Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE Leap 15.2: 2021:0392-1 Important Heap Overflow Fixes

opensuse
Calendar Grey March 8, 2021
Dist Opensuse Esm H88
Important openSUSE patch addresses 37 vulnerabilities in Firefox, boosting security with crucial updates for protecting users.
An update that fixes 42 vulnerabilities is now available

Description

This update for chromium fixes the following issues:

Update to 89.0.4389.72 (boo#1182358, boo#1182960):

- CVE-2021-21159: Heap buffer overflow in TabStrip.

- CVE-2021-21160: Heap buffer overflow in WebAudio.

- CVE-2021-21161: Heap buffer overflow in TabStrip.

- CVE-2021-21162: Use after free in WebRTC.

- CVE-2021-21163: Insufficient data validation in Reader Mode.

- CVE-2021-21164: Insufficient data validation in Chrome for iOS.

- CVE-2021-21165: Object lifecycle issue in audio.

- CVE-2021-21166: Object lifecycle issue in audio.

- CVE-2021-21167: Use after free in bookmarks.

- CVE-2021-21168: Insufficient policy enforcement in appcache.

- CVE-2021-21169: Out of bounds memory access in V8.

- CVE-2021-21170: Incorrect security UI in Loader.

- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.

- CVE-2021-21172: Insufficient policy enforcement in File System API.

- CVE-2021-21173: Side-channel information leakage in...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security enhancement heap overflow important fix software issues heap buffer overflow openSUSE chromium updates for Chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-392=1

Package List

- openSUSE Leap 15.2 (x86_64):

chromedriver-89.0.4389.72-lp152.2.77.1

chromedriver-debuginfo-89.0.4389.72-lp152.2.77.1

chromium-89.0.4389.72-lp152.2.77.1

chromium-debuginfo-89.0.4389.72-lp152.2.77.1

References

https://www.suse.com/security/cve/CVE-2020-27844.html

https://www.suse.com/security/cve/CVE-2021-21149.html

https://www.suse.com/security/cve/CVE-2021-21150.html

https://www.suse.com/security/cve/CVE-2021-21151.html

https://www.suse.com/security/cve/CVE-2021-21152.html

https://www.suse.com/security/cve/CVE-2021-21153.html

https://www.suse.com/security/cve/CVE-2021-21154.html

https://www.suse.com/security/cve/CVE-2021-21155.html

https://www.suse.com/security/cve/CVE-2021-21156.html

https://www.suse.com/security/cve/CVE-2021-21157.html

https://www.suse.com/security/cve/CVE-2021-21159.html

https://www.suse.com/security/cve/CVE-2021-21160.html

https://www.suse.com/security/cve/CVE-2021-21161.html

https://www.suse.com/security/cve/CVE-2021-21162.html

https://www.suse.com/security/cve/CVE-2021-21163.html

https://www.suse.com/security/cve/CVE-2021-21164.html

https://www.suse.com/security/cve/CVE-2021-21165.html

https://www.suse.com/security/cve/CVE-2021-21166.html

https://www.suse.com/security/cve/CVE-2021-211...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2021:0392-1
Rating: important
Affected Products: openSUSE Leap 15.2 .

Topics%20covered

Topics Covered

security advisory security enhancement heap overflow important fix software issues heap buffer overflow openSUSE chromium updates for Chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here