openSUSE-SU-2018:0313-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0313-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2018:0313-1
Upstream
Related
Published
2018-01-31T10:21:32Z
Modified
2026-02-04T02:19:49.661740Z
Summary
Security update for chromium
Details

This update for chromium to 64.0.3282.119 fixes several issues.

These security issues were fixed:

  • CVE-2018-6031: Use after free in PDFium (boo#1077571)
  • CVE-2018-6032: Same origin bypass in Shared Worker (boo#1077571)
  • CVE-2018-6033: Race when opening downloaded files (boo#1077571)
  • CVE-2018-6034: Integer overflow in Blink (boo#1077571)
  • CVE-2018-6035: Insufficient isolation of devtools from extensions (boo#1077571)
  • CVE-2018-6036: Integer underflow in WebAssembly (boo#1077571)
  • CVE-2018-6037: Insufficient user gesture requirements in autofill (boo#1077571)
  • CVE-2018-6038: Heap buffer overflow in WebGL (boo#1077571)
  • CVE-2018-6039: XSS in DevTools (boo#1077571)
  • CVE-2018-6040: Content security policy bypass (boo#1077571)
  • CVE-2018-6041: URL spoof in Navigation (boo#1077571)
  • CVE-2018-6042: URL spoof in OmniBox (boo#1077571)
  • CVE-2018-6043: Insufficient escaping with external URL handlers (boo#1077571)
  • CVE-2018-6045: Insufficient isolation of devtools from extensions (boo#1077571)
  • CVE-2018-6046: Insufficient isolation of devtools from extensions (boo#1077571)
  • CVE-2018-6047: Cross origin URL leak in WebGL (boo#1077571)
  • CVE-2018-6048: Referrer policy bypass in Blink (boo#1077571)
  • CVE-2017-15420: URL spoofing in Omnibox (boo#1077571)
  • CVE-2018-6049: UI spoof in Permissions (boo#1077571)
  • CVE-2018-6050: URL spoof in OmniBox (boo#1077571)
  • CVE-2018-6051: Referrer leak in XSS Auditor (boo#1077571)
  • CVE-2018-6052: Incomplete no-referrer policy implementation (boo#1077571)
  • CVE-2018-6053: Leak of page thumbnails in New Tab Page (boo#1077571)
  • CVE-2018-6054: Use after free in WebUI (boo#1077571)

Re was updated to version 2018-01-01 (boo#1073323)

References

Affected packages

SUSE:Package Hub 12 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
64.0.3282.119-46.2

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "64.0.3282.119-46.2",
            "libre2-0": "20180101-5.1",
            "re2-devel": "20180101-5.1",
            "chromium": "64.0.3282.119-46.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0313-1.json"

SUSE:Package Hub 12 / re2

Package

Name
re2
Purl
pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20180101-5.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "64.0.3282.119-46.2",
            "libre2-0": "20180101-5.1",
            "re2-devel": "20180101-5.1",
            "chromium": "64.0.3282.119-46.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0313-1.json"

SUSE:Package Hub 12 SP2 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
64.0.3282.119-46.2

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "64.0.3282.119-46.2",
            "libre2-0": "20180101-5.1",
            "re2-devel": "20180101-5.1",
            "chromium": "64.0.3282.119-46.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0313-1.json"

SUSE:Package Hub 12 SP2 / re2

Package

Name
re2
Purl
pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20180101-5.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromedriver": "64.0.3282.119-46.2",
            "libre2-0": "20180101-5.1",
            "re2-devel": "20180101-5.1",
            "chromium": "64.0.3282.119-46.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0313-1.json"