| Beschreibung: | Summary:
The remote host is missing an update for the 'Chromium'
package(s) announced via the referenced advisory.
Vulnerability Insight:
Chromium was updated to 25.0.1343
* Security Fixes (bnc#791234 and bnc#792154):
- CVE-2012-5131: Corrupt rendering in the Apple OSX
driver for Intel GPUs
- CVE-2012-5133: Use-after-free in SVG filters.
- CVE-2012-5130: Out-of-bounds read in Skia
- CVE-2012-5132: Browser crash with chunked encoding
- CVE-2012-5134: Buffer underflow in libxml.
- CVE-2012-5135: Use-after-free with printing.
- CVE-2012-5136: Bad cast in input element handling.
- CVE-2012-5138: Incorrect file path handling
- CVE-2012-5137: Use-after-free in media source handling
- Correct build so that proprietary codecs can be used when
the chromium-ffmpeg package is installed
- Update to 25.0.1335
* {gtk} Fixed selection renders white text on
white background in apps. (Issue: 158422)
* Fixed translate infobar button to show selected
language. (Issue: 155350)
* Fixed broken Arabic language. (Issue: 158978)
* Fixed pre-rendering if the preference is disabled at
start up. (Issue: 159393)
* Fixed JavaScript rendering issue. (Issue: 159655)
* No further indications in the ChangeLog
* Updated V8 - 3.14.5.0
* Bookmarks are now searched by their title while typing
into the omnibox with matching bookmarks being shown in
the autocomplete suggestions pop-down list. Matching is
done by prefix.
* Fixed chromium issues 155871, 154173, 155133.
- Removed patch chomium-ffmpeg-no-pkgconfig.patch
- Building now internal libffmpegsumo.so based on the
standard chromium ffmpeg codecs
- Add a configuration file (/etc/default/chromium) where we
can indicate flags for the chromium-browser.
- add explicit buildrequire on libbz2-devel
Affected Software/OS:
Chromium on openSUSE 12.1
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
