openSUSE-SU-2016:2597-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2016:2597-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2016:2597-1
Upstream
Related
Published
2016-10-19T15:50:17Z
Modified
2026-02-04T03:09:19.875429Z
Summary
Security update for Chromium
Details

Chromium was updated to 54.0.2840.59 to fix security issues and bugs.

The following security issues are fixed (bnc#1004465):

  • CVE-2016-5181: Universal XSS in Blink
  • CVE-2016-5182: Heap overflow in Blink
  • CVE-2016-5183: Use after free in PDFium
  • CVE-2016-5184: Use after free in PDFium
  • CVE-2016-5185: Use after free in Blink
  • CVE-2016-5187: URL spoofing
  • CVE-2016-5188: UI spoofing
  • CVE-2016-5192: Cross-origin bypass in Blink
  • CVE-2016-5189: URL spoofing
  • CVE-2016-5186: Out of bounds read in DevTools
  • CVE-2016-5191: Universal XSS in Bookmarks
  • CVE-2016-5190: Use after free in Internals
  • CVE-2016-5193: Scheme bypass

The following bugs were fixed:

  • bnc#1000019: display issues in full screen mode, add --ui-disable-partial-swap to the launcher

The following packaging changes are included:

  • The desktop sub-packages are no obsolete
  • The package now uses the system variants of some bundled libraries
  • The hangouts extension is now built
References

Affected packages

SUSE:Package Hub 12 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
54.0.2840.59-109.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "54.0.2840.59-109.1",
            "chromium-ffmpegsumo": "54.0.2840.59-109.1",
            "chromium": "54.0.2840.59-109.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2016:2597-1.json"