openSUSE-SU-2021:1144-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:1144-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2021:1144-1
Related
Published
2021-08-10T22:40:35Z
Modified
2021-08-10T22:40:35Z
Summary
Security update for chromium
Details

This update for chromium fixes the following issues:

Chromium 92.0.4515.131 (boo#1189006)

  • CVE-2021-30590: Heap buffer overflow in Bookmarks
  • CVE-2021-30591: Use after free in File System API
  • CVE-2021-30592: Out of bounds write in Tab Groups
  • CVE-2021-30593: Out of bounds read in Tab Strip
  • CVE-2021-30594: Use after free in Page Info UI
  • CVE-2021-30596: Incorrect security UI in Navigation
  • CVE-2021-30597: Use after free in Browser UI

Chromium 92.0.4515.107 (boo#1188590)

  • CVE-2021-30565: Out of bounds write in Tab Groups
  • CVE-2021-30566: Stack buffer overflow in Printing
  • CVE-2021-30567: Use after free in DevTools
  • CVE-2021-30568: Heap buffer overflow in WebGL
  • CVE-2021-30569: Use after free in sqlite
  • CVE-2021-30571: Insufficient policy enforcement in DevTools
  • CVE-2021-30572: Use after free in Autofill
  • CVE-2021-30573: Use after free in GPU
  • CVE-2021-30574: Use after free in protocol handling
  • CVE-2021-30575: Out of bounds read in Autofill
  • CVE-2021-30576: Use after free in DevTools
  • CVE-2021-30577: Insufficient policy enforcement in Installer
  • CVE-2021-30578: Uninitialized Use in Media
  • CVE-2021-30579: Use after free in UI framework
  • CVE-2021-30581: Use after free in DevTools
  • CVE-2021-30582: Inappropriate implementation in Animation
  • CVE-2021-30584: Incorrect security UI in Downloads
  • CVE-2021-30585: Use after free in sensor handling
  • CVE-2021-30588: Type Confusion in V8
  • CVE-2021-30589: Insufficient validation of untrusted input in Sharing
References

Affected packages

SUSE:Package Hub 15 SP3 / chromium

Package

Name
chromium
Purl
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
92.0.4515.131-bp153.2.19.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "92.0.4515.131-bp153.2.19.1",
            "chromium": "92.0.4515.131-bp153.2.19.1"
        }
    ]
}

openSUSE:Leap 15.3 / chromium

Package

Name
chromium
Purl
pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
92.0.4515.131-bp153.2.19.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "92.0.4515.131-bp153.2.19.1",
            "chromium": "92.0.4515.131-bp153.2.19.1"
        }
    ]
}