openSUSE 15.2: 2021:1632-1 Important: Chromium Issues Resolved
opensuse
December 28, 2021
An update that fixes 41 vulnerabilities is now available
Description
This update for chromium fixes the following issues:
Chromium 96.0.4664.110 (boo#1193713):
* CVE-2021-4098: Insufficient data validation in Mojo
* CVE-2021-4099: Use after free in Swiftshader
* CVE-2021-4100: Object lifecycle issue in ANGLE
* CVE-2021-4101: Heap buffer overflow in Swiftshader
* CVE-2021-4102: Use after free in V8
Lord of the Browsers: The Two Compilers:
* Go back to GCC
* GCC: LTO removes needed assembly symbols
* Clang: issues with libstdc++
Chromium 96.0.4664.93 (boo#1193519):
* CVE-2021-4052: Use after free in web apps
* CVE-2021-4053: Use after free in UI
* CVE-2021-4079: Out of bounds write in WebRTC
* CVE-2021-4054: Incorrect security UI in autofill
* CVE-2021-4078: Type confusion in V8
* CVE-2021-4055: Heap buffer overflow in extensions
* CVE-2021-4056: Type Confusion in loader
* CVE-2021-4057: Use after free in file API
* CVE-2021-4058: Heap buffer overflow in ANGLE
* CVE-2021-4059:...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1632=1
Package List
- openSUSE Leap 15.2 (x86_64):
chromedriver-96.0.4664.110-lp152.2.143.1
chromedriver-debuginfo-96.0.4664.110-lp152.2.143.1
chromium-96.0.4664.110-lp152.2.143.1
chromium-debuginfo-96.0.4664.110-lp152.2.143.1
References
https://www.suse.com/security/cve/CVE-2021-38005.html
https://www.suse.com/security/cve/CVE-2021-38006.html
https://www.suse.com/security/cve/CVE-2021-38007.html
https://www.suse.com/security/cve/CVE-2021-38008.html
https://www.suse.com/security/cve/CVE-2021-38009.html
https://www.suse.com/security/cve/CVE-2021-38010.html
https://www.suse.com/security/cve/CVE-2021-38011.html
https://www.suse.com/security/cve/CVE-2021-38012.html
https://www.suse.com/security/cve/CVE-2021-38013.html
https://www.suse.com/security/cve/CVE-2021-38014.html
https://www.suse.com/security/cve/CVE-2021-38015.html
https://www.suse.com/security/cve/CVE-2021-38016.html
https://www.suse.com/security/cve/CVE-2021-38017.html
https://www.suse.com/security/cve/CVE-2021-38018.html
https://www.suse.com/security/cve/CVE-2021-38019.html
https://www.suse.com/security/cve/CVE-2021-38020.html
https://www.suse.com/security/cve/CVE-2021-38021.html
https://www.suse.com/security/cve/CVE-2021-38022.html
https://www.suse.com/security/cve/CVE-2021-405...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:1632-1
Rating: important
Affected Products:
openSUSE Leap 15.2
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!