First Last Prev Next    This bug is not in your last search results.
Bug 1174189 - (CVE-2020-6510) VUL-0: CVE-2020-6510: chromium: Update to 84.0.4147.89
(CVE-2020-6510)
VUL-0: CVE-2020-6510: chromium: Update to 84.0.4147.89
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P2 - High : Critical (vote)
: ---
Assigned To: Security Team bot
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-07-16 06:18 UTC by Alexandros Toptsoglou
Modified: 2021-12-15 09:40 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2020-07-16 06:18:42 UTC 
Critical CVE-2020-6510: Heap buffer overflow in background fetch. 
High CVE-2020-6511: Side-channel information leakage in content security policy. 
High CVE-2020-6512: Type Confusion in V8. 
High CVE-2020-6513: Heap buffer overflow in PDFium. 
High CVE-2020-6514: Inappropriate implementation in WebRTC. 
High CVE-2020-6515: Use after free in tab strip. 
High CVE-2020-6516: Policy bypass in CORS. 
High CVE-2020-6517: Heap buffer overflow in history. 
Medium CVE-2020-6518: Use after free in developer tools. 
Medium CVE-2020-6519: Policy bypass in CSP. 
Medium CVE-2020-6520: Heap buffer overflow in Skia. 
Medium CVE-2020-6521: Side-channel information leakage in autofill.
Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. 
Medium CVE-2020-6523: Out of bounds write in Skia. 
Medium CVE-2020-6524: Heap buffer overflow in WebAudio. 
Medium CVE-2020-6525: Heap buffer overflow in Skia. 
Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. 
Low CVE-2020-6527: Insufficient policy enforcement in CSP. 
Low CVE-2020-6528: Incorrect security UI in basic auth. 
Low CVE-2020-6529: Inappropriate implementation in WebRTC. 
Low CVE-2020-6530: Out of bounds memory access in developer tools. 
Low CVE-2020-6531: Side-channel information leakage in scroll to text. 
Low CVE-2020-6533: Type Confusion in V8. 
Low CVE-2020-6534: Heap buffer overflow in WebRTC. 
Low CVE-2020-6535: Insufficient data validation in WebUI. 
Low CVE-2020-6536: Incorrect security UI in PWAs.

Reference 
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html
Comment 1 OBSbugzilla Bot 2020-07-16 12:30:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1174189) was mentioned in
https://build.opensuse.org/request/show/821297 Factory / chromium
Comment 2 Tomáš Chvátal 2020-07-16 12:38:46 UTC 
I've sent the update to TW; 15.1:update and 15.2:Update channels.
Comment 3 OBSbugzilla Bot 2020-07-16 13:30:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1174189) was mentioned in
https://build.opensuse.org/request/show/821305 15.1 / chromium
https://build.opensuse.org/request/show/821306 15.2 / chromium
Comment 4 OBSbugzilla Bot 2020-07-17 09:30:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1174189) was mentioned in
https://build.opensuse.org/request/show/821453 15.2 / chromium
https://build.opensuse.org/request/show/821455 Factory / chromium
https://build.opensuse.org/request/show/821457 15.1 / chromium
Comment 5 Swamp Workflow Management 2020-07-20 19:14:51 UTC 
openSUSE-SU-2020:1020-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1174189
CVE References: CVE-2020-6510,CVE-2020-6511,CVE-2020-6512,CVE-2020-6513,CVE-2020-6514,CVE-2020-6515,CVE-2020-6516,CVE-2020-6517,CVE-2020-6518,CVE-2020-6519,CVE-2020-6520,CVE-2020-6521,CVE-2020-6522,CVE-2020-6523,CVE-2020-6524,CVE-2020-6525,CVE-2020-6526,CVE-2020-6527,CVE-2020-6528,CVE-2020-6529,CVE-2020-6530,CVE-2020-6531,CVE-2020-6533,CVE-2020-6534,CVE-2020-6535,CVE-2020-6536
Sources used:
openSUSE Leap 15.2 (src):    chromium-84.0.4147.89-lp152.2.6.2
Comment 6 Swamp Workflow Management 2020-07-20 19:16:58 UTC 
openSUSE-SU-2020:1021-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1174189
CVE References: CVE-2020-6510,CVE-2020-6511,CVE-2020-6512,CVE-2020-6513,CVE-2020-6514,CVE-2020-6515,CVE-2020-6516,CVE-2020-6517,CVE-2020-6518,CVE-2020-6519,CVE-2020-6520,CVE-2020-6521,CVE-2020-6522,CVE-2020-6523,CVE-2020-6524,CVE-2020-6525,CVE-2020-6526,CVE-2020-6527,CVE-2020-6528,CVE-2020-6529,CVE-2020-6530,CVE-2020-6531,CVE-2020-6533,CVE-2020-6534,CVE-2020-6535,CVE-2020-6536
Sources used:
openSUSE Leap 15.1 (src):    chromium-84.0.4147.89-lp151.2.109.1
Comment 8 Swamp Workflow Management 2020-07-26 10:12:24 UTC 
openSUSE-SU-2020:1061-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1174189
CVE References: CVE-2020-6510,CVE-2020-6511,CVE-2020-6512,CVE-2020-6513,CVE-2020-6514,CVE-2020-6515,CVE-2020-6516,CVE-2020-6517,CVE-2020-6518,CVE-2020-6519,CVE-2020-6520,CVE-2020-6521,CVE-2020-6522,CVE-2020-6523,CVE-2020-6524,CVE-2020-6525,CVE-2020-6526,CVE-2020-6527,CVE-2020-6528,CVE-2020-6529,CVE-2020-6530,CVE-2020-6531,CVE-2020-6533,CVE-2020-6534,CVE-2020-6535,CVE-2020-6536
Sources used:
openSUSE Backports SLE-15-SP1 (src):    chromium-84.0.4147.89-bp151.3.94.1
Comment 9 Swamp Workflow Management 2020-09-18 16:26:14 UTC 
openSUSE-SU-2020:1048-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1174189
CVE References: CVE-2020-6510,CVE-2020-6511,CVE-2020-6512,CVE-2020-6513,CVE-2020-6514,CVE-2020-6515,CVE-2020-6516,CVE-2020-6517,CVE-2020-6518,CVE-2020-6519,CVE-2020-6520,CVE-2020-6521,CVE-2020-6522,CVE-2020-6523,CVE-2020-6524,CVE-2020-6525,CVE-2020-6526,CVE-2020-6527,CVE-2020-6528,CVE-2020-6529,CVE-2020-6530,CVE-2020-6531,CVE-2020-6533,CVE-2020-6534,CVE-2020-6535,CVE-2020-6536
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    chromium-84.0.4147.89-bp152.2.7.1
Comment 10 OBSbugzilla Bot 2021-12-15 09:40:33 UTC 
This is an autogenerated message for OBS integration:
This bug (1174189) was mentioned in
https://build.opensuse.org/request/show/940663 Backports:SLE-12-SP3 / chromium
First Last Prev Next    This bug is not in your last search results.