Security update for Chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1059-1 Final 1 1 2016-04-16T08:03:49Z current 2016-04-16T08:03:49Z 2016-04-16T08:03:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Chromium Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives - CVE-2016-3679: Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.33) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html E-Mail link for openSUSE-SU-2016:1059-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings chromedriver-49.0.2623.110-141.2 chromium-49.0.2623.110-141.2 chromium-desktop-gnome-49.0.2623.110-141.2 chromium-desktop-kde-49.0.2623.110-141.2 chromium-ffmpegsumo-49.0.2623.110-141.2 The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1646 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-1646.html CVE-2016-1646 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2016-1647 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-1647.html CVE-2016-1647 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1648 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-1648.html CVE-2016-1648 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages. CVE-2016-1649 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-1649.html CVE-2016-1649 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document. CVE-2016-1650 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-1650.html CVE-2016-1650 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-3679 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html https://www.suse.com/security/cve/CVE-2016-3679.html CVE-2016-3679 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166