openSUSE Security Update : chromium (openSUSE-2017-1047)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for chromium to version 61.0.3163.79 fixes several issues.

These security issues were fixed :

- CVE-2017-5111: Use after free in PDFium (boo#1057364).

- CVE-2017-5112: Heap buffer overflow in WebGL

- CVE-2017-5113: Heap buffer overflow in Skia

- CVE-2017-5114: Memory lifecycle issue in PDFium

- CVE-2017-5115: Type confusion in V8 (boo#1057364).

- CVE-2017-5116: Type confusion in V8 (boo#1057364).

- CVE-2017-5117: Use of uninitialized value in Skia

- CVE-2017-5118: Bypass of Content Security Policy in
Blink (boo#1057364).

- CVE-2017-5119: Use of uninitialized value in Skia

- CVE-2017-5120: Potential HTTPS downgrade during redirect
navigation (boo#1057364).

See also :

Solution :

Update the affected chromium packages.

Risk factor :


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now