{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"72.0.3626.96-bp150.2.32.1","chromium":"72.0.3626.96-bp150.2.32.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"72.0.3626.96-bp150.2.32.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for Chromium to version 72.0.3626.96 fixes the following issues:\n\nSecurity issues fixed (bsc#1123641 and bsc#1124936):\n\n- CVE-2019-5784: Inappropriate implementation in V8 \n- CVE-2019-5754: Inappropriate implementation in QUIC Networking.\n- CVE-2019-5782: Inappropriate implementation in V8. \n- CVE-2019-5755: Inappropriate implementation in V8. \n- CVE-2019-5756: Use after free in PDFium. \n- CVE-2019-5757: Type Confusion in SVG.\n- CVE-2019-5758: Use after free in Blink.\n- CVE-2019-5759: Use after free in HTML select elements.\n- CVE-2019-5760: Use after free in WebRTC. \n- CVE-2019-5761: Use after free in SwiftShader.\n- CVE-2019-5762: Use after free in PDFium. \n- CVE-2019-5763: Insufficient validation of untrusted input in V8.\n- CVE-2019-5764: Use after free in WebRTC. \n- CVE-2019-5765: Insufficient policy enforcement in the browser.\n- CVE-2019-5766: Insufficient policy enforcement in Canvas.\n- CVE-2019-5767: Incorrect security UI in WebAPKs. \n- CVE-2019-5768: Insufficient policy enforcement in DevTools. \n- CVE-2019-5769: Insufficient validation of untrusted input in Blink.\n- CVE-2019-5770: Heap buffer overflow in WebGL. \n- CVE-2019-5771: Heap buffer overflow in SwiftShader.\n- CVE-2019-5772: Use after free in PDFium. \n- CVE-2019-5773: Insufficient data validation in IndexedDB.\n- CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. \n- CVE-2019-5775: Insufficient policy enforcement in Omnibox. \n- CVE-2019-5776: Insufficient policy enforcement in Omnibox. \n- CVE-2019-5777: Insufficient policy enforcement in Omnibox. \n- CVE-2019-5778: Insufficient policy enforcement in Extensions.\n- CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.\n- CVE-2019-5780: Insufficient policy enforcement. \n- CVE-2019-5781: Insufficient policy enforcement in Omnibox.\n\nFor a full list of changes refer to https://chromereleases.googleblog.com/2019/02/stable-channel-update-for-desktop.html\n  \nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:0216-1","modified":"2019-02-19T10:08:13Z","published":"2019-02-19T10:08:13Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2ML6QGHGVYBG5SQSSH72SSZYFIXFDLUW/#2ML6QGHGVYBG5SQSSH72SSZYFIXFDLUW"},{"type":"REPORT","url":"https://bugzilla.suse.com/1123641"},{"type":"REPORT","url":"https://bugzilla.suse.com/1124936"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5754"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5755"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5756"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5757"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5758"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5759"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5760"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5761"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5762"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5763"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5764"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5765"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5766"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5767"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5768"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5769"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5770"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5771"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5772"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5773"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5774"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5775"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5776"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5777"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5778"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5779"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5780"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5781"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5782"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5784"}],"related":["CVE-2019-5754","CVE-2019-5755","CVE-2019-5756","CVE-2019-5757","CVE-2019-5758","CVE-2019-5759","CVE-2019-5760","CVE-2019-5761","CVE-2019-5762","CVE-2019-5763","CVE-2019-5764","CVE-2019-5765","CVE-2019-5766","CVE-2019-5767","CVE-2019-5768","CVE-2019-5769","CVE-2019-5770","CVE-2019-5771","CVE-2019-5772","CVE-2019-5773","CVE-2019-5774","CVE-2019-5775","CVE-2019-5776","CVE-2019-5777","CVE-2019-5778","CVE-2019-5779","CVE-2019-5780","CVE-2019-5781","CVE-2019-5782","CVE-2019-5784"],"summary":"Security update for chromium","upstream":["CVE-2019-5754","CVE-2019-5755","CVE-2019-5756","CVE-2019-5757","CVE-2019-5758","CVE-2019-5759","CVE-2019-5760","CVE-2019-5761","CVE-2019-5762","CVE-2019-5763","CVE-2019-5764","CVE-2019-5765","CVE-2019-5766","CVE-2019-5767","CVE-2019-5768","CVE-2019-5769","CVE-2019-5770","CVE-2019-5771","CVE-2019-5772","CVE-2019-5773","CVE-2019-5774","CVE-2019-5775","CVE-2019-5776","CVE-2019-5777","CVE-2019-5778","CVE-2019-5779","CVE-2019-5780","CVE-2019-5781","CVE-2019-5782","CVE-2019-5784"]}