[openSUSE-SU-2020:2021-1] Security update for chromium
Severity
Important
Affected Packages
2
CVEs
23
Security update for chromium
This update for chromium fixes the following issues:
- Update to 87.0.4280.66 (boo#1178923)
- Wayland support by default
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM. R
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools. R
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
Package | Affected Version |
---|---|
pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.2 | < 87.0.4280.66-lp152.2.51.1 |
pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.2 | < 87.0.4280.66-lp152.2.51.1 |
- ID
- openSUSE-SU-2020:2021-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FVE6T2JL6PI433CTW6BAFC3ROZDJMVMC/
- Published
-
2020-11-25T20:09:27
(3 years ago) - Modified
-
2020-11-25T20:09:27
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2021-1586
- ALPINE:CVE-2020-16012
- ASA-202011-11
- ASA-202011-12
- DSA-4793-1
- DSA-4796-1
- DSA-4824-1
- ELSA-2020-5235
- ELSA-2020-5236
- ELSA-2020-5237
- ELSA-2020-5238
- ELSA-2020-5239
- ELSA-2020-5257
- FEDORA-2020-10ec8aca61
- FEDORA-2020-3e005ce2e0
- GLSA-202012-03
- GLSA-202012-04
- GLSA-202012-05
- MFSA-2020-50
- MFSA-2020-51
- MFSA-2020-52
- openSUSE-SU-2020:2010-1
- openSUSE-SU-2020:2012-1
- openSUSE-SU-2020:2020-1
- openSUSE-SU-2020:2026-1
- openSUSE-SU-2020:2031-1
- openSUSE-SU-2020:2032-1
- openSUSE-SU-2020:2055-1
- openSUSE-SU-2020:2096-1
- openSUSE-SU-2020:2187-1
- openSUSE-SU-2020:2315-1
- RHSA-2019:1476
- RHSA-2020:5235
- RHSA-2020:5236
- RHSA-2020:5237
- RHSA-2020:5238
- RHSA-2020:5239
- RHSA-2020:5257
- SUSE-SU-2020:3383-1
- SUSE-SU-2020:3458-1
- SUSE-SU-2020:3528-1
- SUSE-SU-2020:3548-1
- USN-4637-1
- USN-4637-2
- USN-4647-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | chromium | < 87.0.4280.66-lp152.2.51.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | chromedriver | < 87.0.4280.66-lp152.2.51.1 | opensuse-leap-15.2 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |