Bug 1172496

Summary: VUL-0: chromium: Update to 83.0.4103.97
Product: [openSUSE] openSUSE Distribution Reporter: Wolfgang Frisch <wolfgang.frisch>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P2 - High CC: Andreas.Stieger, meissner
Version: Leap 15.1   
Target Milestone: ---   
Hardware: Other   
OS: Other   
See Also: http://bugzilla.opensuse.org/show_bug.cgi?id=1171910
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Wolfgang Frisch 2020-06-04 06:22:26 UTC 
The stable channel has been updated to 83.0.4103.97 for Windows, Mac, and Linux.

High CVE-2020-6493: Use after free in WebAuthentication.
High CVE-2020-6494: Incorrect security UI in payments.
High CVE-2020-6495: Insufficient policy enforcement in developer tools.
High CVE-2020-6496: Use after free in payments.

https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
Comment 1 Tomáš Chvátal 2020-06-15 15:12:13 UTC 
Leap submission 814741
Comment 2 OBSbugzilla Bot 2020-06-15 16:00:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1172496) was mentioned in
https://build.opensuse.org/request/show/814741 15.1 / chromium
Comment 3 OBSbugzilla Bot 2020-06-17 10:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (1172496) was mentioned in
https://build.opensuse.org/request/show/815429 15.2 / chromium
https://build.opensuse.org/request/show/815430 15.1 / chromium
Comment 4 Swamp Workflow Management 2020-06-17 22:13:13 UTC 
openSUSE-SU-2020:0823-1: An update that fixes 32 vulnerabilities is now available.

Category: security (important)
Bug References: 1170107,1171910,1171975,1172496
CVE References: CVE-2020-6463,CVE-2020-6465,CVE-2020-6466,CVE-2020-6467,CVE-2020-6468,CVE-2020-6469,CVE-2020-6470,CVE-2020-6471,CVE-2020-6472,CVE-2020-6473,CVE-2020-6474,CVE-2020-6475,CVE-2020-6476,CVE-2020-6477,CVE-2020-6478,CVE-2020-6479,CVE-2020-6480,CVE-2020-6481,CVE-2020-6482,CVE-2020-6483,CVE-2020-6484,CVE-2020-6485,CVE-2020-6486,CVE-2020-6487,CVE-2020-6488,CVE-2020-6489,CVE-2020-6490,CVE-2020-6491,CVE-2020-6493,CVE-2020-6494,CVE-2020-6495,CVE-2020-6496
Sources used:
openSUSE Leap 15.1 (src):    chromium-83.0.4103.97-lp151.2.96.1
Comment 5 Swamp Workflow Management 2020-06-18 22:15:46 UTC 
openSUSE-SU-2020:0832-1: An update that fixes 32 vulnerabilities is now available.

Category: security (important)
Bug References: 1170107,1171910,1171975,1172496
CVE References: CVE-2020-6463,CVE-2020-6465,CVE-2020-6466,CVE-2020-6467,CVE-2020-6468,CVE-2020-6469,CVE-2020-6470,CVE-2020-6471,CVE-2020-6472,CVE-2020-6473,CVE-2020-6474,CVE-2020-6475,CVE-2020-6476,CVE-2020-6477,CVE-2020-6478,CVE-2020-6479,CVE-2020-6480,CVE-2020-6481,CVE-2020-6482,CVE-2020-6483,CVE-2020-6484,CVE-2020-6485,CVE-2020-6486,CVE-2020-6487,CVE-2020-6488,CVE-2020-6489,CVE-2020-6490,CVE-2020-6491,CVE-2020-6493,CVE-2020-6494,CVE-2020-6495,CVE-2020-6496
Sources used:
openSUSE Backports SLE-15-SP1 (src):    chromium-83.0.4103.97-bp151.3.85.1
Comment 6 Marcus Meissner 2020-07-01 12:30:13 UTC 
released
Comment 7 OBSbugzilla Bot 2021-12-15 09:40:15 UTC 
This is an autogenerated message for OBS integration:
This bug (1172496) was mentioned in
https://build.opensuse.org/request/show/940663 Backports:SLE-12-SP3 / chromium