Bug 944144 – VUL-0: chromium: September update 2015

Bug 944144 - (CVE-2015-1298) VUL-0: chromium: September update 2015

(CVE-2015-1298)
Summary:	VUL-0: chromium: September update 2015

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assigned To:	Raymond Wooninck
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/156214/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2015-09-02 09:47 UTC by Victor Pereira
Modified:	2015-11-02 15:55 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2015-09-02 09:47:35 UTC

The following issues were reported in Google Chromium:

CVE-2015-1298: URL validation error in extensions

An unspecified url validation error flaw was found in the extensions component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=518827

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1297: Permission scoping error in WebRequest

An unspecified permission scoping error flaw was found in the WebRequest component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=510802

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html



CVE-2015-1296: Character spoofing in omnibox

An unspecified character spoofing flaw was found in the omnibox component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=421332

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html



CVE-2015-1295: Use-after-free in Printing

An unspecified use-after-free flaw was found in the Printing component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=502562

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1294: Use-after-free in Skia

An unspecified use-after-free flaw was found in the Skia component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=492263

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1293: Cross-origin bypass in DOM

An unspecified cross-origin bypass flaw was found in the DOM component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=524074

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1292: Cross-origin bypass in ServiceWorker

An unspecified cross-origin bypass flaw was found in the ServiceWorker component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=522791

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html



CVE-2015-1291: Cross-origin bypass in DOM

Cross-origin bypass in DOM

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=516377 (private)

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1301: various fixes from internal audits

Unspecified various fixes from internal audits were applied to the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=526825

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1300: Information leak in Blink

An unspecified information leak flaw was found in the Blink component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=511616

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html


CVE-2015-1299: Use-after-free in Blink

An unspecified use-after-free flaw was found in the Blink component of the Chromium browser.

Upstream bug: https://code.google.com/p/chromium/issues/detail?id=416362

External References:

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html

Comment 1 Swamp Workflow Management 2015-09-02 22:00:15 UTC

bugbot adjusting priority

Comment 2 Victor Pereira 2015-09-04 08:38:49 UTC

some new vulnerabilities appeared:


CVE-2015-6580 Multiple unspecified vulnerabilities in Google V8

Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2015-6581 Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c

Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure. 

CVE-2015-6582 possible denial of service in Blink

The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted web site. 


CVE-2015-6583 Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after navigation away from the installation site

Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after navigation away from the installation site, which might make it easier for remote attackers to spoof content via a crafted app, related to browser.cc and hosted_app_browser_controller.cc.

Comment 3 Bernhard Wiedemann 2015-09-12 20:00:09 UTC

This is an autogenerated message for OBS integration:
This bug (944144) was mentioned in
https://build.opensuse.org/request/show/330707 Factory / chromium
https://build.opensuse.org/request/show/330708 13.2 / chromium
https://build.opensuse.org/request/show/330709 13.1 / chromium

Comment 4 Andreas Stieger 2015-09-21 09:54:13 UTC

released

Comment 5 Swamp Workflow Management 2015-09-21 11:10:13 UTC

openSUSE-SU-2015:1586-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 944144
CVE References: CVE-2015-1291,CVE-2015-1292,CVE-2015-1293,CVE-2015-1294,CVE-2015-1295,CVE-2015-1296,CVE-2015-1297,CVE-2015-1298,CVE-2015-1299,CVE-2015-1300,CVE-2015-1301
Sources used:
openSUSE 13.2 (src):    chromium-45.0.2454.85-43.1
openSUSE 13.1 (src):    chromium-45.0.2454.85-98.1

Comment 6 Swamp Workflow Management 2015-11-02 15:55:31 UTC

openSUSE-SU-2015:1873-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 944144
CVE References: CVE-2015-1291,CVE-2015-1292,CVE-2015-1293,CVE-2015-1294,CVE-2015-1295,CVE-2015-1296,CVE-2015-1297,CVE-2015-1298,CVE-2015-1299,CVE-2015-1300,CVE-2015-1301
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    chromium-45.0.2454.85-17.1