Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.853447
Categoría:SuSE Local Security Checks
Título:openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1499-1)
Resumen:The remote host is missing an update for the 'chromium'; package(s) announced via the openSUSE-SU-2020:1499-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'chromium'
package(s) announced via the openSUSE-SU-2020:1499-1 advisory.

Vulnerability Insight:
This update for chromium fixes the following issues:

Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing:

- CVE-2020-6573: Use after free in video.

- CVE-2020-6574: Insufficient policy enforcement in installer.

- CVE-2020-6575: Race in Mojo.

- CVE-2020-6576: Use after free in offscreen canvas.

- CVE-2020-15959: Insufficient policy enforcement in networking.

Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing:

- CVE-2020-6558: Insufficient policy enforcement in iOS

- CVE-2020-6559: Use after free in presentation API

- CVE-2020-6560: Insufficient policy enforcement in autofill

- CVE-2020-6561: Inappropriate implementation in Content Security Policy

- CVE-2020-6562: Insufficient policy enforcement in Blink

- CVE-2020-6563: Insufficient policy enforcement in intent handling.

- CVE-2020-6564: Incorrect security UI in permissions

- CVE-2020-6565: Incorrect security UI in Omnibox.

- CVE-2020-6566: Insufficient policy enforcement in media.

- CVE-2020-6567: Insufficient validation of untrusted input in command
line handling.

- CVE-2020-6568: Insufficient policy enforcement in intent handling.

- CVE-2020-6569: Integer overflow in WebUSB.

- CVE-2020-6570: Side-channel information leakage in WebRTC.

- CVE-2020-6571: Incorrect security UI in Omnibox.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1499=1

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1499=1

Affected Software/OS:
'chromium' package(s) on openSUSE Leap 15.2, openSUSE Leap 15.1.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-6558
Debian Security Information: DSA-4824 (Google Search)
https://www.debian.org/security/2021/dsa-4824
https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html
https://crbug.com/1109120
SuSE Security Announcement: openSUSE-SU-2020:1499 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html
SuSE Security Announcement: openSUSE-SU-2020:1510 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html
SuSE Security Announcement: openSUSE-SU-2020:1514 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6559
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT/
https://security.gentoo.org/glsa/202101-30
https://crbug.com/1116706
Common Vulnerability Exposure (CVE) ID: CVE-2020-6560
https://crbug.com/1108181
Common Vulnerability Exposure (CVE) ID: CVE-2020-6561
https://crbug.com/932892
Common Vulnerability Exposure (CVE) ID: CVE-2020-6562
https://crbug.com/1086845
Common Vulnerability Exposure (CVE) ID: CVE-2020-6563
https://crbug.com/1104628
Common Vulnerability Exposure (CVE) ID: CVE-2020-6564
https://crbug.com/841622
Common Vulnerability Exposure (CVE) ID: CVE-2020-6565
https://crbug.com/1029907
Common Vulnerability Exposure (CVE) ID: CVE-2020-6566
https://crbug.com/1065264
Common Vulnerability Exposure (CVE) ID: CVE-2020-6567
https://crbug.com/937179
Common Vulnerability Exposure (CVE) ID: CVE-2020-6568
https://crbug.com/1092451
Common Vulnerability Exposure (CVE) ID: CVE-2020-6569
https://crbug.com/995732
Common Vulnerability Exposure (CVE) ID: CVE-2020-6570
https://crbug.com/1084699
Common Vulnerability Exposure (CVE) ID: CVE-2020-6571
https://crbug.com/1085315
Common Vulnerability Exposure (CVE) ID: CVE-2020-6573
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html
https://crbug.com/1116304
SuSE Security Announcement: openSUSE-SU-2020:1713 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6574
https://crbug.com/1102196
Common Vulnerability Exposure (CVE) ID: CVE-2020-6575
https://crbug.com/1081874
Common Vulnerability Exposure (CVE) ID: CVE-2020-6576
https://crbug.com/1111737
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.