openSUSE Security Update : chromium (openSUSE-2017-661)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update to Chromium 59.0.3071.86 fixes the following security
issues :

- CVE-2017-5070: Type confusion in V8

- CVE-2017-5071: Out of bounds read in V8

- CVE-2017-5072: Address spoofing in Omnibox

- CVE-2017-5073: Use after free in print preview

- CVE-2017-5074: Use after free in Apps Bluetooth

- CVE-2017-5075: Information leak in CSP reporting

- CVE-2017-5086: Address spoofing in Omnibox

- CVE-2017-5076: Address spoofing in Omnibox

- CVE-2017-5077: Heap buffer overflow in Skia

- CVE-2017-5078: Possible command injection in mailto
handling

- CVE-2017-5079: UI spoofing in Blink

- CVE-2017-5080: Use after free in credit card autofill

- CVE-2017-5081: Extension verification bypass

- CVE-2017-5082: Insufficient hardening in credit card
editor

- CVE-2017-5083: UI spoofing in Blink

- CVE-2017-5085: Inappropriate JavaScript execution on
WebUI pages

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1042833

Solution :

Update the affected chromium packages.

Risk factor :

High

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now