Test ID:	1.3.6.1.4.1.25623.1.0.852557
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1558-1)
Summary:	The remote host is missing an update for the 'chromium'; package(s) announced via the openSUSE-SU-2019:1558-1 advisory.
Description:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2019:1558-1 advisory. Vulnerability Insight: This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed: - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS - CVE-2019-5831: Fixed an incorrect map processing in V8 - CVE-2019-5832: Fixed an incorrect CORS handling in XHR - CVE-2019-5833: Fixed an inconsistent security UI placemen - CVE-2019-5835: Fixed an out of bounds read in Swiftshader - CVE-2019-5836: Fixed a heap buffer overflow in Angle - CVE-2019-5837: Fixed a cross-origin resources size disclosure in Appcache - CVE-2019-5838: Fixed an overly permissive tab access in Extensions - CVE-2019-5839: Fixed an incorrect handling of certain code points in Blink - CVE-2019-5840: Fixed a popup blocker bypass Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1558=1 Affected Software/OS: 'chromium' package(s) on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-5828 Bugtraq: 20190813 [SECURITY] [DSA 4500-1] chromium security update (Google Search) https://seclists.org/bugtraq/2019/Aug/19 Debian Security Information: DSA-4500 (Google Search) https://www.debian.org/security/2019/dsa-4500 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ https://security.gentoo.org/glsa/201908-18 https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html https://crbug.com/956597 SuSE Security Announcement: openSUSE-SU-2019:1666 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html Common Vulnerability Exposure (CVE) ID: CVE-2019-5829 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/ https://crbug.com/958533 Common Vulnerability Exposure (CVE) ID: CVE-2019-5830 https://crbug.com/665766 Common Vulnerability Exposure (CVE) ID: CVE-2019-5831 https://crbug.com/950328 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791 Common Vulnerability Exposure (CVE) ID: CVE-2019-5832 https://crbug.com/959390 Common Vulnerability Exposure (CVE) ID: CVE-2019-5833 https://crbug.com/945067 Common Vulnerability Exposure (CVE) ID: CVE-2019-5834 https://crbug.com/962368 Common Vulnerability Exposure (CVE) ID: CVE-2019-5835 https://crbug.com/939239 Common Vulnerability Exposure (CVE) ID: CVE-2019-5836 https://crbug.com/947342 Common Vulnerability Exposure (CVE) ID: CVE-2019-5837 https://crbug.com/918293 Common Vulnerability Exposure (CVE) ID: CVE-2019-5838 https://crbug.com/893087 Common Vulnerability Exposure (CVE) ID: CVE-2019-5839 https://crbug.com/925614 Common Vulnerability Exposure (CVE) ID: CVE-2019-5840 https://crbug.com/951782
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.