


References:

http://support.novell.com/security/cve/CVE-2015-1212.html
http://support.novell.com/security/cve/CVE-2015-1213.html
http://support.novell.com/security/cve/CVE-2015-1214.html
http://support.novell.com/security/cve/CVE-2015-1215.html
http://support.novell.com/security/cve/CVE-2015-1216.html
http://support.novell.com/security/cve/CVE-2015-1217.html
http://support.novell.com/security/cve/CVE-2015-1218.html
http://support.novell.com/security/cve/CVE-2015-1219.html
http://support.novell.com/security/cve/CVE-2015-1220.html
http://support.novell.com/security/cve/CVE-2015-1221.html
http://support.novell.com/security/cve/CVE-2015-1222.html
http://support.novell.com/security/cve/CVE-2015-1223.html
http://support.novell.com/security/cve/CVE-2015-1224.html
http://support.novell.com/security/cve/CVE-2015-1225.html
http://support.novell.com/security/cve/CVE-2015-1226.html
http://support.novell.com/security/cve/CVE-2015-1227.html
http://support.novell.com/security/cve/CVE-2015-1228.html
http://support.novell.com/security/cve/CVE-2015-1229.html
http://support.novell.com/security/cve/CVE-2015-1230.html
http://support.novell.com/security/cve/CVE-2015-1231.html
https://bugzilla.suse.com/920825

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung