Overview

File _patchinfo of Package patchinfo.15805

<patchinfo incident="15805">
  <issue tracker="bnc" id="1182233">[Build 20210211][glibc2.33] chromium fails to render websites</issue>
  <issue tracker="bnc" id="1182775">[Build 20210223] chromium hangs on opening</issue>
  <issue tracker="bnc" id="1182358">VUL-0: CVE-2021-21149,CVE-2021-21150,CVE-2021-21151,CVE-2021-21152,CVE-2021-21153,CVE-2021-21154,CVE-2021-21155,CVE-2021-21156,CVE-2021-21157: chromium: Update to 88.0.4324.182</issue>
  <issue tracker="bnc" id="1182358">VUL-0: chromium: Update to 89.0.4389.72</issue>
  <issue tracker="cve" id="2021-21154"/>
  <issue tracker="cve" id="2021-21156"/>
  <issue tracker="cve" id="2021-21149"/>
  <issue tracker="cve" id="2021-21157"/>
  <issue tracker="cve" id="2021-21153"/>
  <issue tracker="cve" id="2021-21151"/>
  <issue tracker="cve" id="2021-21152"/>
  <issue tracker="cve" id="2021-21155"/>
  <issue tracker="cve" id="2021-21150"/>
  <issue tracker="cve" id="2021-21159"/>
  <issue tracker="cve" id="2021-21160"/>
  <issue tracker="cve" id="2021-21161"/>
  <issue tracker="cve" id="2021-21162"/>
  <issue tracker="cve" id="2021-21163"/>
  <issue tracker="cve" id="2021-21164"/>
  <issue tracker="cve" id="2021-21165"/>
  <issue tracker="cve" id="2021-21166"/>
  <issue tracker="cve" id="2021-21167"/>
  <issue tracker="cve" id="2021-21168"/>
  <issue tracker="cve" id="2021-21169"/>
  <issue tracker="cve" id="2021-21170"/>
  <issue tracker="cve" id="2021-21171"/>
  <issue tracker="cve" id="2021-21172"/>
  <issue tracker="cve" id="2021-21173"/>
  <issue tracker="cve" id="2021-21174"/>
  <issue tracker="cve" id="2021-21175"/>
  <issue tracker="cve" id="2021-21176"/>
  <issue tracker="cve" id="2021-21177"/>
  <issue tracker="cve" id="2021-21178"/>
  <issue tracker="cve" id="2021-21179"/>
  <issue tracker="cve" id="2021-21180"/>
  <issue tracker="cve" id="2020-27844"/>
  <issue tracker="cve" id="2021-21181"/>
  <issue tracker="cve" id="2021-21182"/>
  <issue tracker="cve" id="2021-21183"/>
  <issue tracker="cve" id="2021-21184"/>
  <issue tracker="cve" id="2021-21185"/>
  <issue tracker="cve" id="2021-21186"/>
  <issue tracker="cve" id="2021-21187"/>
  <issue tracker="cve" id="2021-21188"/>
  <issue tracker="cve" id="2021-21189"/>
  <issue tracker="cve" id="2021-21190"/>
  <packager>gmbr3</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for chromium</summary>
  <description>This update for chromium fixes the following issues:

Update to 89.0.4389.72 (boo#1182358, boo#1182960):

- CVE-2021-21159: Heap buffer overflow in TabStrip.
- CVE-2021-21160: Heap buffer overflow in WebAudio.
- CVE-2021-21161: Heap buffer overflow in TabStrip.
- CVE-2021-21162: Use after free in WebRTC.
- CVE-2021-21163: Insufficient data validation in Reader Mode.
- CVE-2021-21164: Insufficient data validation in Chrome for iOS.
- CVE-2021-21165: Object lifecycle issue in audio.
- CVE-2021-21166: Object lifecycle issue in audio.
- CVE-2021-21167: Use after free in bookmarks.
- CVE-2021-21168: Insufficient policy enforcement in appcache.
- CVE-2021-21169: Out of bounds memory access in V8.
- CVE-2021-21170: Incorrect security UI in Loader.
- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
- CVE-2021-21172: Insufficient policy enforcement in File System API.
- CVE-2021-21173: Side-channel information leakage in Network Internals.
- CVE-2021-21174: Inappropriate implementation in Referrer.
- CVE-2021-21175: Inappropriate implementation in Site isolation.
- CVE-2021-21176: Inappropriate implementation in full screen mode.
- CVE-2021-21177: Insufficient policy enforcement in Autofill.
- CVE-2021-21178: Inappropriate implementation in Compositing.
- CVE-2021-21179: Use after free in Network Internals.
- CVE-2021-21180: Use after free in tab search.
- CVE-2020-27844: Heap buffer overflow in OpenJPEG.
- CVE-2021-21181: Side-channel information leakage in autofill.
- CVE-2021-21182: Insufficient policy enforcement in navigations.
- CVE-2021-21183: Inappropriate implementation in performance APIs.
- CVE-2021-21184: Inappropriate implementation in performance APIs.
- CVE-2021-21185: Insufficient policy enforcement in extensions.
- CVE-2021-21186: Insufficient policy enforcement in QR scanning.
- CVE-2021-21187: Insufficient data validation in URL formatting.
- CVE-2021-21188: Use after free in Blink.
- CVE-2021-21189: Insufficient policy enforcement in payments.
- CVE-2021-21190: Uninitialized Use in PDFium.
- CVE-2021-21149: Stack overflow in Data Transfer.
- CVE-2021-21150: Use after free in Downloads.
- CVE-2021-21151: Use after free in Payments.
- CVE-2021-21152: Heap buffer overflow in Media.
- CVE-2021-21153: Stack overflow in GPU Process. 
- CVE-2021-21154: Heap buffer overflow in Tab Strip.
- CVE-2021-21155: Heap buffer overflow in Tab Strip.
- CVE-2021-21156: Heap buffer overflow in V8.
- CVE-2021-21157: Use after free in Web Sockets.  
- Fixed Sandbox with glibc 2.33 (boo#1182233)
- Fixed an issue where chromium hangs on opening (boo#1182775).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places