openSUSE-SU-2017:2491-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2017:2491-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2017:2491-1
Upstream
Related
Published
2017-09-15T05:01:20Z
Modified
2026-02-04T04:22:17.562810Z
Summary
Security update for chromium
Details

This update for chromium to version 61.0.3163.79 fixes several issues.

These security issues were fixed:

  • CVE-2017-5111: Use after free in PDFium (boo#1057364).
  • CVE-2017-5112: Heap buffer overflow in WebGL (boo#1057364).
  • CVE-2017-5113: Heap buffer overflow in Skia (boo#1057364).
  • CVE-2017-5114: Memory lifecycle issue in PDFium (boo#1057364).
  • CVE-2017-5115: Type confusion in V8 (boo#1057364).
  • CVE-2017-5116: Type confusion in V8 (boo#1057364).
  • CVE-2017-5117: Use of uninitialized value in Skia (boo#1057364).
  • CVE-2017-5118: Bypass of Content Security Policy in Blink (boo#1057364).
  • CVE-2017-5119: Use of uninitialized value in Skia (boo#1057364).
  • CVE-2017-5120: Potential HTTPS downgrade during redirect navigation (boo#1057364).
References

Affected packages

SUSE:Package Hub 12 SP2 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
61.0.3163.79-29.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromium": "61.0.3163.79-29.1",
            "chromedriver": "61.0.3163.79-29.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2017:2491-1.json"