openSUSE-SU-2020:1527

openSUSE-SU-2020:1542

openSUSE-SU-2020:1550

openSUSE-SU-2020:1713

https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html

https://crbug.com/1113558

FEDORA-2020-aea86f913e

FEDORA-2020-2d994b986d

FEDORA-2020-214865ce21

GLSA-202009-13

This update for opera fixes the following issues :

opera was updated to version 71.0.3770.228

  - DNA-87466 Hide extensions icon is black in dark theme

  - DNA-88580 Implement search_in_tabs telemetry benchmark

  - DNA-88591 Allow to scroll down the Keyboards Shortcuts     section with URL

  - DNA-88693 Random crash in SmartFilesBrowserTest

  - DNA-88793 change VPN disclaimer modal layout

  - DNA-88799 Only active workspaces and active messengers     should be listed in keyboard shortcuts settings

  - DNA-88838 add automatic VPN connection preference     setting

  - DNA-88870 Align VPN popup to new design

  - DNA-88900 Turn off Tutorials in Opera GX &ndash;
    implementation

  - DNA-88931 Add info about channel and product (OPR,     OPRGX) to rollout requests

  - DNA-88940 Allow continue-shopping|booking-host-override     switch to handle host and path

  - DNA-88946 Auto-connect VPN after browser startup only     for existing VPN users

  - DNA-89009 Change URL for search-suggestions

  - DNA-89021 Make RH test driver pack to a separate archive

  - DNA-89150 Unhardcode &lsquo;From&rsquo; and     &lsquo;To&rsquo; strings in Advanced History Search

  - DNA-89175 Desktop without a flow paring should not     initialize in browser startup

Opera was updated to version 71.0.3770.198

  - CHR-8106 Update chromium on desktop-stable-85-3770 to     85.0.4183.121

  - DNA-85648 Reconnecting Flow with iOS is unstable

  - DNA-87130 Spinner is stretched instead of clipped

  - DNA-87989 In Find in Page, &ldquo;No matches&rdquo;
    doesn&rsquo;t go away after deleting all text

  - DNA-88098 Data URLs entries should not open new tab     after click on new history page

  - DNA-88267 Extra semicolon in Russian BABE translation

  - DNA-88312 [Win] Downloads file drag and drop     doesn&rsquo;t work in Opera

  - DNA-88363 Add premium extension functionality

  - DNA-88580 Implement search_in_tabs telemetry benchmark

  - DNA-88611 Black font on a dark background in sync login     dialog

  - DNA-88626 Disable #easy-files on desktop-stable-85-xxxx

  - DNA-88701 String &ldquo;Type a shortcut&rdquo; is     hardcoded

  - DNA-88755 Crash at     extensions::WebstoreOneClickInstallerUIImpl::
    RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDe     legate*)

  - DNA-88797 Change &lsquo;Register&rsquo; to     &lsquo;Tab&rsquo; in German

  - DNA-88851 [History][Resized window] Button and date     input look bad

  - DNA-88958 Crash at net::`anonymous     namespace&rdquo;::Escape

  - The update to chromium 85.0.4183.121 fixes following     issues :

  - CVE-2020-15960, CVE-2020-15961, CVE-2020-15962,     CVE-2020-15963, CVE-2020-15965, CVE-2020-15966,     CVE-2020-15964

  - Update to version 71.0.3770.148

  - CHR-8091 Update chromium on desktop-stable-85-3770 to     85.0.4183.102

  - DNA-87785 [Mac] &ldquo;Alitools&rdquo; text in extension     toolbar overlaps Install button

  - DNA-87935 Make SSD smaller by 25%

  - DNA-87963 Hidden Avira extension in avira_2 edition

  - DNA-88015 [MyFlow] Desktop doesn&rsquo;t show itself in     devices list

  - DNA-88469 Add context menu options to configure     shortcuts

  - DNA-88496 Define a/b test in ab_tests.json

  - DNA-88537 Don&rsquo;t filter out hashes from feature     reference groups coming from rollout

  - DNA-88580 Implement search_in_tabs telemetry benchmark

  - DNA-88604 [History panel] Search bar covers the     &ldquo;Clear browsing data&rdquo; button

  - DNA-88619 String &lsquo;Download complete&rsquo; is cut     on download popup

  - DNA-88645 Remove option should not be available for last     workspace

  - DNA-88718 [History panel] fix delete button overflow     issue

  - The update to chromium 85.0.4183.102 fixes following     issues :

  - CVE-2020-6573, CVE-2020-6574, CVE-2020-6575,     CVE-2020-6576, CVE-2020-15959

  - Complete Opera 71.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-71/

  - Update to version 70.0.3728.144

  - CHR-8057 Update chromium on desktop-stable-84-3728 to     84.0.4147.135

  - DNA-88027 [Mac] Downloads icon disappears when downloads     popup is shown

  - DNA-88204 Crash at     opera::DownloadItemView::OnMousePressed (ui::MouseEvent     const&)

  - The update to chromium 84.0.4147.135 fixes following     issues :

  - CVE-2020-6556

Update to 85.0.4183.121. Why? Because security, that's why. It fixes these CVEs :

CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966

It also has a fix for an issue where networking... uh... didn't.

----

Update Chromium to 85.0.4183.102. Fix issue where unpackaged components prevented hardware accelerated rendering from working. Also fixes the following security issues: CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4206 advisory.

  - chromium-browser: Out of bounds read in storage (CVE-2020-15960)

  - chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-15961, CVE-2020-15963,     CVE-2020-15966)

  - chromium-browser: Insufficient policy enforcement in serial (CVE-2020-15962)

  - chromium-browser: Insufficient data validation in media (CVE-2020-15964)

  - chromium-browser: Out of bounds write in V8 (CVE-2020-15965)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Update to 85.0.4183.121. Why? Because security, that's why. It fixes these CVEs :

CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966

It also has a fix for an issue where networking... uh... didn't.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for chromium fixes the following issues :

Chromium was updated to 85.0.4183.121 (boo#1176791) :

  - CVE-2020-15960: Out of bounds read in storage

  - CVE-2020-15961: Insufficient policy enforcement in     extensions

  - CVE-2020-15962: Insufficient policy enforcement in     serial

  - CVE-2020-15963: Insufficient policy enforcement in     extensions

  - CVE-2020-15965: Out of bounds write in V8

  - CVE-2020-15966: Insufficient policy enforcement in     extensions

  - CVE-2020-15964: Insufficient data validation in media

The remote host is affected by the vulnerability described in GLSA-202009-13 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

The version of Microsoft Edge installed on the remote Windows host is prior to 85.0.564.63. It is, therefore, affected by multiple vulnerabilities as referenced in the ADV200002-9-23-2020 advisory.

  - Heap buffer overflow in storage in Google Chrome prior to 85.0.564.63 allowed a remote attacker to     potentially perform out of bounds memory access via a crafted HTML page. (CVE-2020-15960)

  - Insufficient policy validation in extensions in Google Chrome prior to 85.0.564.63 allowed an attacker     who convinced a user to install a malicious extension to potentially perform a sandbox escape via a     crafted Chrome Extension. (CVE-2020-15961)

  - Insufficient policy validation in serial in Google Chrome prior to 85.0.564.63 allowed a remote attacker     to potentially perform out of bounds memory access via a crafted HTML page. (CVE-2020-15962)

  - Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.564.63 allowed an attacker     who convinced a user to install a malicious extension to potentially perform a sandbox escape via a     crafted Chrome Extension. (CVE-2020-15963)

  - Insufficient data validation in media in Google Chrome prior to 85.0.564.63 allowed a remote attacker to     potentially exploit heap corruption via a crafted HTML page. (CVE-2020-15964)

  - Type confusion in V8 in Google Chrome prior to 85.0.564.63 allowed a remote attacker to potentially     perform out of bounds memory access via a crafted HTML page. (CVE-2020-15965)

  - Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.564.63 allowed an attacker     who convinced a user to install a malicious extension to obtain potentially sensitive information via a     crafted Chrome Extension. (CVE-2020-15966)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Chrome Releases reports :

This release fixes 10 security issues, including :

- [1100136] High CVE-2020-15960: Out of bounds read in storage.
Reported by Anonymous on 2020-06-28

- [1114636] High CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-10

- [1121836] High CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-26

- [1113558] High CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06

- [1126249] High CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-09-08

- [1113565] Medium CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06

- [1121414] Low CVE-2020-15964: Insufficient data validation in media.
Reported by Woojin Oh(@pwn_exploit) of STEALIEN on 2020-08-25

The version of Google Chrome installed on the remote Windows host is prior to 85.0.4183.121. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_09_stable-channel-update-for-desktop_21 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 85.0.4183.121. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_09_stable-channel-update-for-desktop_21 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
141905	openSUSE Security Update : opera (openSUSE-2020-1713)	Nessus	SuSE Local Security Checks	high
141289	Fedora 33 : chromium (2020-2d994b986d)	Nessus	Fedora Local Security Checks	medium
141260	RHEL 6 : chromium-browser (RHSA-2020:4206)	Nessus	Red Hat Local Security Checks	medium
141186	Fedora 32 : chromium (2020-214865ce21)	Nessus	Fedora Local Security Checks	medium
141145	Fedora 31 : chromium (2020-aea86f913e)	Nessus	Fedora Local Security Checks	medium
141073	openSUSE Security Update : chromium (openSUSE-2020-1527)	Nessus	SuSE Local Security Checks	medium
141063	GLSA-202009-13 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
141009	Microsoft Edge (Chromium) < 85.0.564.63 Multiple Vulnerabilities	Nessus	Windows	medium
140738	FreeBSD : chromium -- multiple vulnerabilities (e68d3db1-fd04-11ea-a67f-e09467587c17)	Nessus	FreeBSD Local Security Checks	medium
140700	Google Chrome < 85.0.4183.121 Multiple Vulnerabilities	Nessus	Windows	medium
140699	Google Chrome < 85.0.4183.121 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	medium

CVE-2020-15963

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins