openSUSE-SU-2018:3835-1

This update contains Chromium 70.0.3538.102 and fixes security issues and bugs.

Vulnerabilities fixed in 70.0.3538.102:

• CVE-2018-17478: Out of bounds memory access in V8 (boo#1115537)

Vulnerabilities fixed in 70.0.3538.67 (bsc#1112111):

• CVE-2018-17462: Sandbox escape in AppCache
• CVE-2018-17463: Remote code execution in V8
• Heap buffer overflow in Little CMS in PDFium
• CVE-2018-17464: URL spoof in Omnibox
• CVE-2018-17465: Use after free in V8
• CVE-2018-17466: Memory corruption in Angle
• CVE-2018-17467: URL spoof in Omnibox
• CVE-2018-17468: Cross-origin URL disclosure in Blink
• CVE-2018-17469: Heap buffer overflow in PDFium
• CVE-2018-17470: Memory corruption in GPU Internals
• CVE-2018-17471: Security UI occlusion in full screen mode
• CVE-2018-17473: URL spoof in Omnibox
• CVE-2018-17474: Use after free in Blink
• CVE-2018-17475: URL spoof in Omnibox
• CVE-2018-17476: Security UI occlusion in full screen mode
• CVE-2018-5179: Lack of limits on update() in ServiceWorker
• CVE-2018-17477: UI spoof in Extensions

This update contains the following packaging changes:

• VAAPI hardware accelerated rendering is now enabled by default.
• Use the system libusb-1.0 library
• Use bundled harfbuzz library
• Disable gnome-keyring to avoid crashes
• noto-emoji-fonts is no longer a recommended dependency