This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Chromium was updated to 53.0.2785.113 to fix a number of security
issues and bugs.
The following vulnerabilities were fixed :
- CVE-2016-5170: Use after free in Blink
- CVE-2016-5171: Use after free in Blink
- CVE-2016-5172: Arbitrary Memory Read in v8
- CVE-2016-5173: Extension resource access
- CVE-2016-5174: Popup not correctly suppressed
- CVE-2016-5175: Various fixes from internal audits,
fuzzing and other initiatives.
The following upstream fixes are included :
- SPDY crasher fixes
- Disable NV12 DXGI video on AMD
- Forward --password-store switch to os_crypt
- Tell the kernel to discard USB requests when they time
- disallow WKBackForwardListItem navigations for pushState
- arc: bluetooth: Fix advertised uuid
- fix conflicting PendingIntent for stop button and swipe
The widevine plugin was re-enabled (boo#998328).
See also :
Update the affected chromium packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: SuSE Local Security Checks
Nessus Plugin ID: 93554 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now