Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:2664-2 Final 1 1 2018-09-08T07:01:58Z current 2018-09-08T07:01:58Z 2018-09-08T07:01:58Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for Chromium to version 69.0.3497.81 fixes multiple issues. Security issues fixed (boo#1107235): - CVE-2018-16065: Out of bounds write in V8 - CVE-2018-16066:Out of bounds read in Blink - CVE-2018-16067: Out of bounds read in WebAudio - CVE-2018-16068: Out of bounds write in Mojo - CVE-2018-16069:Out of bounds read in SwiftShader - CVE-2018-16070: Integer overflow in Skia - CVE-2018-16071: Use after free in WebRTC - CVE-2018-16073: Site Isolation bypass after tab restore - CVE-2018-16074: Site Isolation bypass using Blob URLS - Out of bounds read in Little-CMS - CVE-2018-16075: Local file access in Blink - CVE-2018-16076: Out of bounds read in PDFium - CVE-2018-16077: Content security policy bypass in Blink - CVE-2018-16078: Credit card information leak in Autofill - CVE-2018-16079: URL spoof in permission dialogs - CVE-2018-16080: URL spoof in full screen mode - CVE-2018-16081: Local file access in DevTools - CVE-2018-16082: Stack buffer overflow in SwiftShader - CVE-2018-16083: Out of bounds read in WebRTC - CVE-2018-16084: User confirmation bypass in external protocol handling - CVE-2018-16085: Use after free in Memory Instrumentation - CVE-2017-15430: Unsafe navigation in Chromecast (boo#1106341) - CVE-2018-16086: Script injection in New Tab Page - CVE-2018-16087: Multiple download restriction bypass - CVE-2018-16088: User gesture requirement bypass The re2 regular expression library was updated to the current version 2018-09-01. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html E-Mail link for openSUSE-SU-2018:2664-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub for SUSE Linux Enterprise 12 SUSE Package Hub for SUSE Linux Enterprise 15 chromedriver-69.0.3497.81-bp150.2.4.1 chromium-69.0.3497.81-bp150.2.4.1 libre2-0-20180901-bp150.3.3.1 libre2-0-64bit-20180901-bp150.3.3.1 re2-20180901-bp150.3.3.1 re2-devel-20180901-bp150.3.3.1 chromedriver-69.0.3497.81-bp150.2.4.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 chromedriver-69.0.3497.81-bp150.2.4.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 chromium-69.0.3497.81-bp150.2.4.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 chromium-69.0.3497.81-bp150.2.4.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 libre2-0-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 libre2-0-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 libre2-0-64bit-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 libre2-0-64bit-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 re2-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 re2-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 re2-devel-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 12 re2-devel-20180901-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 Unsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2017-15430 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2017-15430.html CVE-2017-15430 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1106341 SUSE Bug 1106341 A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-16065 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16065.html CVE-2018-16065 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16066 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16066.html CVE-2018-16066 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16067 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16067.html CVE-2018-16067 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2018-16068 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16068.html CVE-2018-16068 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16069 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16069.html CVE-2018-16069 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16070 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16070.html CVE-2018-16070 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2018-16071 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16071.html CVE-2018-16071 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16073 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16073.html CVE-2018-16073 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16074 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16074.html CVE-2018-16074 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16075 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16075.html CVE-2018-16075 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2018-16076 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16076.html CVE-2018-16076 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 https://bugzilla.suse.com/1110628 SUSE Bug 1110628 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16077 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16077.html CVE-2018-16077 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2018-16078 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16078.html CVE-2018-16078 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-16079 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16079.html CVE-2018-16079 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-16080 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16080.html CVE-2018-16080 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension. CVE-2018-16081 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16081.html CVE-2018-16081 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2018-16082 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16082.html CVE-2018-16082 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-16083 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16083.html CVE-2018-16083 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page. CVE-2018-16084 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16084.html CVE-2018-16084 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16085 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16085.html CVE-2018-16085 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2018-16086 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16086.html CVE-2018-16086 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2018-16087 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16087.html CVE-2018-16087 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page. CVE-2018-16088 SUSE Package Hub for SUSE Linux Enterprise 12:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 12:re2-devel-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromedriver-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:chromium-69.0.3497.81-bp150.2.4.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:libre2-0-64bit-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-20180901-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:re2-devel-20180901-bp150.3.3.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00056.html https://www.suse.com/security/cve/CVE-2018-16088.html CVE-2018-16088 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235