Request 489782: Incident chromium - openSUSE Build Service

Overview

Request 489782 accepted

- Version update to 58.0.3029.81 bsc#1035103:
* High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
* High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
* High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
* Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
* Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
* Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
* Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
* Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
* Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
* Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
* Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
* Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
- Refresh patch fix-gn-bootstrap.diff
- Refresh patch chromium-system-jinja-r13.patch
- Remove obsolete patch chromium-57-gcc4.patch

Created by scarabeus_iv about 7 years ago
In state accepted

Incident chromium

Comments for request 489782 0

Login required, please login in order to comment

Request History

scarabeus_iv created request about 7 years ago

- Version update to 58.0.3029.81 bsc#1035103:
* High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
* High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
* High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
* Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
* Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
* Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
* Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
* Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
* Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
* Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
* Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
* Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
- Refresh patch fix-gn-bootstrap.diff
- Refresh patch chromium-system-jinja-r13.patch
- Remove obsolete patch chromium-57-gcc4.patch

maintbot accepted review about 7 years ago

accepted

maintbot approved review about 7 years ago

accepted

msmeissn moved maintenance target to openSUSE:Maintenance:6688 about 7 years ago

msmeissn accepted request about 7 years ago

ok

openSUSE Build Service is sponsored by