openSUSE Security Update : chromium (openSUSE-SU-2012:1215-1)

High Nessus Plugin ID 74759


The remote openSUSE host is missing a security update.


Chromium was updated to 21.0.1180.88 to fix various bugs and security issues. Security fixes and rewards :

Please see the Chromium security page< >for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

- [$500] [121347< ?id=121347>] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.

- [$1000] [134897< ?id=134897>] High CVE-2012-2866: Bad cast with run-ins.
Credit to miaubiz.

- [135485 < 485>] Low CVE-2012-2867: Browser crash with SPDY.

- [$500] [136881< ?id=136881>] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz.

- [137778 < 778>] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team.

- [138672 < 672>] [ 140368 < 368>] LowCVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire.

- [$1000] [138673< ?id=138673>] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire.

- [$500] [142956< ?id=142956>] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein.


Update the affected chromium packages.

See Also

Plugin Details

Severity: High

ID: 74759

File Name: openSUSE-2012-619.nasl

Version: $Revision: 1.1 $

Type: local

Agent: unix

Published: 2014/06/13

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:chromedriver, p-cpe:/a:novell:opensuse:chromedriver-debuginfo, p-cpe:/a:novell:opensuse:chromium, p-cpe:/a:novell:opensuse:chromium-debuginfo, p-cpe:/a:novell:opensuse:chromium-debugsource, p-cpe:/a:novell:opensuse:chromium-desktop-gnome, p-cpe:/a:novell:opensuse:chromium-desktop-kde, p-cpe:/a:novell:opensuse:chromium-suid-helper, p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo, cpe:/o:novell:opensuse:12.1, cpe:/o:novell:opensuse:12.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2012/09/10

Reference Information

CVE: CVE-2012-2865, CVE-2012-2866, CVE-2012-2867, CVE-2012-2868, CVE-2012-2869, CVE-2012-2870, CVE-2012-2871, CVE-2012-2872

OSVDB: 85030, 85031, 85032, 85033, 85034, 85035, 85036, 85037, 91608