SUSE Package Hub - openSUSE-2021-1392

Update Info

openSUSE-2021-1392

Security update for chromium

Type: security

Severity: important

Issued: 2021-10-26

Description:

This update for chromium fixes the following issues:

Chromium 95.0.4638.54 (boo#1191844):

* CVE-2021-37981: Heap buffer overflow in Skia
* CVE-2021-37982: Use after free in Incognito
* CVE-2021-37983: Use after free in Dev Tools
* CVE-2021-37984: Heap buffer overflow in PDFium
* CVE-2021-37985: Use after free in V8
* CVE-2021-37986: Heap buffer overflow in Settings
* CVE-2021-37987: Use after free in Network APIs
* CVE-2021-37988: Use after free in Profiles
* CVE-2021-37989: Inappropriate implementation in Blink
* CVE-2021-37990: Inappropriate implementation in WebView
* CVE-2021-37991: Race in V8
* CVE-2021-37992: Out of bounds read in WebAudio
* CVE-2021-37993: Use after free in PDF Accessibility
* CVE-2021-37996: Insufficient validation of untrusted input in Downloads
* CVE-2021-37994: Inappropriate implementation in iFrame Sandbox
* CVE-2021-37995: Inappropriate implementation in WebApp Installer

References

CVE: CVE-2021-37996
CVE: CVE-2021-37995
CVE: CVE-2021-37994
CVE: CVE-2021-37993
CVE: CVE-2021-37992
CVE: CVE-2021-37991
CVE: CVE-2021-37990
CVE: CVE-2021-37989
CVE: CVE-2021-37988
CVE: CVE-2021-37987
CVE: CVE-2021-37986
CVE: CVE-2021-37985
CVE: CVE-2021-37984
CVE: CVE-2021-37983
CVE: CVE-2021-37982
CVE: CVE-2021-37981
Bugzilla: 1191844 VUL-0: chromium: multiple security issues fixed in 95.0.4638.54

Packages

chromium-95.0.4638.54-bp153.2.37.1