openSUSE Security Update : chromium (openSUSE-2017-701)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update to Chromium 59.0.3071.104 fixes the following security
issues :

- CVE-2017-5087: Sandbox Escape in IndexedDB

- CVE-2017-5088: Out of bounds read in V8

- CVE-2017-5089: Domain spoofing in Omnibox

- Various fixes from internal audits, fuzzing and other
initiatives

The following tracked packaging changes are included :

- In about dialog, refer to the build as 'openSUSE build'
(boo#1043420)

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1043420
https://bugzilla.opensuse.org/show_bug.cgi?id=1044690

Solution :

Update the affected chromium packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 100862 ()

Bugtraq ID:

CVE ID: CVE-2017-5087
CVE-2017-5088
CVE-2017-5089

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now