Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1499-1 Final 1 1 2020-09-22T08:22:47Z current 2020-09-22T08:22:47Z 2020-09-22T08:22:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing: - CVE-2020-6573: Use after free in video. - CVE-2020-6574: Insufficient policy enforcement in installer. - CVE-2020-6575: Race in Mojo. - CVE-2020-6576: Use after free in offscreen canvas. - CVE-2020-15959: Insufficient policy enforcement in networking. Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill - CVE-2020-6561: Inappropriate implementation in Content Security Policy - CVE-2020-6562: Insufficient policy enforcement in Blink - CVE-2020-6563: Insufficient policy enforcement in intent handling. - CVE-2020-6564: Incorrect security UI in permissions - CVE-2020-6565: Incorrect security UI in Omnibox. - CVE-2020-6566: Insufficient policy enforcement in media. - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. - CVE-2020-6568: Insufficient policy enforcement in intent handling. - CVE-2020-6569: Integer overflow in WebUSB. - CVE-2020-6570: Side-channel information leakage in WebRTC. - CVE-2020-6571: Incorrect security UI in Omnibox. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1499 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ E-Mail link for openSUSE-SU-2020:1499-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1175757 SUSE Bug 1175757 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 https://bugzilla.suse.com/1176450 SUSE Bug 1176450 https://www.suse.com/security/cve/CVE-2020-15959/ SUSE CVE CVE-2020-15959 page https://www.suse.com/security/cve/CVE-2020-6558/ SUSE CVE CVE-2020-6558 page https://www.suse.com/security/cve/CVE-2020-6559/ SUSE CVE CVE-2020-6559 page https://www.suse.com/security/cve/CVE-2020-6560/ SUSE CVE CVE-2020-6560 page https://www.suse.com/security/cve/CVE-2020-6561/ SUSE CVE CVE-2020-6561 page https://www.suse.com/security/cve/CVE-2020-6562/ SUSE CVE CVE-2020-6562 page https://www.suse.com/security/cve/CVE-2020-6563/ SUSE CVE CVE-2020-6563 page https://www.suse.com/security/cve/CVE-2020-6564/ SUSE CVE CVE-2020-6564 page https://www.suse.com/security/cve/CVE-2020-6565/ SUSE CVE CVE-2020-6565 page https://www.suse.com/security/cve/CVE-2020-6566/ SUSE CVE CVE-2020-6566 page https://www.suse.com/security/cve/CVE-2020-6567/ SUSE CVE CVE-2020-6567 page https://www.suse.com/security/cve/CVE-2020-6568/ SUSE CVE CVE-2020-6568 page https://www.suse.com/security/cve/CVE-2020-6569/ SUSE CVE CVE-2020-6569 page https://www.suse.com/security/cve/CVE-2020-6570/ SUSE CVE CVE-2020-6570 page https://www.suse.com/security/cve/CVE-2020-6571/ SUSE CVE CVE-2020-6571 page https://www.suse.com/security/cve/CVE-2020-6573/ SUSE CVE CVE-2020-6573 page https://www.suse.com/security/cve/CVE-2020-6574/ SUSE CVE CVE-2020-6574 page https://www.suse.com/security/cve/CVE-2020-6575/ SUSE CVE CVE-2020-6575 page https://www.suse.com/security/cve/CVE-2020-6576/ SUSE CVE CVE-2020-6576 page openSUSE Leap 15.1 openSUSE Leap 15.2 chromedriver-85.0.4183.102-lp152.2.30.1 chromium-85.0.4183.102-lp152.2.30.1 chromedriver-85.0.4183.102-lp152.2.30.1 as a component of openSUSE Leap 15.1 chromium-85.0.4183.102-lp152.2.30.1 as a component of openSUSE Leap 15.1 chromedriver-85.0.4183.102-lp152.2.30.1 as a component of openSUSE Leap 15.2 chromium-85.0.4183.102-lp152.2.30.1 as a component of openSUSE Leap 15.2 Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering. CVE-2020-15959 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-15959.html CVE-2020-15959 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6558 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6558.html CVE-2020-6558 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6559 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6559.html CVE-2020-6559 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6560 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6560.html CVE-2020-6560 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6561 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6561.html CVE-2020-6561 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6562 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6562.html CVE-2020-6562 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2020-6563 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6563.html CVE-2020-6563 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. CVE-2020-6564 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6564.html CVE-2020-6564 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6565 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6565.html CVE-2020-6565 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6566 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6566.html CVE-2020-6566 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6567 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6567.html CVE-2020-6567 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6568 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6568.html CVE-2020-6568 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6569 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6569.html CVE-2020-6569 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction. CVE-2020-6570 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6570.html CVE-2020-6570 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2020-6571 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6571.html CVE-2020-6571 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6573 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6573.html CVE-2020-6573 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. CVE-2020-6574 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6574.html CVE-2020-6574 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6575 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6575.html CVE-2020-6575 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6576 openSUSE Leap 15.1:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.1:chromium-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromedriver-85.0.4183.102-lp152.2.30.1 openSUSE Leap 15.2:chromium-85.0.4183.102-lp152.2.30.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/ https://www.suse.com/security/cve/CVE-2020-6576.html CVE-2020-6576 https://bugzilla.suse.com/1176306 SUSE Bug 1176306