SuSE Local Security Checks : openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0243-1)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.850570

Categoría: SuSE Local Security Checks

Título: openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0243-1)

Resumen: The remote host is missing an update for the 'chromium'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'chromium'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Chromium was updated to version 32.0.1700.102: Stable
channel update:

- Security Fixes:

* CVE-2013-6649: Use-after-free in SVG images

* CVE-2013-6650: Memory corruption in V8

* and 12 other fixes

- Other:

* Mouse Pointer disappears after exiting full-screen
mode

* Drag and drop files into Chromium may not work
properly

* Quicktime Plugin crashes in Chromium

* Chromium becomes unresponsive

* Trackpad users may not be able to scroll horizontally

* Scrolling does not work in combo box

* Chromium does not work with all CSS minifiers such
as whitespace around a media query's `and` keyword

- Update to Chromium 32.0.1700.77 Stable channel update:

- Security fixes:

* CVE-2013-6646: Use-after-free in web workers

* CVE-2013-6641: Use-after-free related to forms

* CVE-2013-6643: Unprompted sync with an attacker's
Google account

* CVE-2013-6645: Use-after-free related to speech
input elements

* CVE-2013-6644: Various fixes from internal audits,
fuzzing and other initiatives

- Other:

* Tab indicators for sound, webcam and casting

* Automatically blocking malware files

* Lots of under the hood changes for stability and
performance

- Remove patch chromium-fix-chromedriver-build.diff as
that chromedriver is fixed upstream

- Updated ExcludeArch to exclude aarch64, ppc, ppc64 and
ppc64le. This is based on missing build requires
(valgrind, v8, etc)

Affected Software/OS:
chromium on openSUSE 13.1, openSUSE 12.3

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-6641
Debian Security Information: DSA-2862 (Google Search)
http://www.debian.org/security/2014/dsa-2862
SuSE Security Announcement: openSUSE-SU-2014:0243 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6643
Common Vulnerability Exposure (CVE) ID: CVE-2013-6644
Common Vulnerability Exposure (CVE) ID: CVE-2013-6645
http://code.google.com/p/chromium/issues/detail?id=320183
Common Vulnerability Exposure (CVE) ID: CVE-2013-6646
Common Vulnerability Exposure (CVE) ID: CVE-2013-6649
Common Vulnerability Exposure (CVE) ID: CVE-2013-6650

Copyright Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.850570
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0243-1)
Resumen:	The remote host is missing an update for the 'chromium'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the referenced advisory. Vulnerability Insight: Chromium was updated to version 32.0.1700.102: Stable channel update: - Security Fixes: * CVE-2013-6649: Use-after-free in SVG images * CVE-2013-6650: Memory corruption in V8 * and 12 other fixes - Other: * Mouse Pointer disappears after exiting full-screen mode * Drag and drop files into Chromium may not work properly * Quicktime Plugin crashes in Chromium * Chromium becomes unresponsive * Trackpad users may not be able to scroll horizontally * Scrolling does not work in combo box * Chromium does not work with all CSS minifiers such as whitespace around a media query's `and` keyword - Update to Chromium 32.0.1700.77 Stable channel update: - Security fixes: * CVE-2013-6646: Use-after-free in web workers * CVE-2013-6641: Use-after-free related to forms * CVE-2013-6643: Unprompted sync with an attacker's Google account * CVE-2013-6645: Use-after-free related to speech input elements * CVE-2013-6644: Various fixes from internal audits, fuzzing and other initiatives - Other: * Tab indicators for sound, webcam and casting * Automatically blocking malware files * Lots of under the hood changes for stability and performance - Remove patch chromium-fix-chromedriver-build.diff as that chromedriver is fixed upstream - Updated ExcludeArch to exclude aarch64, ppc, ppc64 and ppc64le. This is based on missing build requires (valgrind, v8, etc) Affected Software/OS: chromium on openSUSE 13.1, openSUSE 12.3 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6641 Debian Security Information: DSA-2862 (Google Search) http://www.debian.org/security/2014/dsa-2862 SuSE Security Announcement: openSUSE-SU-2014:0243 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6643 Common Vulnerability Exposure (CVE) ID: CVE-2013-6644 Common Vulnerability Exposure (CVE) ID: CVE-2013-6645 http://code.google.com/p/chromium/issues/detail?id=320183 Common Vulnerability Exposure (CVE) ID: CVE-2013-6646 Common Vulnerability Exposure (CVE) ID: CVE-2013-6649 Common Vulnerability Exposure (CVE) ID: CVE-2013-6650
Copyright	Copyright (C) 2014 Greenbone Networks GmbH