{"id":"openSUSE-SU-2021:0268-1","summary":"Security update for chromium","details":"This update for chromium fixes the following issues:\n\n- Update to 88.0.4324.146 boo#1181772\n  - CVE-2021-21142: Use after free in Payments\n  - CVE-2021-21143: Heap buffer overflow in Extensions\n  - CVE-2021-21144: Heap buffer overflow in Tab Groups.\n  - CVE-2021-21145: Use after free in Fonts\n  - CVE-2021-21146: Use after free in Navigation.\n  - CVE-2021-21147: Inappropriate implementation in Skia\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.","modified":"2026-02-04T03:42:44.522272Z","published":"2021-02-10T05:05:31Z","related":["CVE-2021-21142","CVE-2021-21143","CVE-2021-21144","CVE-2021-21145","CVE-2021-21146","CVE-2021-21147"],"upstream":["CVE-2021-21142","CVE-2021-21143","CVE-2021-21144","CVE-2021-21145","CVE-2021-21146","CVE-2021-21147"],"references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DM5J73PFE6RAAP7ZYV2S2F6NISQVSMLP/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181772"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21143"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21144"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21145"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21146"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21147"}],"affected":[{"package":{"name":"chromium","ecosystem":"SUSE:Package Hub 15 SP2","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"88.0.4324.146-bp152.2.56.5"}]}],"ecosystem_specific":{"binaries":[{"chromium":"88.0.4324.146-bp152.2.56.5","chromedriver":"88.0.4324.146-bp152.2.56.5"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0268-1.json"}}],"schema_version":"1.7.3"}