Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1100-1 Final 1 1 2017-04-24T17:04:59Z current 2017-04-24T17:04:59Z 2017-04-24T17:04:59Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update to Chromium 58.0.3029.81 fixes the following security issues (bsc#1035103): - CVE-2017-5057: Type confusion in PDFium - CVE-2017-5058: Heap use after free in Print Preview - CVE-2017-5059: Type confusion in Blink - CVE-2017-5060: URL spoofing in Omnibox - CVE-2017-5061: URL spoofing in Omnibox - CVE-2017-5062: Use after free in Chrome Apps - CVE-2017-5063: Heap overflow in Skia - CVE-2017-5064: Use after free in Blink - CVE-2017-5065: Incorrect UI in Blink - CVE-2017-5066: Incorrect signature handing in Networking - CVE-2017-5067: URL spoofing in Omnibox - CVE-2017-5069: Cross-origin bypass in Blink The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2017-508 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 E-Mail link for openSUSE-SU-2017:1100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1035103 SUSE Bug 1035103 https://www.suse.com/security/cve/CVE-2017-5057/ SUSE CVE CVE-2017-5057 page https://www.suse.com/security/cve/CVE-2017-5058/ SUSE CVE CVE-2017-5058 page https://www.suse.com/security/cve/CVE-2017-5059/ SUSE CVE CVE-2017-5059 page https://www.suse.com/security/cve/CVE-2017-5060/ SUSE CVE CVE-2017-5060 page https://www.suse.com/security/cve/CVE-2017-5061/ SUSE CVE CVE-2017-5061 page https://www.suse.com/security/cve/CVE-2017-5062/ SUSE CVE CVE-2017-5062 page https://www.suse.com/security/cve/CVE-2017-5063/ SUSE CVE CVE-2017-5063 page https://www.suse.com/security/cve/CVE-2017-5064/ SUSE CVE CVE-2017-5064 page https://www.suse.com/security/cve/CVE-2017-5065/ SUSE CVE CVE-2017-5065 page https://www.suse.com/security/cve/CVE-2017-5066/ SUSE CVE CVE-2017-5066 page https://www.suse.com/security/cve/CVE-2017-5067/ SUSE CVE CVE-2017-5067 page https://www.suse.com/security/cve/CVE-2017-5069/ SUSE CVE CVE-2017-5069 page SUSE Package Hub 12 SP2 chromedriver-58.0.3029.81-14.1 chromium-58.0.3029.81-14.1 chromedriver-58.0.3029.81-14.1 as a component of SUSE Package Hub 12 SP2 chromium-58.0.3029.81-14.1 as a component of SUSE Package Hub 12 SP2 Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2017-5057 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5057.html CVE-2017-5057 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2017-5058 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5058.html CVE-2017-5058 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. CVE-2017-5059 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5059.html CVE-2017-5059 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5060 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5060.html CVE-2017-5060 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-5061 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5061.html CVE-2017-5061 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. CVE-2017-5062 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5062.html CVE-2017-5062 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5063 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5063.html CVE-2017-5063 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5064 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5064.html CVE-2017-5064 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page. CVE-2017-5065 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5065.html CVE-2017-5065 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page. CVE-2017-5066 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5066.html CVE-2017-5066 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-5067 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5067.html CVE-2017-5067 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page. CVE-2017-5069 SUSE Package Hub 12 SP2:chromedriver-58.0.3029.81-14.1 SUSE Package Hub 12 SP2:chromium-58.0.3029.81-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3/#LEEWQGS6D7UOCPB2AU4ESWHF2GVOKXC3 https://www.suse.com/security/cve/CVE-2017-5069.html CVE-2017-5069 https://bugzilla.suse.com/1035103 SUSE Bug 1035103