Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:3244-1 Final 1 1 2017-12-08T07:27:59Z current 2017-12-08T07:27:59Z 2017-12-08T07:27:59Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update to Chromium 63.0.3239.84 fixes the following security issues: - CVE-2017-15408: Heap buffer overflow in PDFium - CVE-2017-15409: Out of bounds write in Skia - CVE-2017-15410: Use after free in PDFium - CVE-2017-15411: Use after free in PDFium - CVE-2017-15412: Use after free in libXML - CVE-2017-15413: Type confusion in WebAssembly - CVE-2017-15415: Pointer information disclosure in IPC call - CVE-2017-15416: Out of bounds read in Blink - CVE-2017-15417: Cross origin information disclosure in Skia - CVE-2017-15418: Use of uninitialized value in Skia - CVE-2017-15419: Cross origin leak of redirect URL in Blink - CVE-2017-15420: URL spoofing in Omnibox - CVE-2017-15422: Integer overflow in ICU - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL - CVE-2017-15424: URL Spoof in Omnibox - CVE-2017-15425: URL Spoof in Omnibox - CVE-2017-15426: URL Spoof in Omnibox - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html E-Mail link for openSUSE-SU-2017:3244-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 chromedriver-63.0.3239.84-127.1 chromium-63.0.3239.84-127.1 chromedriver-63.0.3239.84-127.1 as a component of openSUSE Leap 42.2 chromium-63.0.3239.84-127.1 as a component of openSUSE Leap 42.2 chromedriver-63.0.3239.84-127.1 as a component of openSUSE Leap 42.3 chromium-63.0.3239.84-127.1 as a component of openSUSE Leap 42.3 Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. CVE-2017-15408 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15408.html CVE-2017-15408 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15409 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15409.html CVE-2017-15409 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-15410 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15410.html CVE-2017-15410 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-15411 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15411.html CVE-2017-15411 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15412 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15412.html CVE-2017-15412 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077993 SUSE Bug 1077993 https://bugzilla.suse.com/1123129 SUSE Bug 1123129 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15413 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15413.html CVE-2017-15413 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page. CVE-2017-15415 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15415.html CVE-2017-15415 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read. CVE-2017-15416 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15416.html CVE-2017-15416 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2017-15417 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15417.html CVE-2017-15417 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-15418 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15418.html CVE-2017-15418 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page. CVE-2017-15419 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15419.html CVE-2017-15419 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-15420 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15420.html CVE-2017-15420 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-15422 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15422.html CVE-2017-15422 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077999 SUSE Bug 1077999 https://bugzilla.suse.com/1123121 SUSE Bug 1123121 Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic. CVE-2017-15423 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15423.html CVE-2017-15423 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15424 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15424.html CVE-2017-15424 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15425 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15425.html CVE-2017-15425 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15426 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15426.html CVE-2017-15426 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar. CVE-2017-15427 openSUSE Leap 42.2:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.2:chromium-63.0.3239.84-127.1 openSUSE Leap 42.3:chromedriver-63.0.3239.84-127.1 openSUSE Leap 42.3:chromium-63.0.3239.84-127.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00021.html https://www.suse.com/security/cve/CVE-2017-15427.html CVE-2017-15427 https://bugzilla.suse.com/1071691 SUSE Bug 1071691