Security update for Chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1983-1 Final 1 1 2016-08-07T18:52:29Z current 2016-08-07T18:52:29Z 2016-08-07T18:52:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Chromium Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305) - CVE-2016-5141: Address bar spoofing (boo#992314) - CVE-2016-5142: Use-after-free in Blink (boo#992313) - CVE-2016-5139: Heap overflow in pdfium (boo#992311) - CVE-2016-5140: Heap overflow in pdfium (boo#992310) - CVE-2016-5145: Same origin bypass for images in Blink (boo#992320) - CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319) - CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315) - CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2016-950 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ E-Mail link for openSUSE-SU-2016:1983-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992309 SUSE Bug 992309 https://bugzilla.suse.com/992310 SUSE Bug 992310 https://bugzilla.suse.com/992311 SUSE Bug 992311 https://bugzilla.suse.com/992313 SUSE Bug 992313 https://bugzilla.suse.com/992314 SUSE Bug 992314 https://bugzilla.suse.com/992315 SUSE Bug 992315 https://bugzilla.suse.com/992319 SUSE Bug 992319 https://bugzilla.suse.com/992320 SUSE Bug 992320 https://www.suse.com/security/cve/CVE-2016-5139/ SUSE CVE CVE-2016-5139 page https://www.suse.com/security/cve/CVE-2016-5140/ SUSE CVE CVE-2016-5140 page https://www.suse.com/security/cve/CVE-2016-5141/ SUSE CVE CVE-2016-5141 page https://www.suse.com/security/cve/CVE-2016-5142/ SUSE CVE CVE-2016-5142 page https://www.suse.com/security/cve/CVE-2016-5143/ SUSE CVE CVE-2016-5143 page https://www.suse.com/security/cve/CVE-2016-5144/ SUSE CVE CVE-2016-5144 page https://www.suse.com/security/cve/CVE-2016-5145/ SUSE CVE CVE-2016-5145 page https://www.suse.com/security/cve/CVE-2016-5146/ SUSE CVE CVE-2016-5146 page SUSE Package Hub 12 chromedriver-52.0.2743.116-92.1 chromium-52.0.2743.116-92.1 chromium-desktop-gnome-52.0.2743.116-92.1 chromium-desktop-kde-52.0.2743.116-92.1 chromium-ffmpegsumo-52.0.2743.116-92.1 chromedriver-52.0.2743.116-92.1 as a component of SUSE Package Hub 12 chromium-52.0.2743.116-92.1 as a component of SUSE Package Hub 12 chromium-desktop-gnome-52.0.2743.116-92.1 as a component of SUSE Package Hub 12 chromium-desktop-kde-52.0.2743.116-92.1 as a component of SUSE Package Hub 12 chromium-ffmpegsumo-52.0.2743.116-92.1 as a component of SUSE Package Hub 12 Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5139 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5139.html CVE-2016-5139 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992311 SUSE Bug 992311 https://bugzilla.suse.com/992325 SUSE Bug 992325 Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5140 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5140.html CVE-2016-5140 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992310 SUSE Bug 992310 https://bugzilla.suse.com/992325 SUSE Bug 992325 Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp. CVE-2016-5141 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5141.html CVE-2016-5141 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992314 SUSE Bug 992314 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp. CVE-2016-5142 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5142.html CVE-2016-5142 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992313 SUSE Bug 992313 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5144. CVE-2016-5143 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5143.html CVE-2016-5143 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992319 SUSE Bug 992319 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5143. CVE-2016-5144 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5144.html CVE-2016-5144 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992315 SUSE Bug 992315 https://bugzilla.suse.com/992325 SUSE Bug 992325 Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. CVE-2016-5145 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5145.html CVE-2016-5145 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992320 SUSE Bug 992320 https://bugzilla.suse.com/992325 SUSE Bug 992325 Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-5146 SUSE Package Hub 12:chromedriver-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-gnome-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-desktop-kde-52.0.2743.116-92.1 SUSE Package Hub 12:chromium-ffmpegsumo-52.0.2743.116-92.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ/#VDI2SYR4SQQNIUDTWH6BXSMO56JTMRWJ https://www.suse.com/security/cve/CVE-2016-5146.html CVE-2016-5146 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992309 SUSE Bug 992309 https://bugzilla.suse.com/992325 SUSE Bug 992325