{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"76.0.3809.87-bp150.220.1","chromium":"76.0.3809.87-bp150.220.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"76.0.3809.87-bp150.220.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium to version 76.0.3809.87 fixes the following issues:\n\n- CVE-2019-5850: Use-after-free in offline page fetcher (boo#1143492)\n- CVE-2019-5860: Use-after-free in PDFium (boo#1143492)\n- CVE-2019-5853: Memory corruption in regexp length check (boo#1143492)\n- CVE-2019-5851: Use-after-poison in offline audio context (boo#1143492)\n- CVE-2019-5859: res: URIs can load alternative browsers (boo#1143492)\n- CVE-2019-5856: Insufficient checks on filesystem: URI permissions (boo#1143492)\n- CVE-2019-5855: Integer overflow in PDFium (boo#1143492)\n- CVE-2019-5865: Site isolation bypass from compromised renderer (boo#1143492)\n- CVE-2019-5858: Insufficient filtering of Open URL service parameters (boo#1143492)\n- CVE-2019-5864: Insufficient port filtering in CORS for extensions (boo#1143492)\n- CVE-2019-5862: AppCache not robust to compromised renderers (boo#1143492)\n- CVE-2019-5861: Click location incorrectly checked (boo#1143492)\n- CVE-2019-5857: Comparison of -0 and null yields crash (boo#1143492)\n- CVE-2019-5854: Integer overflow in PDFium text rendering (boo#1143492)\n- CVE-2019-5852: Object leak of utility functions (boo#1143492)\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:1853-1","modified":"2019-08-13T09:49:04Z","published":"2019-08-13T09:49:04Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JMMJLYJITAKUCHBOHB7CNHLZRBB3RITA/#JMMJLYJITAKUCHBOHB7CNHLZRBB3RITA"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143492"},{"type":"REPORT","url":"https://bugzilla.suse.com/1144625"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5850"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5851"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5853"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5854"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5855"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5856"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5858"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5859"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5860"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5861"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5862"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5863"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5864"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5865"}],"related":["CVE-2019-5850","CVE-2019-5851","CVE-2019-5852","CVE-2019-5853","CVE-2019-5854","CVE-2019-5855","CVE-2019-5856","CVE-2019-5857","CVE-2019-5858","CVE-2019-5859","CVE-2019-5860","CVE-2019-5861","CVE-2019-5862","CVE-2019-5863","CVE-2019-5864","CVE-2019-5865"],"summary":"Security update for chromium","upstream":["CVE-2019-5850","CVE-2019-5851","CVE-2019-5852","CVE-2019-5853","CVE-2019-5854","CVE-2019-5855","CVE-2019-5856","CVE-2019-5857","CVE-2019-5858","CVE-2019-5859","CVE-2019-5860","CVE-2019-5861","CVE-2019-5862","CVE-2019-5863","CVE-2019-5864","CVE-2019-5865"]}