Overview

File _patchinfo of Package patchinfo.15077

<patchinfo incident="15077">
  <issue tracker="bnc" id="1178923">VUL-0: chromium: Update to 87.0.4280.66</issue>
  <issue tracker="cve" id="2020-16034"/>
  <issue tracker="cve" id="2020-16015"/>
  <issue tracker="cve" id="2020-16036"/>
  <issue tracker="cve" id="2020-16022"/>
  <issue tracker="cve" id="2020-16033"/>
  <issue tracker="cve" id="2020-16030"/>
  <issue tracker="cve" id="2020-16018"/>
  <issue tracker="cve" id="2020-16014"/>
  <issue tracker="cve" id="2019-8075"/>
  <issue tracker="cve" id="2020-16029"/>
  <issue tracker="cve" id="2020-16027"/>
  <issue tracker="cve" id="2020-16021"/>
  <issue tracker="cve" id="2020-16028"/>
  <issue tracker="cve" id="2020-16031"/>
  <issue tracker="cve" id="2020-16026"/>
  <issue tracker="cve" id="2020-16024"/>
  <issue tracker="cve" id="2020-16019"/>
  <issue tracker="cve" id="2020-16023"/>
  <issue tracker="cve" id="2020-16032"/>
  <issue tracker="cve" id="2020-16025"/>
  <issue tracker="cve" id="2020-16020"/>
  <issue tracker="cve" id="2020-16012"/>
  <issue tracker="cve" id="2020-16035"/>
  <packager>gmbr3</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

- Update to 87.0.4280.66 (boo#1178923)
  - Wayland support by default
  - CVE-2020-16018: Use after free in payments. 
  - CVE-2020-16019: Inappropriate implementation in filesystem. 
  - CVE-2020-16020: Inappropriate implementation in cryptohome. 
  - CVE-2020-16021: Race in ImageBurner. 
  - CVE-2020-16022: Insufficient policy enforcement in networking. 
  - CVE-2020-16015: Insufficient data validation in WASM. R
  - CVE-2020-16014: Use after free in PPAPI. 
  - CVE-2020-16023: Use after free in WebCodecs. 
  - CVE-2020-16024: Heap buffer overflow in UI.
  - CVE-2020-16025: Heap buffer overflow in clipboard. 
  - CVE-2020-16026: Use after free in WebRTC. 
  - CVE-2020-16027: Insufficient policy enforcement in developer tools. R
  - CVE-2020-16028: Heap buffer overflow in WebRTC. 
  - CVE-2020-16029: Inappropriate implementation in PDFium. 
  - CVE-2020-16030: Insufficient data validation in Blink. 
  - CVE-2019-8075: Insufficient data validation in Flash. 
  - CVE-2020-16031: Incorrect security UI in tab preview. 
  - CVE-2020-16032: Incorrect security UI in sharing.
  - CVE-2020-16033: Incorrect security UI in WebUSB. 
  - CVE-2020-16034: Inappropriate implementation in WebRTC. 
  - CVE-2020-16035: Insufficient data validation in cros-disks.
  - CVE-2020-16012: Side-channel information leakage in graphics. 
  - CVE-2020-16036: Inappropriate implementation in cookies. 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places