Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1502-1 Final 1 1 2017-06-07T16:57:03Z current 2017-06-07T16:57:03Z 2017-06-07T16:57:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update to Chromium 59.0.3071.86 fixes the following security issues: - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetooth - CVE-2017-5075: Information leak in CSP reporting - CVE-2017-5086: Address spoofing in Omnibox - CVE-2017-5076: Address spoofing in Omnibox - CVE-2017-5077: Heap buffer overflow in Skia - CVE-2017-5078: Possible command injection in mailto handling - CVE-2017-5079: UI spoofing in Blink - CVE-2017-5080: Use after free in credit card autofill - CVE-2017-5081: Extension verification bypass - CVE-2017-5082: Insufficient hardening in credit card editor - CVE-2017-5083: UI spoofing in Blink - CVE-2017-5085: Inappropriate javascript execution on WebUI pages The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2017-661 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS E-Mail link for openSUSE-SU-2017:1502-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1042833 SUSE Bug 1042833 https://www.suse.com/security/cve/CVE-2017-5070/ SUSE CVE CVE-2017-5070 page https://www.suse.com/security/cve/CVE-2017-5071/ SUSE CVE CVE-2017-5071 page https://www.suse.com/security/cve/CVE-2017-5072/ SUSE CVE CVE-2017-5072 page https://www.suse.com/security/cve/CVE-2017-5073/ SUSE CVE CVE-2017-5073 page https://www.suse.com/security/cve/CVE-2017-5074/ SUSE CVE CVE-2017-5074 page https://www.suse.com/security/cve/CVE-2017-5075/ SUSE CVE CVE-2017-5075 page https://www.suse.com/security/cve/CVE-2017-5076/ SUSE CVE CVE-2017-5076 page https://www.suse.com/security/cve/CVE-2017-5077/ SUSE CVE CVE-2017-5077 page https://www.suse.com/security/cve/CVE-2017-5078/ SUSE CVE CVE-2017-5078 page https://www.suse.com/security/cve/CVE-2017-5079/ SUSE CVE CVE-2017-5079 page https://www.suse.com/security/cve/CVE-2017-5080/ SUSE CVE CVE-2017-5080 page https://www.suse.com/security/cve/CVE-2017-5081/ SUSE CVE CVE-2017-5081 page https://www.suse.com/security/cve/CVE-2017-5082/ SUSE CVE CVE-2017-5082 page https://www.suse.com/security/cve/CVE-2017-5083/ SUSE CVE CVE-2017-5083 page https://www.suse.com/security/cve/CVE-2017-5085/ SUSE CVE CVE-2017-5085 page https://www.suse.com/security/cve/CVE-2017-5086/ SUSE CVE CVE-2017-5086 page SUSE Package Hub 12 SP2 chromedriver-59.0.3071.86-20.1 chromium-59.0.3071.86-20.1 chromedriver-59.0.3071.86-20.1 as a component of SUSE Package Hub 12 SP2 chromium-59.0.3071.86-20.1 as a component of SUSE Package Hub 12 SP2 Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2017-5070 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5070.html CVE-2017-5070 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5071 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5071.html CVE-2017-5071 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page. CVE-2017-5072 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5072.html CVE-2017-5072 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5073 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5073.html CVE-2017-5073 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth. CVE-2017-5074 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5074.html CVE-2017-5074 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page. CVE-2017-5075 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5075.html CVE-2017-5075 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5076 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5076.html CVE-2017-5076 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5077 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5077.html CVE-2017-5077 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument. CVE-2017-5078 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5078.html CVE-2017-5078 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. CVE-2017-5079 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5079.html CVE-2017-5079 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5080 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5080.html CVE-2017-5080 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. CVE-2017-5081 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5081.html CVE-2017-5081 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page. CVE-2017-5082 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5082.html CVE-2017-5082 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. CVE-2017-5083 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5083.html CVE-2017-5083 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark. CVE-2017-5085 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5085.html CVE-2017-5085 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5086 SUSE Package Hub 12 SP2:chromedriver-59.0.3071.86-20.1 SUSE Package Hub 12 SP2:chromium-59.0.3071.86-20.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKZE63LEN77JSLVLIISIQUKH4RZFGZIS/#QKZE63LEN77JSLVLIISIQUKH4RZFGZIS https://www.suse.com/security/cve/CVE-2017-5086.html CVE-2017-5086 https://bugzilla.suse.com/1042833 SUSE Bug 1042833