Bug 1143492

Summary: VUL-0: chromium: multiple security issues fixed in 76.0.3809.87
Product: [openSUSE] openSUSE Distribution Reporter: Andreas Stieger <Andreas.Stieger>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium    
Version: Leap 15.1   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on: 1144625    
Bug Blocks:    

Description Andreas Stieger 2019-07-30 19:17:23 UTC 
https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html

* CVE-2019-5850: Use-after-free in offline page fetcher
* CVE-2019-5860: Use-after-free in PDFium
* CVE-2019-5853: Memory corruption in regexp length check
* CVE-2019-5851: Use-after-poison in offline audio context
* CVE-2019-5859: res: URIs can load alternative browsers
* CVE-2019-5856: Insufficient checks on filesystem: URI permissions
* CVE-2019-5855: Integer overflow in PDFium
* CVE-2019-5865: Site isolation bypass from compromised renderer
* CVE-2019-5858: Insufficient filtering of Open URL service parameters
* CVE-2019-5864: Insufficient port filtering in CORS for extensions
* CVE-2019-5862: AppCache not robust to compromised renderers
* CVE-2019-5861: Click location incorrectly checked
* CVE-2019-5857: Comparison of -0 and null yields crash
* CVE-2019-5854: Integer overflow in PDFium text rendering
* CVE-2019-5852: Object leak of utility functions
* Various fixes from internal audits, fuzzing and other initiatives

Not affected:
* CVE-2019-5863: Use-after-free in WebUSB on Windows
Comment 1 Tomáš Chvátal 2019-08-02 08:53:03 UTC 
Sent the update to TW

For 15/12 we need post-build-checks update to reflect the removal of gcc checks from TW.
Comment 2 Andreas Stieger 2019-08-08 06:45:20 UTC 
What is the change, package or diff that is needed?
Comment 3 Tomáš Chvátal 2019-08-08 08:12:45 UTC 
(In reply to Andreas Stieger from comment #2)
> What is the change, package or diff that is needed?

The problem was with ignoring cxxflags, But I hope with latest fixes in network:chromium it is working (testing build is now running but as always it takes a bit of time (so in ~1h I will have results).

But until the boringssl issue is fixed we can't update it on leaps anyway...
Comment 4 Andreas Stieger 2019-08-08 08:24:27 UTC 
(In reply to Tomáš Chvátal from comment #3)
> But until the boringssl issue is fixed we can't update it on leaps anyway...

What is the boringssl issue?
Comment 5 Tomáš Chvátal 2019-08-08 08:39:58 UTC 
(In reply to Andreas Stieger from comment #4)
> (In reply to Tomáš Chvátal from comment #3)
> > But until the boringssl issue is fixed we can't update it on leaps anyway...
> 
> What is the boringssl issue?

https://bugzilla.suse.com/show_bug.cgi?id=1144625
Comment 6 Tomáš Chvátal 2019-08-08 10:57:19 UTC 
Sent an update to 15.1 and 15.0 and TW.

The SLE12 is no longer buildable and backports for 15 should take it from 15.0:Update afaik.
Comment 7 Andreas Stieger 2019-08-08 11:32:27 UTC 
Any chance for 76.0.3809.100?
https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop.html

* CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction
* CVE-2019-5867: Out-of-bounds read in V8
Comment 8 Swamp Workflow Management 2019-08-08 12:00:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1143492) was mentioned in
https://build.opensuse.org/request/show/721717 Factory / chromium
https://build.opensuse.org/request/show/721724 15.0 / chromium
https://build.opensuse.org/request/show/721725 15.1 / chromium
Comment 9 Swamp Workflow Management 2019-08-12 15:50:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1143492) was mentioned in
https://build.opensuse.org/request/show/722817 15.1 / chromium
Comment 10 Swamp Workflow Management 2019-08-12 16:40:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1143492) was mentioned in
https://build.opensuse.org/request/show/722816 15.0 / chromium
Comment 11 Swamp Workflow Management 2019-08-12 22:10:16 UTC 
openSUSE-SU-2019:1848-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1143492,1144625
CVE References: CVE-2019-5850,CVE-2019-5851,CVE-2019-5852,CVE-2019-5853,CVE-2019-5854,CVE-2019-5855,CVE-2019-5856,CVE-2019-5857,CVE-2019-5858,CVE-2019-5859,CVE-2019-5860,CVE-2019-5861,CVE-2019-5862,CVE-2019-5863,CVE-2019-5864,CVE-2019-5865
Sources used:
openSUSE Leap 15.0 (src):    chromium-76.0.3809.87-lp150.224.1
Comment 12 Swamp Workflow Management 2019-08-12 22:12:19 UTC 
openSUSE-SU-2019:1849-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1143492,1144625
CVE References: CVE-2019-5850,CVE-2019-5851,CVE-2019-5852,CVE-2019-5853,CVE-2019-5854,CVE-2019-5855,CVE-2019-5856,CVE-2019-5857,CVE-2019-5858,CVE-2019-5859,CVE-2019-5860,CVE-2019-5861,CVE-2019-5862,CVE-2019-5863,CVE-2019-5864,CVE-2019-5865
Sources used:
openSUSE Leap 15.1 (src):    chromium-76.0.3809.87-lp151.2.15.1
Comment 13 Swamp Workflow Management 2019-08-13 13:12:08 UTC 
openSUSE-SU-2019:1853-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1143492,1144625
CVE References: CVE-2019-5850,CVE-2019-5851,CVE-2019-5852,CVE-2019-5853,CVE-2019-5854,CVE-2019-5855,CVE-2019-5856,CVE-2019-5857,CVE-2019-5858,CVE-2019-5859,CVE-2019-5860,CVE-2019-5861,CVE-2019-5862,CVE-2019-5863,CVE-2019-5864,CVE-2019-5865
Sources used:
openSUSE Backports SLE-15 (src):    chromium-76.0.3809.87-bp150.220.1
Comment 14 Swamp Workflow Management 2019-08-15 13:26:20 UTC 
openSUSE-SU-2019:1901-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1143492,1144625
CVE References: CVE-2019-5850,CVE-2019-5851,CVE-2019-5852,CVE-2019-5853,CVE-2019-5854,CVE-2019-5855,CVE-2019-5856,CVE-2019-5857,CVE-2019-5858,CVE-2019-5859,CVE-2019-5860,CVE-2019-5861,CVE-2019-5862,CVE-2019-5863,CVE-2019-5864,CVE-2019-5865
Sources used:
openSUSE Backports SLE-15-SP1 (src):    chromium-76.0.3809.87-bp151.3.3.3
Comment 15 Andreas Stieger 2019-08-16 07:07:13 UTC 
done
Comment 16 Swamp Workflow Management 2019-11-04 13:40:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1143492) was mentioned in
https://build.opensuse.org/request/show/745163 Backports:SLE-12-SP3 / chromium
Comment 17 Swamp Workflow Management 2019-11-06 23:11:48 UTC 
openSUSE-SU-2019:2447-1: An update that fixes 86 vulnerabilities is now available.

Category: security (important)
Bug References: 1143492,1144625,1145242,1146219,1149143,1150425,1151229,1153660,1154806,1155643
CVE References: CVE-2019-13659,CVE-2019-13660,CVE-2019-13661,CVE-2019-13662,CVE-2019-13663,CVE-2019-13664,CVE-2019-13665,CVE-2019-13666,CVE-2019-13667,CVE-2019-13668,CVE-2019-13669,CVE-2019-13670,CVE-2019-13671,CVE-2019-13673,CVE-2019-13674,CVE-2019-13675,CVE-2019-13676,CVE-2019-13677,CVE-2019-13678,CVE-2019-13679,CVE-2019-13680,CVE-2019-13681,CVE-2019-13682,CVE-2019-13683,CVE-2019-13685,CVE-2019-13686,CVE-2019-13687,CVE-2019-13688,CVE-2019-13693,CVE-2019-13694,CVE-2019-13695,CVE-2019-13696,CVE-2019-13697,CVE-2019-13699,CVE-2019-13700,CVE-2019-13701,CVE-2019-13702,CVE-2019-13703,CVE-2019-13704,CVE-2019-13705,CVE-2019-13706,CVE-2019-13707,CVE-2019-13708,CVE-2019-13709,CVE-2019-13710,CVE-2019-13711,CVE-2019-13713,CVE-2019-13714,CVE-2019-13715,CVE-2019-13716,CVE-2019-13717,CVE-2019-13718,CVE-2019-13719,CVE-2019-13720,CVE-2019-13721,CVE-2019-15903,CVE-2019-5850,CVE-2019-5851,CVE-2019-5852,CVE-2019-5853,CVE-2019-5854,CVE-2019-5855,CVE-2019-5856,CVE-2019-5857,CVE-2019-5858,CVE-2019-5859,CVE-2019-5860,CVE-2019-5861,CVE-2019-5862,CVE-2019-5863,CVE-2019-5864,CVE-2019-5865,CVE-2019-5867,CVE-2019-5868,CVE-2019-5869,CVE-2019-5870,CVE-2019-5871,CVE-2019-5872,CVE-2019-5874,CVE-2019-5875,CVE-2019-5876,CVE-2019-5877,CVE-2019-5878,CVE-2019-5879,CVE-2019-5880,CVE-2019-5881
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    chromium-78.0.3904.87-10.1