[openSUSE-SU-2021:0166-1] Security update for chromium
Severity
Important
Affected Packages
2
CVEs
26
Security update for chromium
This update for chromium fixes the following issues:
Chromium was updated to 88.0.4324.96 boo#1181137
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome
- CVE-2021-21118: Insufficient data validation in V8
- CVE-2021-21119: Use after free in Media
- CVE-2021-21120: Use after free in WebSQL
- CVE-2021-21121: Use after free in Omnibox
- CVE-2021-21122: Use after free in Blink
- CVE-2021-21123: Insufficient data validation in File System API
- CVE-2021-21124: Potential user after free in Speech Recognizer
- CVE-2021-21125: Insufficient policy enforcement in File System API
- CVE-2020-16044: Use after free in WebRTC
- CVE-2021-21126: Insufficient policy enforcement in extensions
- CVE-2021-21127: Insufficient policy enforcement in extensions
- CVE-2021-21128: Heap buffer overflow in Blink
- CVE-2021-21129: Insufficient policy enforcement in File System API
- CVE-2021-21130: Insufficient policy enforcement in File System API
- CVE-2021-21131: Insufficient policy enforcement in File System API
- CVE-2021-21132: Inappropriate implementation in DevTools
- CVE-2021-21133: Insufficient policy enforcement in Downloads
- CVE-2021-21134: Incorrect security UI in Page Info
- CVE-2021-21135: Inappropriate implementation in Performance API
- CVE-2021-21136: Insufficient policy enforcement in WebView
- CVE-2021-21137: Inappropriate implementation in DevTools
- CVE-2021-21138: Use after free in DevTools
- CVE-2021-21139: Inappropriate implementation in iframe sandbox
- CVE-2021-21140: Uninitialized Use in USB
- CVE-2021-21141: Insufficient policy enforcement in File System API
Package | Affected Version |
---|---|
pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.1 | < 88.0.4324.96-lp151.2.171.1 |
pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.1 | < 88.0.4324.96-lp151.2.171.1 |
- ID
- openSUSE-SU-2021:0166-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJLGW3JAYRVM7Z2KD5X5WM5BVADC7BWN/
- Published
-
2021-01-26T09:23:18
(3 years ago) - Modified
-
2021-01-26T09:23:18
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2021-1594
- ALPINE:CVE-2020-16044
- ALPINE:CVE-2021-21118
- ALPINE:CVE-2021-21119
- ALPINE:CVE-2021-21120
- ALPINE:CVE-2021-21121
- ALPINE:CVE-2021-21122
- ALPINE:CVE-2021-21123
- ALPINE:CVE-2021-21126
- ALPINE:CVE-2021-21127
- ALPINE:CVE-2021-21128
- ALPINE:CVE-2021-21132
- ALPINE:CVE-2021-21135
- ALPINE:CVE-2021-21137
- ALPINE:CVE-2021-21138
- ALPINE:CVE-2021-21140
- ASA-202101-17
- ASA-202101-5
- ASA-202102-4
- ASA-202102-5
- DSA-4827-1
- DSA-4842-1
- DSA-4846-1
- ELSA-2021-0052
- ELSA-2021-0053
- ELSA-2021-0087
- ELSA-2021-0089
- FEDORA-2021-48866282e5
- FEDORA-2021-b7cc24375b
- FREEBSD:4ED0E43C-5CEF-11EB-BAFD-3065EC8FD3EC
- GLSA-202101-04
- GLSA-202101-13
- GLSA-202101-14
- MFSA-2021-01
- MFSA-2021-02
- MS:CVE-2020-16044
- MS:CVE-2021-21118
- MS:CVE-2021-21119
- MS:CVE-2021-21120
- MS:CVE-2021-21121
- MS:CVE-2021-21122
- MS:CVE-2021-21123
- MS:CVE-2021-21124
- MS:CVE-2021-21125
- MS:CVE-2021-21126
- MS:CVE-2021-21127
- MS:CVE-2021-21128
- MS:CVE-2021-21129
- MS:CVE-2021-21130
- MS:CVE-2021-21131
- MS:CVE-2021-21132
- MS:CVE-2021-21133
- MS:CVE-2021-21134
- MS:CVE-2021-21135
- MS:CVE-2021-21136
- MS:CVE-2021-21137
- MS:CVE-2021-21139
- MS:CVE-2021-21140
- MS:CVE-2021-21141
- openSUSE-SU-2021:0056-1
- openSUSE-SU-2021:0063-1
- openSUSE-SU-2021:0093-1
- openSUSE-SU-2021:0127-1
- openSUSE-SU-2021:0173-1
- openSUSE-SU-2021:0177-1
- openSUSE-SU-2021:0186-1
- openSUSE-SU-2021:0973-1
- openSUSE-SU-2021:1016-1
- RHSA-2021:0052
- RHSA-2021:0053
- RHSA-2021:0087
- RHSA-2021:0089
- SUSE-SU-2021:0071-1
- SUSE-SU-2021:0072-1
- SUSE-SU-2021:0080-1
- SUSE-SU-2021:0122-1
- SUSE-SU-2021:0123-1
- USN-4687-1
- USN-4701-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/chromium?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | chromium | < 88.0.4324.96-lp151.2.171.1 | opensuse-leap-15.1 | x86_64 | |
Affected | pkg:rpm/opensuse/chromedriver?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | chromedriver | < 88.0.4324.96-lp151.2.171.1 | opensuse-leap-15.1 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |