Bug 1168421 - (CVE-2020-6450) VUL-0: CVE-2020-6450,CVE-2020-6451,CVE-2020-6452: chromium: security update to 80.0.3987.162
(CVE-2020-6450)
VUL-0: CVE-2020-6450,CVE-2020-6451,CVE-2020-6452: chromium: security update t...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-04-02 09:25 UTC by Tomáš Chvátal
Modified: 2020-05-04 12:17 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tomáš Chvátal 2020-04-02 09:25:00 UTC
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html

[$TBD][1062247] High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-17
[$TBD][1061018] High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-12
[$N/A][1059764] High CVE-2020-6452: Heap buffer overflow in media. Reported by asnine on 2020-03-09
Comment 1 Tomáš Chvátal 2020-04-02 09:26:00 UTC
I will sent the submissions asap as soon as my test build finishes.
Comment 2 Swamp Workflow Management 2020-04-02 11:00:53 UTC
This is an autogenerated message for OBS integration:
This bug (1168421) was mentioned in
https://build.opensuse.org/request/show/790832 Factory / chromium
https://build.opensuse.org/request/show/790834 Backports:SLE-12-SP3 / chromium
https://build.opensuse.org/request/show/790835 15.1 / chromium
Comment 3 Swamp Workflow Management 2020-04-10 10:40:10 UTC
This is an autogenerated message for OBS integration:
This bug (1168421) was mentioned in
https://build.opensuse.org/request/show/792911 15.1 / chromium
Comment 4 Swamp Workflow Management 2020-04-12 16:13:58 UTC
openSUSE-SU-2020:0512-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 1167465,1168421
CVE References: CVE-2020-6450,CVE-2020-6451,CVE-2020-6452
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    chromium-80.0.3987.162-44.1
Comment 5 Swamp Workflow Management 2020-04-15 07:14:00 UTC
openSUSE-SU-2020:0519-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1167465,1168421,1168911
CVE References: CVE-2020-6423,CVE-2020-6430,CVE-2020-6431,CVE-2020-6432,CVE-2020-6433,CVE-2020-6434,CVE-2020-6435,CVE-2020-6436,CVE-2020-6437,CVE-2020-6438,CVE-2020-6439,CVE-2020-6440,CVE-2020-6441,CVE-2020-6442,CVE-2020-6443,CVE-2020-6444,CVE-2020-6445,CVE-2020-6446,CVE-2020-6447,CVE-2020-6448,CVE-2020-6450,CVE-2020-6451,CVE-2020-6452,CVE-2020-6454,CVE-2020-6455,CVE-2020-6456
Sources used:
openSUSE Leap 15.1 (src):    chromium-81.0.4044.92-lp151.2.77.1
Comment 6 Swamp Workflow Management 2020-04-19 01:13:41 UTC
openSUSE-SU-2020:0540-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1167465,1168421,1168911
CVE References: CVE-2020-6423,CVE-2020-6430,CVE-2020-6431,CVE-2020-6432,CVE-2020-6433,CVE-2020-6434,CVE-2020-6435,CVE-2020-6436,CVE-2020-6437,CVE-2020-6438,CVE-2020-6439,CVE-2020-6440,CVE-2020-6441,CVE-2020-6442,CVE-2020-6443,CVE-2020-6444,CVE-2020-6445,CVE-2020-6446,CVE-2020-6447,CVE-2020-6448,CVE-2020-6450,CVE-2020-6451,CVE-2020-6452,CVE-2020-6454,CVE-2020-6455,CVE-2020-6456
Sources used:
openSUSE Backports SLE-15-SP1 (src):    chromium-81.0.4044.92-bp151.3.66.1
Comment 7 Alexandros Toptsoglou 2020-05-04 12:17:19 UTC
Done