Security update for Chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:2792-1 Final 1 1 2016-11-14T22:20:13Z current 2016-11-14T22:20:13Z 2016-11-14T22:20:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Chromium This update to Chromium 54.0.2840.100 fixes the following vulnerabilities: - CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - CVE-2016-5201: info leak in extensions (boo#1009894) - CVE-2016-5202: various fixes from internal audits (boo#1009895) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00028.html E-Mail link for openSUSE-SU-2016:2792-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 chromedriver-54.0.2840.100-91.1 chromium-54.0.2840.100-91.1 chromium-ffmpegsumo-54.0.2840.100-91.1 chromedriver-54.0.2840.100-91.1 as a component of openSUSE Leap 42.1 chromium-54.0.2840.100-91.1 as a component of openSUSE Leap 42.1 chromium-ffmpegsumo-54.0.2840.100-91.1 as a component of openSUSE Leap 42.1 chromedriver-54.0.2840.100-91.1 as a component of openSUSE Leap 42.2 chromium-54.0.2840.100-91.1 as a component of openSUSE Leap 42.2 chromium-ffmpegsumo-54.0.2840.100-91.1 as a component of openSUSE Leap 42.2 An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2016-5199 openSUSE Leap 42.1:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-ffmpegsumo-54.0.2840.100-91.1 openSUSE Leap 42.2:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-ffmpegsumo-54.0.2840.100-91.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00028.html https://www.suse.com/security/cve/CVE-2016-5199.html CVE-2016-5199 https://bugzilla.suse.com/1009892 SUSE Bug 1009892 V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2016-5200 openSUSE Leap 42.1:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-ffmpegsumo-54.0.2840.100-91.1 openSUSE Leap 42.2:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-ffmpegsumo-54.0.2840.100-91.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00028.html https://www.suse.com/security/cve/CVE-2016-5200.html CVE-2016-5200 https://bugzilla.suse.com/1009893 SUSE Bug 1009893 A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page. CVE-2016-5201 openSUSE Leap 42.1:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-ffmpegsumo-54.0.2840.100-91.1 openSUSE Leap 42.2:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-ffmpegsumo-54.0.2840.100-91.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00028.html https://www.suse.com/security/cve/CVE-2016-5201.html CVE-2016-5201 https://bugzilla.suse.com/1009894 SUSE Bug 1009894 browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. CVE-2016-5202 openSUSE Leap 42.1:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-54.0.2840.100-91.1 openSUSE Leap 42.1:chromium-ffmpegsumo-54.0.2840.100-91.1 openSUSE Leap 42.2:chromedriver-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-54.0.2840.100-91.1 openSUSE Leap 42.2:chromium-ffmpegsumo-54.0.2840.100-91.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00028.html https://www.suse.com/security/cve/CVE-2016-5202.html CVE-2016-5202 https://bugzilla.suse.com/1009895 SUSE Bug 1009895