Oval Definition:oval:org.opensuse.security:def:109800
Revision Date:2021-03-09Version:1
Title:Security update for chromium (Important)
Description:

This update for chromium fixes the following issues:

Update to 89.0.4389.72 (boo#1182358, boo#1182960):

- CVE-2021-21159: Heap buffer overflow in TabStrip. - CVE-2021-21160: Heap buffer overflow in WebAudio. - CVE-2021-21161: Heap buffer overflow in TabStrip. - CVE-2021-21162: Use after free in WebRTC. - CVE-2021-21163: Insufficient data validation in Reader Mode. - CVE-2021-21164: Insufficient data validation in Chrome for iOS. - CVE-2021-21165: Object lifecycle issue in audio. - CVE-2021-21166: Object lifecycle issue in audio. - CVE-2021-21167: Use after free in bookmarks. - CVE-2021-21168: Insufficient policy enforcement in appcache. - CVE-2021-21169: Out of bounds memory access in V8. - CVE-2021-21170: Incorrect security UI in Loader. - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation. - CVE-2021-21172: Insufficient policy enforcement in File System API. - CVE-2021-21173: Side-channel information leakage in Network Internals. - CVE-2021-21174: Inappropriate implementation in Referrer. - CVE-2021-21175: Inappropriate implementation in Site isolation. - CVE-2021-21176: Inappropriate implementation in full screen mode. - CVE-2021-21177: Insufficient policy enforcement in Autofill. - CVE-2021-21178: Inappropriate implementation in Compositing. - CVE-2021-21179: Use after free in Network Internals. - CVE-2021-21180: Use after free in tab search. - CVE-2020-27844: Heap buffer overflow in OpenJPEG. - CVE-2021-21181: Side-channel information leakage in autofill. - CVE-2021-21182: Insufficient policy enforcement in navigations. - CVE-2021-21183: Inappropriate implementation in performance APIs. - CVE-2021-21184: Inappropriate implementation in performance APIs. - CVE-2021-21185: Insufficient policy enforcement in extensions. - CVE-2021-21186: Insufficient policy enforcement in QR scanning. - CVE-2021-21187: Insufficient data validation in URL formatting. - CVE-2021-21188: Use after free in Blink. - CVE-2021-21189: Insufficient policy enforcement in payments. - CVE-2021-21190: Uninitialized Use in PDFium. - CVE-2021-21149: Stack overflow in Data Transfer. - CVE-2021-21150: Use after free in Downloads. - CVE-2021-21151: Use after free in Payments. - CVE-2021-21152: Heap buffer overflow in Media. - CVE-2021-21153: Stack overflow in GPU Process. - CVE-2021-21154: Heap buffer overflow in Tab Strip. - CVE-2021-21155: Heap buffer overflow in Tab Strip. - CVE-2021-21156: Heap buffer overflow in V8. - CVE-2021-21157: Use after free in Web Sockets. - Fixed Sandbox with glibc 2.33 (boo#1182233) - Fixed an issue where chromium hangs on opening (boo#1182775).

This update was imported from the openSUSE:Leap:15.2:Update update project.
Family:unixClass:patch
Status:Reference(s):1182233
1182358
1182775
CVE-2020-27844
CVE-2021-21149
CVE-2021-21150
CVE-2021-21151
CVE-2021-21152
CVE-2021-21153
CVE-2021-21154
CVE-2021-21155
CVE-2021-21156
CVE-2021-21157
CVE-2021-21159
CVE-2021-21160
CVE-2021-21161
CVE-2021-21162
CVE-2021-21163
CVE-2021-21164
CVE-2021-21165
CVE-2021-21166
CVE-2021-21167
CVE-2021-21168
CVE-2021-21169
CVE-2021-21170
CVE-2021-21171
CVE-2021-21172
CVE-2021-21173
CVE-2021-21174
CVE-2021-21175
CVE-2021-21176
CVE-2021-21177
CVE-2021-21178
CVE-2021-21179
CVE-2021-21180
CVE-2021-21181
CVE-2021-21182
CVE-2021-21183
CVE-2021-21184
CVE-2021-21185
CVE-2021-21186
CVE-2021-21187
CVE-2021-21188
CVE-2021-21189
CVE-2021-21190
openSUSE-SU-2021:0401-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
Product(s):
Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
  • AND Package Information
  • chromedriver-89.0.4389.72-bp152.2.62.1 is installed
  • OR chromium-89.0.4389.72-bp152.2.62.1 is installed
    • BACK