An update that fixes 9 vulnerabilities is now available.
Chromium was updated to 48.0.2564.82 to fix security issues and bugs.
The following vulnerabilities were fixed:
- CVE-2016-1612: Bad cast in V8 (boo#963184) - CVE-2016-1613: Use-after-free in PDFium (boo#963185) - CVE-2016-1614: Information leak in Blink (boo#963186) - CVE-2016-1615: Origin confusion in Omnibox (boo#963187) - CVE-2016-1616: URL Spoofing (boo#963188) - CVE-2016-1617: History sniffing with HSTS and CSP (boo#963189) - CVE-2016-1618: Weak random number generator in Blink (boo#963190) - CVE-2016-1619: Out-of-bounds read in PDFium (boo#963191) - CVE-2016-1620 chromium-browser: various fixes (boo#963192)
This update also enables SSE2 support on x86_64, VA-API hardware acceleration and fixes a crash when trying to enable the Chromecast extension.
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch 2016-109=1
To bring your system up-to-date, use "zypper patch".