openSUSE Security Update : chromium (openSUSE-SU-2012:1682-1)

Critical Nessus Plugin ID 74848

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote openSUSE host is missing a security update.

Description

- Update to 25.0.1362

- Security fixes (bnc#794075) :

- CVE-2012-5139: Use-after-free with visibility events

- CVE-2012-5140: Use-after-free in URL loader

- CVE-2012-5141: Limit Chromoting client plug-in instantiation.

- CVE-2012-5142: Crash in history navigation.

- CVE-2012-5143: Integer overflow in PPAPI image buffers

- CVE-2012-5144: Stack corruption in AAC decoding

- Fixed garbled header and footer text in print preview.
[Issue: 152893]

- Fixed extension action badges with long text. [Issue:
160069]

- Disable find if constrained window is shown. [Issue:
156969]

- Enable fullscreen for apps windows. [Issue: 161246]

- Fixed broken profile with system-wide installation and UserDataDir & DiskCacheDir policy. [Issue: 161336]

- Fixed stability crashes like 158747, 159437, 149139, 160914, 160401, 161858, 158747, 156878

- Fixed graphical corruption in Dust. [Issue: 155258]

- Fixed scrolling issue. [Issue: 163553]

Solution

Update the affected chromium packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=794075

https://lists.opensuse.org/opensuse-updates/2012-12/msg00045.html

Plugin Details

Severity: Critical

ID: 74848

File Name: openSUSE-2012-867.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 5.9

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:chromedriver, p-cpe:/a:novell:opensuse:chromedriver-debuginfo, p-cpe:/a:novell:opensuse:chromium, p-cpe:/a:novell:opensuse:chromium-debuginfo, p-cpe:/a:novell:opensuse:chromium-debugsource, p-cpe:/a:novell:opensuse:chromium-desktop-gnome, p-cpe:/a:novell:opensuse:chromium-desktop-kde, p-cpe:/a:novell:opensuse:chromium-ffmpegsumo, p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo, p-cpe:/a:novell:opensuse:chromium-suid-helper, p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo, cpe:/o:novell:opensuse:12.1, cpe:/o:novell:opensuse:12.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2012/12/20

Reference Information

CVE: CVE-2012-5139, CVE-2012-5140, CVE-2012-5141, CVE-2012-5142, CVE-2012-5143, CVE-2012-5144