openSUSE-SU-2021:0048-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0048-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/openSUSE-SU-2021:0048-1

Related

Published

2021-01-11T13:25:15Z

Modified

2021-01-11T13:25:15Z

Summary

Security update for chromium

Details

This update for chromium fixes the following issues:

Update to 87.0.4280.141 (boo#1180645)
- CVE-2021-21106: Use after free in autofill
- CVE-2021-21107: Use after free in drag and drop
- CVE-2021-21108: Use after free in media
- CVE-2021-21109: Use after free in payments
- CVE-2021-21110: Use after free in safe browsing
- CVE-2021-21111: Insufficient policy enforcement in WebUI
- CVE-2021-21112: Use after free in Blink
- CVE-2021-21113: Heap buffer overflow in Skia
- CVE-2020-16043: Insufficient data validation in networking
- CVE-2021-21114: Use after free in audio
- CVE-2020-15995: Out of bounds write in V8
- CVE-2021-21115: Use after free in safe browsing
- CVE-2021-21116: Heap buffer overflow in audio
Use main URLs instead of redirects in master preferences

This update was imported from the openSUSE:Leap:15.2:Update update project.

References

Affected packages

SUSE:Package Hub 15 SP2 / chromium

Package

Name: chromium
Purl: pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

87.0.4280.141-bp152.2.47.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "87.0.4280.141-bp152.2.47.1",
            "chromium": "87.0.4280.141-bp152.2.47.1"
        }
    ]
}