SUSE Package Hub - openSUSE-2020-1937

Update Info

openSUSE-2020-1937

Security update for chromium

Type: security

Severity: important

Issued: 2020-11-15

Description:

This update for chromium fixes the following issues:

- Update to 86.0.4240.183 boo#1178375
  - CVE-2020-16004: Use after free in user interface.
  - CVE-2020-16005: Insufficient policy enforcement in ANGLE.
  - CVE-2020-16006: Inappropriate implementation in V8
  - CVE-2020-16007: Insufficient data validation in installer.
  - CVE-2020-16008: Stack buffer overflow in WebRTC.
  - CVE-2020-16009: Inappropriate implementation in V8.
  - CVE-2020-16011: Heap buffer overflow in UI on Windows.

This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2020-16011
CVE: CVE-2020-16009
CVE: CVE-2020-16008
CVE: CVE-2020-16007
CVE: CVE-2020-16006
CVE: CVE-2020-16005
CVE: CVE-2020-16004
Bugzilla: 1178375 VUL-0: chromium: stable update to 86.0.4240.183

Packages

chromium-86.0.4240.183-bp151.3.125.1