ID de Prueba:	1.3.6.1.4.1.25623.1.0.851823
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:2134-1)
Resumen:	The remote host is missing an update for the 'Chromium'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'Chromium' package(s) announced via the referenced advisory. Vulnerability Insight: This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed (boo#1102530): - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC - CVE-2018-6157: Type confusion in WebRTC - CVE-2018-6158: Use after free in Blink - CVE-2018-6159: Same origin policy bypass in ServiceWorker - CVE-2018-6161: Same origin policy bypass in WebAudio - CVE-2018-6162: Heap buffer overflow in WebGL - CVE-2018-6163: URL spoof in Omnibox - CVE-2018-6164: Same origin policy bypass in ServiceWorker - CVE-2018-6165: URL spoof in Omnibox - CVE-2018-6166: URL spoof in Omnibox - CVE-2018-6167: URL spoof in Omnibox - CVE-2018-6168: CORS bypass in Blink - CVE-2018-6169: Permissions bypass in extension installation - CVE-2018-6170: Type confusion in PDFium - CVE-2018-6171: Use after free in WebBluetooth - CVE-2018-6172: URL spoof in Omnibox - CVE-2018-6173: URL spoof in Omnibox - CVE-2018-6174: Integer overflow in SwiftShader - CVE-2018-6175: URL spoof in Omnibox - CVE-2018-6176: Local user privilege escalation in Extensions - CVE-2018-6177: Cross origin information leak in Blink - CVE-2018-6178: UI spoof in Extensions - CVE-2018-6179: Local file information leak in Extensions - CVE-2018-6044: Request privilege escalation in Extensions - CVE-2018-4117: Cross origin information leak in Blink The following user interface changes are included: - Chrome will show the 'Not secure' warning on all plain HTTP pages Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-780=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-780=1 Affected Software/OS: Chromium on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-4117 BugTraq ID: 104887 http://www.securityfocus.com/bid/104887 Debian Security Information: DSA-4256 (Google Search) https://www.debian.org/security/2018/dsa-4256 https://security.gentoo.org/glsa/201808-01 https://security.gentoo.org/glsa/201808-04 RedHat Security Advisories: RHSA-2018:2282 https://access.redhat.com/errata/RHSA-2018:2282 http://www.securitytracker.com/id/1040604 https://usn.ubuntu.com/3635-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-6044 Common Vulnerability Exposure (CVE) ID: CVE-2018-6153 https://crbug.com/850350 Common Vulnerability Exposure (CVE) ID: CVE-2018-6154 https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html https://crbug.com/848914 Common Vulnerability Exposure (CVE) ID: CVE-2018-6155 https://crbug.com/842265 Common Vulnerability Exposure (CVE) ID: CVE-2018-6156 https://crbug.com/841962 https://usn.ubuntu.com/4165-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-6157 https://crbug.com/840536 Common Vulnerability Exposure (CVE) ID: CVE-2018-6158 https://crbug.com/841280 Common Vulnerability Exposure (CVE) ID: CVE-2018-6159 https://crbug.com/837275 Common Vulnerability Exposure (CVE) ID: CVE-2018-6161 https://crbug.com/826552 Common Vulnerability Exposure (CVE) ID: CVE-2018-6162 https://crbug.com/804123 Common Vulnerability Exposure (CVE) ID: CVE-2018-6163 https://crbug.com/849398 Common Vulnerability Exposure (CVE) ID: CVE-2018-6164 https://crbug.com/848786 Common Vulnerability Exposure (CVE) ID: CVE-2018-6165 https://crbug.com/847718 Common Vulnerability Exposure (CVE) ID: CVE-2018-6166 https://crbug.com/835554 Common Vulnerability Exposure (CVE) ID: CVE-2018-6167 https://crbug.com/833143 Common Vulnerability Exposure (CVE) ID: CVE-2018-6168 https://crbug.com/828265 Common Vulnerability Exposure (CVE) ID: CVE-2018-6169 https://crbug.com/394518 Common Vulnerability Exposure (CVE) ID: CVE-2018-6170 https://crbug.com/862059 Common Vulnerability Exposure (CVE) ID: CVE-2018-6171 https://crbug.com/851799 Common Vulnerability Exposure (CVE) ID: CVE-2018-6172 https://crbug.com/847242 Common Vulnerability Exposure (CVE) ID: CVE-2018-6173 https://crbug.com/836885 Common Vulnerability Exposure (CVE) ID: CVE-2018-6174 https://crbug.com/835299 Common Vulnerability Exposure (CVE) ID: CVE-2018-6175 https://crbug.com/826019 Common Vulnerability Exposure (CVE) ID: CVE-2018-6176 https://crbug.com/666824 Common Vulnerability Exposure (CVE) ID: CVE-2018-6177 https://crbug.com/826187 Common Vulnerability Exposure (CVE) ID: CVE-2018-6178 https://crbug.com/823194 Common Vulnerability Exposure (CVE) ID: CVE-2018-6179 https://crbug.com/816685
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.