This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Chromium was updated to 54.0.2840.59 to fix security issues and bugs.
The following security issues are fixed (bnc#1004465) :
- CVE-2016-5181: Universal XSS in Blink
- CVE-2016-5182: Heap overflow in Blink
- CVE-2016-5183: Use after free in PDFium
- CVE-2016-5184: Use after free in PDFium
- CVE-2016-5185: Use after free in Blink
- CVE-2016-5187: URL spoofing
- CVE-2016-5188: UI spoofing
- CVE-2016-5192: Cross-origin bypass in Blink
- CVE-2016-5189: URL spoofing
- CVE-2016-5186: Out of bounds read in DevTools
- CVE-2016-5191: Universal XSS in Bookmarks
- CVE-2016-5190: Use after free in Internals
- CVE-2016-5193: Scheme bypass
The following bugs were fixed :
- bnc#1000019: display issues in full screen mode, add
--ui-disable-partial-swap to the launcher
The following packaging changes are included :
- The desktop sub-packages are no obsolete
- The package now uses the system variants of some bundled
- The hangouts extension is now built
See also :
Update the affected Chromium packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: SuSE Local Security Checks
Nessus Plugin ID: 94246 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now