1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2019:2425-1

[openSUSE-SU-2019:2425-1] Security update for chromium, re2

Severity Important
Affected Packages 13
CVEs 21
Info Packages References Vulnerabilities

Security update for chromium, re2

This update for chromium, re2 fixes the following issues:

Chromium was updated to 78.0.3904.70 boo#1154806:

  • CVE-2019-13699: Use-after-free in media
  • CVE-2019-13700: Buffer overrun in Blink
  • CVE-2019-13701: URL spoof in navigation
  • CVE-2019-13702: Privilege elevation in Installer
  • CVE-2019-13703: URL bar spoofing
  • CVE-2019-13704: CSP bypass
  • CVE-2019-13705: Extension permission bypass
  • CVE-2019-13706: Out-of-bounds read in PDFium
  • CVE-2019-13707: File storage disclosure
  • CVE-2019-13708: HTTP authentication spoof
  • CVE-2019-13709: File download protection bypass
  • CVE-2019-13710: File download protection bypass
  • CVE-2019-13711: Cross-context information leak
  • CVE-2019-15903: Buffer overflow in expat
  • CVE-2019-13713: Cross-origin data leak
  • CVE-2019-13714: CSS injection
  • CVE-2019-13715: Address bar spoofing
  • CVE-2019-13716: Service worker state error
  • CVE-2019-13717: Notification obscured
  • CVE-2019-13718: IDN spoof
  • CVE-2019-13719: Notification obscured

  • Various fixes from internal audits, fuzzing and other initiatives

  • Use internal resources for icon and appdata

This update was imported from the openSUSE:Leap:15.1:Update update project.

Package Affected Version
pkg:rpm/opensuse/re2-devel?arch=x86_64&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/re2-devel?arch=s390x&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/re2-devel?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/re2-devel?arch=aarch64&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/libre2-0?arch=x86_64&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/libre2-0?arch=s390x&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/libre2-0?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/libre2-0?arch=aarch64&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/libre2-0-64bit?arch=aarch64_ilp32&distro=opensuse-15&repo=suse-package-hub < 20190901-bp151.6.3.1
pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-15&repo=suse-package-hub < 78.0.3904.70-bp151.3.21.1
pkg:rpm/opensuse/chromium?arch=aarch64&distro=opensuse-15&repo=suse-package-hub < 78.0.3904.70-bp151.3.21.1
pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-15&repo=suse-package-hub < 78.0.3904.70-bp151.3.21.1
pkg:rpm/opensuse/chromedriver?arch=aarch64&distro=opensuse-15&repo=suse-package-hub < 78.0.3904.70-bp151.3.21.1
ID
openSUSE-SU-2019:2425-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF
Published
2019-11-03T08:56:17
(4 years ago)
Modified
2019-11-03T08:56:17
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2425-1.json
Suse URL for openSUSE-SU-2019:2425-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF
Suse E-Mail link for openSUSE-SU-2019:2425-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF
Bugzilla SUSE Bug 1154806 https://bugzilla.suse.com/1154806
CVE SUSE CVE CVE-2019-13699 page https://www.suse.com/security/cve/CVE-2019-13699/
CVE SUSE CVE CVE-2019-13700 page https://www.suse.com/security/cve/CVE-2019-13700/
CVE SUSE CVE CVE-2019-13701 page https://www.suse.com/security/cve/CVE-2019-13701/
CVE SUSE CVE CVE-2019-13702 page https://www.suse.com/security/cve/CVE-2019-13702/
CVE SUSE CVE CVE-2019-13703 page https://www.suse.com/security/cve/CVE-2019-13703/
CVE SUSE CVE CVE-2019-13704 page https://www.suse.com/security/cve/CVE-2019-13704/
CVE SUSE CVE CVE-2019-13705 page https://www.suse.com/security/cve/CVE-2019-13705/
CVE SUSE CVE CVE-2019-13706 page https://www.suse.com/security/cve/CVE-2019-13706/
CVE SUSE CVE CVE-2019-13707 page https://www.suse.com/security/cve/CVE-2019-13707/
CVE SUSE CVE CVE-2019-13708 page https://www.suse.com/security/cve/CVE-2019-13708/
CVE SUSE CVE CVE-2019-13709 page https://www.suse.com/security/cve/CVE-2019-13709/
CVE SUSE CVE CVE-2019-13710 page https://www.suse.com/security/cve/CVE-2019-13710/
CVE SUSE CVE CVE-2019-13711 page https://www.suse.com/security/cve/CVE-2019-13711/
CVE SUSE CVE CVE-2019-13713 page https://www.suse.com/security/cve/CVE-2019-13713/
CVE SUSE CVE CVE-2019-13714 page https://www.suse.com/security/cve/CVE-2019-13714/
CVE SUSE CVE CVE-2019-13715 page https://www.suse.com/security/cve/CVE-2019-13715/
CVE SUSE CVE CVE-2019-13716 page https://www.suse.com/security/cve/CVE-2019-13716/
CVE SUSE CVE CVE-2019-13717 page https://www.suse.com/security/cve/CVE-2019-13717/
CVE SUSE CVE CVE-2019-13718 page https://www.suse.com/security/cve/CVE-2019-13718/
CVE SUSE CVE CVE-2019-13719 page https://www.suse.com/security/cve/CVE-2019-13719/
CVE SUSE CVE CVE-2019-15903 page https://www.suse.com/security/cve/CVE-2019-15903/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/re2-devel?arch=x86_64&distro=opensuse-15&repo=suse-package-hub opensuse re2-devel < 20190901-bp151.6.3.1 opensuse-15 x86_64
Affected pkg:rpm/opensuse/re2-devel?arch=s390x&distro=opensuse-15&repo=suse-package-hub opensuse re2-devel < 20190901-bp151.6.3.1 opensuse-15 s390x
Affected pkg:rpm/opensuse/re2-devel?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub opensuse re2-devel < 20190901-bp151.6.3.1 opensuse-15 ppc64le
Affected pkg:rpm/opensuse/re2-devel?arch=aarch64&distro=opensuse-15&repo=suse-package-hub opensuse re2-devel < 20190901-bp151.6.3.1 opensuse-15 aarch64
Affected pkg:rpm/opensuse/libre2-0?arch=x86_64&distro=opensuse-15&repo=suse-package-hub opensuse libre2-0 < 20190901-bp151.6.3.1 opensuse-15 x86_64
Affected pkg:rpm/opensuse/libre2-0?arch=s390x&distro=opensuse-15&repo=suse-package-hub opensuse libre2-0 < 20190901-bp151.6.3.1 opensuse-15 s390x
Affected pkg:rpm/opensuse/libre2-0?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub opensuse libre2-0 < 20190901-bp151.6.3.1 opensuse-15 ppc64le
Affected pkg:rpm/opensuse/libre2-0?arch=aarch64&distro=opensuse-15&repo=suse-package-hub opensuse libre2-0 < 20190901-bp151.6.3.1 opensuse-15 aarch64
Affected pkg:rpm/opensuse/libre2-0-64bit?arch=aarch64_ilp32&distro=opensuse-15&repo=suse-package-hub opensuse libre2-0-64bit < 20190901-bp151.6.3.1 opensuse-15 aarch64_ilp32
Affected pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-15&repo=suse-package-hub opensuse chromium < 78.0.3904.70-bp151.3.21.1 opensuse-15 x86_64
Affected pkg:rpm/opensuse/chromium?arch=aarch64&distro=opensuse-15&repo=suse-package-hub opensuse chromium < 78.0.3904.70-bp151.3.21.1 opensuse-15 aarch64
Affected pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-15&repo=suse-package-hub opensuse chromedriver < 78.0.3904.70-bp151.3.21.1 opensuse-15 x86_64
Affected pkg:rpm/opensuse/chromedriver?arch=aarch64&distro=opensuse-15&repo=suse-package-hub opensuse chromedriver < 78.0.3904.70-bp151.3.21.1 opensuse-15 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date