openSUSE Local Security Checks : openSUSE Security Advisory (openSUSE-SU-2025:0115-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.1.2025.0115.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (openSUSE-SU-2025:0115-1)

Resumen: The remote host is missing an update for the 'chromium, gn' package(s) announced via the openSUSE-SU-2025:0115-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'chromium, gn' package(s) announced via the openSUSE-SU-2025:0115-1 advisory.

Vulnerability Insight:
This update for chromium, gn fixes the following issues:

Changes in chromium:
- Chromium 135.0.7049.52 (stable release 2025-04-01) (boo#1240555)
* CVE-2025-3066: Use after free in Navigations
* CVE-2025-3067: Inappropriate implementation in Custom Tabs
* CVE-2025-3068: Inappropriate implementation in Intents
* CVE-2025-3069: Inappropriate implementation in Extensions
* CVE-2025-3070: Insufficient validation of untrusted input in Extensions
* CVE-2025-3071: Inappropriate implementation in Navigations
* CVE-2025-3072: Inappropriate implementation in Custom Tabs
* CVE-2025-3073: Inappropriate implementation in Autofill
* CVE-2025-3074: Inappropriate implementation in Downloads

Changes in gn:
- Update to version 0.20250306:
* Remove deps from rust executable to module's pcm files
* Update test for rust executable deps
* Add toolchain for cxx modules in TestWithScope
* Apply the latest clang-format
* Update reference for {rustdeps}
* Always generate a .toolchain file even if it is empty.
* Pass --with-lg-page=16 when building jemalloc for arm64.
* Remove obsolete debug checks.
* Make default vs ide version on Windows as 2022
* Reland 'Adds a path_exists() function'
* Revert 'Adds a path_exists() function'
* Adds a path_exists() function
* Revert 'Speed-up GN with custom OutputStream interface.'
* Speed-up GN with custom OutputStream interface.
* Add `exec_script_allowlist` to replace `exec_script_whitelist`.
* Retry ReplaceFile in case of failure
* Fix crash when NinjaBuildWriter::RunAndWriteFile fails
* fix include for escape.h
* fix exit code for gn gen failure
* misc: Use html.escape instead of cgi.escape
* Do not copy parent build_dependency_files_ in Scope constructors.
* Improve error message for duplicated items
* [rust-project] Always use forward slashes in sysroot paths
* Update all_dependent_configs docs.
* set 'no_stamp_files' by default
* fix a typo
* Stop using transitional LFS64 APIs
* do not use tool prefix for phony rule
* [rust] Add sysroot_src to rust-project.json
* Implement and enable 'no_stamp_files'
* Add Target::dependency_output_alias()
* Add 'outputs' to generated_file documentation.
* Update bug database link.
* remove a trailing space after variable bindings
* fix tool name in error
* remove unused includes
* Markdown optimization (follow-up)
* Support link_output, depend_output in Rust linked tools.
* Properly verify runtime_outputs in rust tool definitions.
* BugFix: Syntax error in gen.py file
* generated_file: add output to input deps of stamp
* Markdown optimization:
* Revert 'Rust: link_output, depend_output and runtime_outputs for dylibs'
* hint using nogncheck on disallowed includes

Affected Software/OS:
'chromium, gn' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-3066
Common Vulnerability Exposure (CVE) ID: CVE-2025-3067
Common Vulnerability Exposure (CVE) ID: CVE-2025-3068
Common Vulnerability Exposure (CVE) ID: CVE-2025-3069
Common Vulnerability Exposure (CVE) ID: CVE-2025-3070
Common Vulnerability Exposure (CVE) ID: CVE-2025-3071
Common Vulnerability Exposure (CVE) ID: CVE-2025-3072
Common Vulnerability Exposure (CVE) ID: CVE-2025-3073
Common Vulnerability Exposure (CVE) ID: CVE-2025-3074

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.1.2025.0115.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (openSUSE-SU-2025:0115-1)
Resumen:	The remote host is missing an update for the 'chromium, gn' package(s) announced via the openSUSE-SU-2025:0115-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium, gn' package(s) announced via the openSUSE-SU-2025:0115-1 advisory. Vulnerability Insight: This update for chromium, gn fixes the following issues: Changes in chromium: - Chromium 135.0.7049.52 (stable release 2025-04-01) (boo#1240555) * CVE-2025-3066: Use after free in Navigations * CVE-2025-3067: Inappropriate implementation in Custom Tabs * CVE-2025-3068: Inappropriate implementation in Intents * CVE-2025-3069: Inappropriate implementation in Extensions * CVE-2025-3070: Insufficient validation of untrusted input in Extensions * CVE-2025-3071: Inappropriate implementation in Navigations * CVE-2025-3072: Inappropriate implementation in Custom Tabs * CVE-2025-3073: Inappropriate implementation in Autofill * CVE-2025-3074: Inappropriate implementation in Downloads Changes in gn: - Update to version 0.20250306: * Remove deps from rust executable to module's pcm files * Update test for rust executable deps * Add toolchain for cxx modules in TestWithScope * Apply the latest clang-format * Update reference for {rustdeps} * Always generate a .toolchain file even if it is empty. * Pass --with-lg-page=16 when building jemalloc for arm64. * Remove obsolete debug checks. * Make default vs ide version on Windows as 2022 * Reland 'Adds a path_exists() function' * Revert 'Adds a path_exists() function' * Adds a path_exists() function * Revert 'Speed-up GN with custom OutputStream interface.' * Speed-up GN with custom OutputStream interface. * Add `exec_script_allowlist` to replace `exec_script_whitelist`. * Retry ReplaceFile in case of failure * Fix crash when NinjaBuildWriter::RunAndWriteFile fails * fix include for escape.h * fix exit code for gn gen failure * misc: Use html.escape instead of cgi.escape * Do not copy parent build_dependency_files_ in Scope constructors. * Improve error message for duplicated items * [rust-project] Always use forward slashes in sysroot paths * Update all_dependent_configs docs. * set 'no_stamp_files' by default * fix a typo * Stop using transitional LFS64 APIs * do not use tool prefix for phony rule * [rust] Add sysroot_src to rust-project.json * Implement and enable 'no_stamp_files' * Add Target::dependency_output_alias() * Add 'outputs' to generated_file documentation. * Update bug database link. * remove a trailing space after variable bindings * fix tool name in error * remove unused includes * Markdown optimization (follow-up) * Support link_output, depend_output in Rust linked tools. * Properly verify runtime_outputs in rust tool definitions. * BugFix: Syntax error in gen.py file * generated_file: add output to input deps of stamp * Markdown optimization: * Revert 'Rust: link_output, depend_output and runtime_outputs for dylibs' * hint using nogncheck on disallowed includes Affected Software/OS: 'chromium, gn' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-3066 Common Vulnerability Exposure (CVE) ID: CVE-2025-3067 Common Vulnerability Exposure (CVE) ID: CVE-2025-3068 Common Vulnerability Exposure (CVE) ID: CVE-2025-3069 Common Vulnerability Exposure (CVE) ID: CVE-2025-3070 Common Vulnerability Exposure (CVE) ID: CVE-2025-3071 Common Vulnerability Exposure (CVE) ID: CVE-2025-3072 Common Vulnerability Exposure (CVE) ID: CVE-2025-3073 Common Vulnerability Exposure (CVE) ID: CVE-2025-3074
Copyright	Copyright (C) 2025 Greenbone AG