openSUSE Security Update : chromium (openSUSE-SU-2014:0065-1)

Critical Nessus Plugin ID 75366

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 8.9

Synopsis

The remote openSUSE host is missing a security update.

Description

- Update to Chromium 31.0.1650.63 Stable channel update :

- Security fixes :

- CVE-2013-6634: Session fixation in sync related to 302 redirects

- CVE-2013-6635: Use-after-free in editing

- CVE-2013-6636: Address bar spoofing related to modal dialogs

- CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.

- CVE-2013-6638: Buffer overflow in v8

- CVE-2013-6639: Out of bounds write in v8.

- CVE-2013-6640: Out of bounds read in v8

- and 12 other security fixes.

- Remove the build flags to build according to the Chrome ffmpeg branding and the proprietary codecs. (bnc#847971)

- Update to Chromium 31.0.1650.57 Stable channel update :

- Security Fixes :

- CVE-2013-6632: Multiple memory corruption issues.

- Update to Chromium 31.0.1650.48 Stable Channel update :

- Security fixes :

- CVE-2013-6621: Use after free related to speech input elements..

- CVE-2013-6622: Use after free related to media elements.

- CVE-2013-6623: Out of bounds read in SVG.

- CVE-2013-6624: Use after free related to “id” attribute strings.

- CVE-2013-6625: Use after free in DOM ranges.

- CVE-2013-6626: Address bar spoofing related to interstitial warnings.

- CVE-2013-6627: Out of bounds read in HTTP parsing.

- CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.

- CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.

- CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.

- CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.

- CVE-2013-6631: Use after free in libjingle.

- Added patch chromium-fix-chromedriver-build.diff to fix the chromedriver build

- Enable ARM build for Chromium.

- Added patches chromium-arm-webrtc-fix.patch, chromium-fix-arm-icu.patch and chromium-fix-arm-sysroot.patch to resolve ARM specific build issues

- Update to Chromium 30.0.1599.114 Stable Channel update:
fix build for 32bit systems

- Drop patch chromium-fix-chromedriver-build.diff. This is now fixed upstream

- For openSUSE versions lower than 13.1, build against the in-tree libicu

- Update to Chromium 30.0.1599.101

- Security Fixes :

+ CVE-2013-2925: Use after free in XHR

+ CVE-2013-2926: Use after free in editing

+ CVE-2013-2927: Use after free in forms.

+ CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

- Update to Chromium 30.0.1599.66

- Easier searching by image

- A number of new apps/extension APIs

- Lots of under the hood changes for stability and performance

- Security fixes :

+ CVE-2013-2906: Races in Web Audio

+ CVE-2013-2907: Out of bounds read in Window.prototype object

+ CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code

+ CVE-2013-2909: Use after free in inline-block rendering

+ CVE-2013-2910: Use-after-free in Web Audio

+ CVE-2013-2911: Use-after-free in XSLT

+ CVE-2013-2912: Use-after-free in PPAPI

+ CVE-2013-2913: Use-after-free in XML document parsing

+ CVE-2013-2914: Use after free in the Windows color chooser dialog

+ CVE-2013-2915: Address bar spoofing via a malformed scheme

+ CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code

+ CVE-2013-2917: Out of bounds read in Web Audio

+ CVE-2013-2918: Use-after-free in DOM

+ CVE-2013-2919: Memory corruption in V8

+ CVE-2013-2920: Out of bounds read in URL parsing

+ CVE-2013-2921: Use-after-free in resource loader

+ CVE-2013-2922: Use-after-free in template element

+ CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives

+ CVE-2013-2924: Use-after-free in ICU. Upstream bug

Solution

Update the affected chromium packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=847971

https://bugzilla.novell.com/show_bug.cgi?id=854472

https://bugzilla.novell.com/show_bug.cgi?id=854473

https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

Plugin Details

Severity: Critical

ID: 75366

File Name: openSUSE-2014-37.nasl

Version: 1.4

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 8.9

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:chromedriver, p-cpe:/a:novell:opensuse:chromedriver-debuginfo, p-cpe:/a:novell:opensuse:chromium, p-cpe:/a:novell:opensuse:chromium-debuginfo, p-cpe:/a:novell:opensuse:chromium-debugsource, p-cpe:/a:novell:opensuse:chromium-desktop-gnome, p-cpe:/a:novell:opensuse:chromium-desktop-kde, p-cpe:/a:novell:opensuse:chromium-ffmpegsumo, p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo, p-cpe:/a:novell:opensuse:chromium-suid-helper, p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/01/07

Reference Information

CVE: CVE-2013-2906, CVE-2013-2907, CVE-2013-2908, CVE-2013-2909, CVE-2013-2910, CVE-2013-2911, CVE-2013-2912, CVE-2013-2913, CVE-2013-2914, CVE-2013-2915, CVE-2013-2916, CVE-2013-2917, CVE-2013-2918, CVE-2013-2919, CVE-2013-2920, CVE-2013-2921, CVE-2013-2922, CVE-2013-2923, CVE-2013-2924, CVE-2013-2925, CVE-2013-2926, CVE-2013-2927, CVE-2013-2928, CVE-2013-2931, CVE-2013-6621, CVE-2013-6622, CVE-2013-6623, CVE-2013-6624, CVE-2013-6625, CVE-2013-6626, CVE-2013-6627, CVE-2013-6628, CVE-2013-6629, CVE-2013-6630, CVE-2013-6631, CVE-2013-6632, CVE-2013-6634, CVE-2013-6635, CVE-2013-6636, CVE-2013-6637, CVE-2013-6638, CVE-2013-6639, CVE-2013-6640