{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"53.0.2785.113-100.1","chromium":"53.0.2785.113-100.1","chromium-desktop-gnome":"53.0.2785.113-100.1","chromium-desktop-kde":"53.0.2785.113-100.1","chromium-ffmpegsumo":"53.0.2785.113-100.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"53.0.2785.113-100.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"Chromium was updated to 53.0.2785.113 to fix a number of security issues and bugs.\n\nThe following vulnerabilities were fixed:\n\n- CVE-2016-5170: Use after free in Blink\n- CVE-2016-5171: Use after free in Blink\n- CVE-2016-5172: Arbitrary Memory Read in v8\n- CVE-2016-5173: Extension resource access\n- CVE-2016-5174: Popup not correctly suppressed\n- CVE-2016-5175: Various fixes from internal audits, fuzzing and other initiatives.\n\nThe following upstream fixes are included:\n\n- SPDY crasher fixes\n- Disable NV12 DXGI video on AMD\n- Forward --password-store switch to os_crypt\n- Tell the kernel to discard USB requests when they time out.\n- disallow WKBackForwardListItem navigations for pushState pages\n- arc: bluetooth: Fix advertised uuid\n- fix conflicting PendingIntent for stop button and swipe away\n\nThe widevine plugin was re-enabled (boo#998328).","id":"openSUSE-SU-2016:2311-1","modified":"2016-09-14T21:25:32Z","published":"2016-09-14T21:25:32Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4KCI3TOYLRFN25IQWARL7AL34MYPNDOI/#4KCI3TOYLRFN25IQWARL7AL34MYPNDOI"},{"type":"REPORT","url":"https://bugzilla.suse.com/998328"},{"type":"REPORT","url":"https://bugzilla.suse.com/998743"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5170"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5171"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5172"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5174"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5175"}],"related":["CVE-2016-5170","CVE-2016-5171","CVE-2016-5172","CVE-2016-5173","CVE-2016-5174","CVE-2016-5175"],"summary":"Recommended update for chromium","upstream":["CVE-2016-5170","CVE-2016-5171","CVE-2016-5172","CVE-2016-5173","CVE-2016-5174","CVE-2016-5175"]}