openSUSE-SU-2020:0893-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0893-1.json

JSON Data

https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0893-1

Related

Published

2020-06-28T12:16:33Z

Modified

2020-06-28T12:16:33Z

Summary

Security update for chromium

Details

This update for chromium fixes the following issues:

Chromium was updated to 83.0.4103.116 (boo#1173251):

CVE-2020-6509: Use after free in extensions

Chromium was updated to 83.0.4103.106 (boo#1173029):

CVE-2020-6505: Use after free in speech
CVE-2020-6506: Insufficient policy enforcement in WebView
CVE-2020-6507: Out of bounds write in V8

Other fixes:

Add patch to work with new ffmpeg wrt boo#1173292:
Add multimedia fix for disabled location and also try one additional patch from Debian on the same issue boo#1173107
Disable wayland integration on 15.x boo#1173187 boo#1173188 boo#1173254
Enforce to not use system borders boo#1173063

References

Affected packages

openSUSE:Leap 15.2 / chromium

Package

Name: chromium
Purl: purl:rpm/suse/chromium&distro=openSUSE%20Leap%2015.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

83.0.4103.116-lp152.2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "83.0.4103.116-lp152.2.3.1",
            "chromium": "83.0.4103.116-lp152.2.3.1"
        }
    ]
}