Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1324-1 Final 1 1 2019-05-04T08:19:43Z current 2019-05-04T08:19:43Z 2019-05-04T08:19:43Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for chromium fixes the following issues: Security update to version 74.0.3729.108 (boo#1133313). Security issues fixed: - CVE-2019-5805: Use after free in PDFium - CVE-2019-5806: Integer overflow in Angle - CVE-2019-5807: Memory corruption in V8 - CVE-2019-5808: Use after free in Blink - CVE-2019-5809: Use after free in Blink - CVE-2019-5810: User information disclosure in Autofill - CVE-2019-5811: CORS bypass in Blink - CVE-2019-5813: Out of bounds read in V8 - CVE-2019-5814: CORS bypass in Blink - CVE-2019-5815: Heap buffer overflow in Blink - CVE-2019-5818: Uninitialized value in media reader - CVE-2019-5819: Incorrect escaping in developer tools - CVE-2019-5820: Integer overflow in PDFium - CVE-2019-5821: Integer overflow in PDFium - CVE-2019-5822: CORS bypass in download manager - CVE-2019-5823: Forced navigation from service worker Bug fixes: - Update to 73.0.3686.103: * Various feature fixes - Update to 73.0.3683.86: * Various feature fixes - Update conditions to use system harfbuzz on TW+ - Require java during build - Enable using pipewire when available - Rebase chromium-vaapi.patch to match up the Fedora one The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html E-Mail link for openSUSE-SU-2019:1324-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 chromedriver-74.0.3729.108-208.1 chromium-74.0.3729.108-208.1 chromedriver-74.0.3729.108-208.1 as a component of openSUSE Leap 42.3 chromium-74.0.3729.108-208.1 as a component of openSUSE Leap 42.3 Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5805 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5805.html CVE-2019-5805 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5806 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5806.html CVE-2019-5806 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5807 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5807.html CVE-2019-5807 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5808 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5808.html CVE-2019-5808 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. CVE-2019-5809 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5809.html CVE-2019-5809 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-5810 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5810.html CVE-2019-5810 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-5811 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5811.html CVE-2019-5811 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5813 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5813.html CVE-2019-5813 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5814 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5814.html CVE-2019-5814 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. CVE-2019-5815 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5815.html CVE-2019-5815 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. CVE-2019-5818 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5818.html CVE-2019-5818 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard. CVE-2019-5819 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5819.html CVE-2019-5819 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5820 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5820.html CVE-2019-5820 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5821 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5821.html CVE-2019-5821 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-5822 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5822.html CVE-2019-5822 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5823 openSUSE Leap 42.3:chromedriver-74.0.3729.108-208.1 openSUSE Leap 42.3:chromium-74.0.3729.108-208.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00008.html https://www.suse.com/security/cve/CVE-2019-5823.html CVE-2019-5823 https://bugzilla.suse.com/1133313 SUSE Bug 1133313