{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"78.0.3904.70-bp151.3.50.1","chromium":"78.0.3904.70-bp151.3.50.1","libre2-0":"20190901-bp151.6.9.1","libre2-0-64bit":"20190901-bp151.6.9.1","re2-devel":"20190901-bp151.6.9.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"78.0.3904.70-bp151.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"78.0.3904.70-bp151.3.50.1","chromium":"78.0.3904.70-bp151.3.50.1","libre2-0":"20190901-bp151.6.9.1","libre2-0-64bit":"20190901-bp151.6.9.1","re2-devel":"20190901-bp151.6.9.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"re2","purl":"pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20190901-bp151.6.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2020:0010-1","modified":"2020-01-13T05:16:29Z","published":"2020-01-13T05:16:29Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NHWBJKQPSZZUXFRQCXMMXQYJB6ONVGNX/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1154806"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13699"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13700"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13703"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13705"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13707"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13708"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13709"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13710"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13711"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13713"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13714"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13716"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13717"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13718"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13719"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15903"}],"related":["CVE-2019-13699","CVE-2019-13700","CVE-2019-13701","CVE-2019-13702","CVE-2019-13703","CVE-2019-13704","CVE-2019-13705","CVE-2019-13706","CVE-2019-13707","CVE-2019-13708","CVE-2019-13709","CVE-2019-13710","CVE-2019-13711","CVE-2019-13713","CVE-2019-13714","CVE-2019-13715","CVE-2019-13716","CVE-2019-13717","CVE-2019-13718","CVE-2019-13719","CVE-2019-15903"],"summary":"Security update for chromium, re2","upstream":["CVE-2019-13699","CVE-2019-13700","CVE-2019-13701","CVE-2019-13702","CVE-2019-13703","CVE-2019-13704","CVE-2019-13705","CVE-2019-13706","CVE-2019-13707","CVE-2019-13708","CVE-2019-13709","CVE-2019-13710","CVE-2019-13711","CVE-2019-13713","CVE-2019-13714","CVE-2019-13715","CVE-2019-13716","CVE-2019-13717","CVE-2019-13718","CVE-2019-13719","CVE-2019-15903"]}