1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2021:0166-1

[openSUSE-SU-2021:0166-1] Security update for chromium

Severity Important
Affected Packages 2
CVEs 26
Info Packages References Vulnerabilities

Security update for chromium

This update for chromium fixes the following issues:

Chromium was updated to 88.0.4324.96 boo#1181137

  • CVE-2021-21117: Insufficient policy enforcement in Cryptohome
  • CVE-2021-21118: Insufficient data validation in V8
  • CVE-2021-21119: Use after free in Media
  • CVE-2021-21120: Use after free in WebSQL
  • CVE-2021-21121: Use after free in Omnibox
  • CVE-2021-21122: Use after free in Blink
  • CVE-2021-21123: Insufficient data validation in File System API
  • CVE-2021-21124: Potential user after free in Speech Recognizer
  • CVE-2021-21125: Insufficient policy enforcement in File System API
  • CVE-2020-16044: Use after free in WebRTC
  • CVE-2021-21126: Insufficient policy enforcement in extensions
  • CVE-2021-21127: Insufficient policy enforcement in extensions
  • CVE-2021-21128: Heap buffer overflow in Blink
  • CVE-2021-21129: Insufficient policy enforcement in File System API
  • CVE-2021-21130: Insufficient policy enforcement in File System API
  • CVE-2021-21131: Insufficient policy enforcement in File System API
  • CVE-2021-21132: Inappropriate implementation in DevTools
  • CVE-2021-21133: Insufficient policy enforcement in Downloads
  • CVE-2021-21134: Incorrect security UI in Page Info
  • CVE-2021-21135: Inappropriate implementation in Performance API
  • CVE-2021-21136: Insufficient policy enforcement in WebView
  • CVE-2021-21137: Inappropriate implementation in DevTools
  • CVE-2021-21138: Use after free in DevTools
  • CVE-2021-21139: Inappropriate implementation in iframe sandbox
  • CVE-2021-21140: Uninitialized Use in USB
  • CVE-2021-21141: Insufficient policy enforcement in File System API
Package Affected Version
pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.1 < 88.0.4324.96-lp151.2.171.1
pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.1 < 88.0.4324.96-lp151.2.171.1
ID
openSUSE-SU-2021:0166-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJLGW3JAYRVM7Z2KD5X5WM5BVADC7BWN/
Published
2021-01-26T09:23:18
(3 years ago)
Modified
2021-01-26T09:23:18
(3 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0166-1.json
Suse URL for openSUSE-SU-2021:0166-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJLGW3JAYRVM7Z2KD5X5WM5BVADC7BWN/
Suse E-Mail link for openSUSE-SU-2021:0166-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJLGW3JAYRVM7Z2KD5X5WM5BVADC7BWN/
Bugzilla SUSE Bug 1181137 https://bugzilla.suse.com/1181137
CVE SUSE CVE CVE-2020-16044 page https://www.suse.com/security/cve/CVE-2020-16044/
CVE SUSE CVE CVE-2021-21117 page https://www.suse.com/security/cve/CVE-2021-21117/
CVE SUSE CVE CVE-2021-21118 page https://www.suse.com/security/cve/CVE-2021-21118/
CVE SUSE CVE CVE-2021-21119 page https://www.suse.com/security/cve/CVE-2021-21119/
CVE SUSE CVE CVE-2021-21120 page https://www.suse.com/security/cve/CVE-2021-21120/
CVE SUSE CVE CVE-2021-21121 page https://www.suse.com/security/cve/CVE-2021-21121/
CVE SUSE CVE CVE-2021-21122 page https://www.suse.com/security/cve/CVE-2021-21122/
CVE SUSE CVE CVE-2021-21123 page https://www.suse.com/security/cve/CVE-2021-21123/
CVE SUSE CVE CVE-2021-21124 page https://www.suse.com/security/cve/CVE-2021-21124/
CVE SUSE CVE CVE-2021-21125 page https://www.suse.com/security/cve/CVE-2021-21125/
CVE SUSE CVE CVE-2021-21126 page https://www.suse.com/security/cve/CVE-2021-21126/
CVE SUSE CVE CVE-2021-21127 page https://www.suse.com/security/cve/CVE-2021-21127/
CVE SUSE CVE CVE-2021-21128 page https://www.suse.com/security/cve/CVE-2021-21128/
CVE SUSE CVE CVE-2021-21129 page https://www.suse.com/security/cve/CVE-2021-21129/
CVE SUSE CVE CVE-2021-21130 page https://www.suse.com/security/cve/CVE-2021-21130/
CVE SUSE CVE CVE-2021-21131 page https://www.suse.com/security/cve/CVE-2021-21131/
CVE SUSE CVE CVE-2021-21132 page https://www.suse.com/security/cve/CVE-2021-21132/
CVE SUSE CVE CVE-2021-21133 page https://www.suse.com/security/cve/CVE-2021-21133/
CVE SUSE CVE CVE-2021-21134 page https://www.suse.com/security/cve/CVE-2021-21134/
CVE SUSE CVE CVE-2021-21135 page https://www.suse.com/security/cve/CVE-2021-21135/
CVE SUSE CVE CVE-2021-21136 page https://www.suse.com/security/cve/CVE-2021-21136/
CVE SUSE CVE CVE-2021-21137 page https://www.suse.com/security/cve/CVE-2021-21137/
CVE SUSE CVE CVE-2021-21138 page https://www.suse.com/security/cve/CVE-2021-21138/
CVE SUSE CVE CVE-2021-21139 page https://www.suse.com/security/cve/CVE-2021-21139/
CVE SUSE CVE CVE-2021-21140 page https://www.suse.com/security/cve/CVE-2021-21140/
CVE SUSE CVE CVE-2021-21141 page https://www.suse.com/security/cve/CVE-2021-21141/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.1 opensuse chromium < 88.0.4324.96-lp151.2.171.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.1 opensuse chromedriver < 88.0.4324.96-lp151.2.171.1 opensuse-leap-15.1 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date