Security update for Chromium SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:2250-1 Final 1 1 2016-09-01T12:42:13Z current 2016-09-01T12:42:13Z 2016-09-01T12:42:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Chromium Chromium was updated to 53.0.2785.89 to fix a number of security issues. The following vulnerabilities were fixed: (boo#996648) - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free in Blink. - CVE-2016-5151: Use after free in PDFium. - CVE-2016-5152: Heap overflow in PDFium. - CVE-2016-5153: Use after destruction in Blink. - CVE-2016-5154: Heap overflow in PDFium. - CVE-2016-5155: Address bar spoofing. - CVE-2016-5156: Use after free in event bindings. - CVE-2016-5157: Heap overflow in PDFium. - CVE-2016-5158: Heap overflow in PDFium. - CVE-2016-5159: Heap overflow in PDFium. - CVE-2016-5161: Type confusion in Blink. - CVE-2016-5162: Extensions web accessible resources bypass. - CVE-2016-5163: Address bar spoofing. - CVE-2016-5164: Universal XSS using DevTools. - CVE-2016-5165: Script injection in DevTools. - CVE-2016-5166: SMB Relay Attack via Save Page As. - CVE-2016-5160: Extensions web accessible resources bypass. A number of tracked build system fixes are included. (boo#996032, boo#99606, boo#995932) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). 5568 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ Link for SUSE-SU-2016:2250-1 E-Mail link for SUSE-SU-2016:2250-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/995932 SUSE Bug 995932 https://bugzilla.suse.com/996032 SUSE Bug 996032 https://bugzilla.suse.com/99606 SUSE Bug 99606 https://bugzilla.suse.com/996648 SUSE Bug 996648 https://www.suse.com/security/cve/CVE-2016-5147/ SUSE CVE CVE-2016-5147 page https://www.suse.com/security/cve/CVE-2016-5148/ SUSE CVE CVE-2016-5148 page https://www.suse.com/security/cve/CVE-2016-5149/ SUSE CVE CVE-2016-5149 page https://www.suse.com/security/cve/CVE-2016-5150/ SUSE CVE CVE-2016-5150 page https://www.suse.com/security/cve/CVE-2016-5151/ SUSE CVE CVE-2016-5151 page https://www.suse.com/security/cve/CVE-2016-5152/ SUSE CVE CVE-2016-5152 page https://www.suse.com/security/cve/CVE-2016-5153/ SUSE CVE CVE-2016-5153 page https://www.suse.com/security/cve/CVE-2016-5154/ SUSE CVE CVE-2016-5154 page https://www.suse.com/security/cve/CVE-2016-5155/ SUSE CVE CVE-2016-5155 page https://www.suse.com/security/cve/CVE-2016-5156/ SUSE CVE CVE-2016-5156 page https://www.suse.com/security/cve/CVE-2016-5157/ SUSE CVE CVE-2016-5157 page https://www.suse.com/security/cve/CVE-2016-5158/ SUSE CVE CVE-2016-5158 page https://www.suse.com/security/cve/CVE-2016-5159/ SUSE CVE CVE-2016-5159 page https://www.suse.com/security/cve/CVE-2016-5160/ SUSE CVE CVE-2016-5160 page https://www.suse.com/security/cve/CVE-2016-5161/ SUSE CVE CVE-2016-5161 page https://www.suse.com/security/cve/CVE-2016-5162/ SUSE CVE CVE-2016-5162 page https://www.suse.com/security/cve/CVE-2016-5163/ SUSE CVE CVE-2016-5163 page https://www.suse.com/security/cve/CVE-2016-5164/ SUSE CVE CVE-2016-5164 page https://www.suse.com/security/cve/CVE-2016-5165/ SUSE CVE CVE-2016-5165 page https://www.suse.com/security/cve/CVE-2016-5166/ SUSE CVE CVE-2016-5166 page SUSE Package Hub 12 chromedriver-53.0.2785.89-96.1 chromium-53.0.2785.89-96.1 chromium-desktop-gnome-53.0.2785.89-96.1 chromium-desktop-kde-53.0.2785.89-96.1 chromium-ffmpegsumo-53.0.2785.89-96.1 chromedriver-53.0.2785.89-96.1 as a component of SUSE Package Hub 12 chromium-53.0.2785.89-96.1 as a component of SUSE Package Hub 12 chromium-desktop-gnome-53.0.2785.89-96.1 as a component of SUSE Package Hub 12 chromium-desktop-kde-53.0.2785.89-96.1 as a component of SUSE Package Hub 12 chromium-ffmpegsumo-53.0.2785.89-96.1 as a component of SUSE Package Hub 12 Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." CVE-2016-5147 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5147.html CVE-2016-5147 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)." CVE-2016-5148 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5148.html CVE-2016-5148 https://bugzilla.suse.com/996648 SUSE Bug 996648 The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a resource that initially has the about:blank URL. CVE-2016-5149 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5149.html CVE-2016-5149 https://bugzilla.suse.com/996648 SUSE Bug 996648 WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects. CVE-2016-5150 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5150.html CVE-2016-5150 https://bugzilla.suse.com/996648 SUSE Bug 996648 PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp. CVE-2016-5151 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5151.html CVE-2016-5151 https://bugzilla.suse.com/996648 SUSE Bug 996648 Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5152 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5152.html CVE-2016-5152 https://bugzilla.suse.com/996648 SUSE Bug 996648 The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have unspecified other impact via a crafted web site. CVE-2016-5153 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5153.html CVE-2016-5153 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image. CVE-2016-5154 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5154.html CVE-2016-5154 https://bugzilla.suse.com/996648 SUSE Bug 996648 Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site. CVE-2016-5155 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5155.html CVE-2016-5155 https://bugzilla.suse.com/996648 SUSE Bug 996648 extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. CVE-2016-5156 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5156.html CVE-2016-5156 https://bugzilla.suse.com/996648 SUSE Bug 996648 Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. CVE-2016-5157 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5157.html CVE-2016-5157 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5158 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5158.html CVE-2016-5158 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c. CVE-2016-5159 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5159.html CVE-2016-5159 https://bugzilla.suse.com/996648 SUSE Bug 996648 The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5162. CVE-2016-5160 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5160.html CVE-2016-5160 https://bugzilla.suse.com/996648 SUSE Bug 996648 The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages "type confusion" in the StylePropertySerializer class. CVE-2016-5161 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5161.html CVE-2016-5161 https://bugzilla.suse.com/996648 SUSE Bug 996648 The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5160. CVE-2016-5162 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5162.html CVE-2016-5162 https://bugzilla.suse.com/996648 SUSE Bug 996648 The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows remote attackers to spoof the address bar via crafted right-to-left (RTL) Unicode text, related to omnibox/SuggestionView.java and omnibox/UrlBar.java in Chrome for Android. CVE-2016-5163 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5163.html CVE-2016-5163 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in WebKit/Source/platform/v8_inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools (aka DevTools) subsystem via a crafted web site, aka "Universal XSS (UXSS)." CVE-2016-5164 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5164.html CVE-2016-5164 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string. CVE-2016-5165 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5165.html CVE-2016-5165 https://bugzilla.suse.com/996648 SUSE Bug 996648 The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice. CVE-2016-5166 SUSE Package Hub 12:chromedriver-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-gnome-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-desktop-kde-53.0.2785.89-96.1 SUSE Package Hub 12:chromium-ffmpegsumo-53.0.2785.89-96.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162250-1/ https://www.suse.com/security/cve/CVE-2016-5166.html CVE-2016-5166 https://bugzilla.suse.com/996648 SUSE Bug 996648