SuSE Update For Chromium OpenSUSE-SU-2014:0501-1 (chromium) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Chromium was updated to the 33.0.1750.152 stable channel uodate: - Security fixes: * CVE-2014-1713: Use-after-free in Blink bindings * CVE-2014-1714: Windows clipboard vulnerability * CVE-2014-1705: Memory corruption in V8 * CVE-2014-1715: Directory traversal issue Previous stable channel update 33.0.1750.149: - Security fixes: * CVE-2014-1700: Use-after-free in speech * CVE-2014-1701: UXSS in events * CVE-2014-1702: Use-after-free in web database * CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18

Affected

chromium on openSUSE 13.1, openSUSE 12.3

References

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-1700, CVE-2014-1701, CVE-2014-1702, CVE-2014-1703, CVE-2014-1704, CVE-2014-1705, CVE-2014-1713, CVE-2014-1714, CVE-2014-1715
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SuSE Update for chromium openSUSE-SU-2014:0501-1 (chromium)

Take action and discover your vulnerabilities