Request 483832 (accepted)

Overview

Request 483832 accepted

- Version update to 57.0.2987.133 bsc#1031677:
* Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
* High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs
* High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
* High CVE-2017-5056: Use after free in Blink. Credit to anonymous
* High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)

- Drop the browser(npapi) provide which is not true

- Add patch to build with gcc4
* chromium-57-gcc4.patch

- Do not use gcc5 and newer as the compat was fixed again
- Update to 57.0.2987.110 with various other small tweaks

Created by scarabeus_iv about 7 years ago
In state accepted
Open review for backports-reviewers

Incident chromium

Comments for request 483832 0

Request History

scarabeus_iv created request about 7 years ago

- Drop the browser(npapi) provide which is not true

- Add patch to build with gcc4
* chromium-57-gcc4.patch

- Do not use gcc5 and newer as the compat was fixed again
- Update to 57.0.2987.110 with various other small tweaks

maintbot added factory-source as a reviewer about 7 years ago

maintbot accepted review about 7 years ago

accepted

factory-source added backports-reviewers as a reviewer about 7 years ago

Automated review failed. Needs fallback reviewer.

factory-source accepted review about 7 years ago

the package needs to be accepted in openSUSE:Factory or openSUSE:Leap:42.2:Update or openSUSE:Leap:42.2 or openSUSE:Leap:42.1:Update or openSUSE:Leap:42.1 first

AndreasStieger moved maintenance target to openSUSE:Maintenance:6585 about 7 years ago

AndreasStieger accepted request about 7 years ago

add to incident

Places

Overview