{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"57.0.2987.98-8.1","chromium":"57.0.2987.98-8.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12 SP2","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"57.0.2987.98-8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"Chromium was updated to 57.0.2987.98 to fix security issues and bugs.\n\nThe following vulnerabilities were fixed (bsc#1028848):\n\n- CVE-2017-5030: Memory corruption in V8\n- CVE-2017-5031: Use after free in ANGLE\n- CVE-2017-5032: Out of bounds write in PDFium\n- CVE-2017-5029: Integer overflow in libxslt\n- CVE-2017-5034: Use after free in PDFium\n- CVE-2017-5035: Incorrect security UI in Omnibox\n- CVE-2017-5036: Use after free in PDFium\n- CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer\n- CVE-2017-5039: Use after free in PDFium\n- CVE-2017-5040: Information disclosure in V8\n- CVE-2017-5041: Address spoofing in Omnibox\n- CVE-2017-5033: Bypass of Content Security Policy in Blink\n- CVE-2017-5042: Incorrect handling of cookies in Cast\n- CVE-2017-5038: Use after free in GuestView\n- CVE-2017-5043: Use after free in GuestView\n- CVE-2017-5044: Heap overflow in Skia\n- CVE-2017-5045: Information disclosure in XSS Auditor\n- CVE-2017-5046: Information disclosure in Blink\n\n   \nThe following non-security changes are included:\n\n- Address broken rendering on non-intel cards   \n","id":"openSUSE-SU-2017:0740-1","modified":"2017-03-17T20:07:47Z","published":"2017-03-17T20:07:47Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2PWEOYPGN6NS2GPOOLH27ZPXQ7KSRFP4/#2PWEOYPGN6NS2GPOOLH27ZPXQ7KSRFP4"},{"type":"REPORT","url":"https://bugzilla.suse.com/1028848"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5029"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5030"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5031"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5032"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5034"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5035"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5036"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5037"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5038"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5039"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5040"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5041"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5042"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5043"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5044"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5045"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5046"}],"related":["CVE-2017-5029","CVE-2017-5030","CVE-2017-5031","CVE-2017-5032","CVE-2017-5033","CVE-2017-5034","CVE-2017-5035","CVE-2017-5036","CVE-2017-5037","CVE-2017-5038","CVE-2017-5039","CVE-2017-5040","CVE-2017-5041","CVE-2017-5042","CVE-2017-5043","CVE-2017-5044","CVE-2017-5045","CVE-2017-5046"],"summary":"Security update for Chromium","upstream":["CVE-2017-5029","CVE-2017-5030","CVE-2017-5031","CVE-2017-5032","CVE-2017-5033","CVE-2017-5034","CVE-2017-5035","CVE-2017-5036","CVE-2017-5037","CVE-2017-5038","CVE-2017-5039","CVE-2017-5040","CVE-2017-5041","CVE-2017-5042","CVE-2017-5043","CVE-2017-5044","CVE-2017-5045","CVE-2017-5046"]}