Security update for Chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:2068-1 Final 1 1 2015-11-15T01:58:05Z current 2015-11-15T01:58:05Z 2015-11-15T01:58:05Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Chromium Chromium was updated to 46.0.2490.86 to fix one security issue and bugs. The following vulnerability was fixed: * CVE-2015-1302: Information leak in PDF viewer (boo#954579) The following bug fix udpates are included: * boo#950957: Change the default homepage based on the new landing page for the openSUSE Project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-11/msg00120.html E-Mail link for openSUSE-SU-2015:2068-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 chromedriver-46.0.2490.86-3.1 chromium-46.0.2490.86-3.1 chromium-desktop-gnome-46.0.2490.86-3.1 chromium-desktop-kde-46.0.2490.86-3.1 chromium-ffmpegsumo-46.0.2490.86-3.1 chromedriver-46.0.2490.86-3.1 as a component of openSUSE Leap 42.1 chromium-46.0.2490.86-3.1 as a component of openSUSE Leap 42.1 chromium-desktop-gnome-46.0.2490.86-3.1 as a component of openSUSE Leap 42.1 chromium-desktop-kde-46.0.2490.86-3.1 as a component of openSUSE Leap 42.1 chromium-ffmpegsumo-46.0.2490.86-3.1 as a component of openSUSE Leap 42.1 The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. CVE-2015-1302 openSUSE Leap 42.1:chromedriver-46.0.2490.86-3.1 openSUSE Leap 42.1:chromium-46.0.2490.86-3.1 openSUSE Leap 42.1:chromium-desktop-gnome-46.0.2490.86-3.1 openSUSE Leap 42.1:chromium-desktop-kde-46.0.2490.86-3.1 openSUSE Leap 42.1:chromium-ffmpegsumo-46.0.2490.86-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-11/msg00120.html https://www.suse.com/security/cve/CVE-2015-1302.html CVE-2015-1302 https://bugzilla.suse.com/954579 SUSE Bug 954579