{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"87.0.4280.66-lp151.2.156.1","chromium":"87.0.4280.66-lp151.2.156.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"87.0.4280.66-lp151.2.156.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Update to 87.0.4280.66 (boo#1178923)\n  - Wayland support by default\n  - CVE-2020-16018: Use after free in payments. \n  - CVE-2020-16019: Inappropriate implementation in filesystem. \n  - CVE-2020-16020: Inappropriate implementation in cryptohome. \n  - CVE-2020-16021: Race in ImageBurner. \n  - CVE-2020-16022: Insufficient policy enforcement in networking. \n  - CVE-2020-16015: Insufficient data validation in WASM. R\n  - CVE-2020-16014: Use after free in PPAPI. \n  - CVE-2020-16023: Use after free in WebCodecs. \n  - CVE-2020-16024: Heap buffer overflow in UI.\n  - CVE-2020-16025: Heap buffer overflow in clipboard. \n  - CVE-2020-16026: Use after free in WebRTC. \n  - CVE-2020-16027: Insufficient policy enforcement in developer tools. R\n  - CVE-2020-16028: Heap buffer overflow in WebRTC. \n  - CVE-2020-16029: Inappropriate implementation in PDFium. \n  - CVE-2020-16030: Insufficient data validation in Blink. \n  - CVE-2019-8075: Insufficient data validation in Flash. \n  - CVE-2020-16031: Incorrect security UI in tab preview. \n  - CVE-2020-16032: Incorrect security UI in sharing.\n  - CVE-2020-16033: Incorrect security UI in WebUSB. \n  - CVE-2020-16034: Inappropriate implementation in WebRTC. \n  - CVE-2020-16035: Insufficient data validation in cros-disks.\n  - CVE-2020-16012: Side-channel information leakage in graphics. \n  - CVE-2020-16036: Inappropriate implementation in cookies. \n","id":"openSUSE-SU-2020:2032-1","modified":"2020-11-26T13:49:16Z","published":"2020-11-26T13:49:16Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JIZKUW3YM4QYNE4MWWJG47ZVOOWCF43S/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178923"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8075"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16012"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16014"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16015"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16018"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16019"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16020"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16021"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16022"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16023"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16024"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16025"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16026"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16027"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16028"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16029"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16030"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16031"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16032"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16034"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16035"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16036"}],"related":["CVE-2019-8075","CVE-2020-16012","CVE-2020-16014","CVE-2020-16015","CVE-2020-16018","CVE-2020-16019","CVE-2020-16020","CVE-2020-16021","CVE-2020-16022","CVE-2020-16023","CVE-2020-16024","CVE-2020-16025","CVE-2020-16026","CVE-2020-16027","CVE-2020-16028","CVE-2020-16029","CVE-2020-16030","CVE-2020-16031","CVE-2020-16032","CVE-2020-16033","CVE-2020-16034","CVE-2020-16035","CVE-2020-16036"],"summary":"Security update for chromium","upstream":["CVE-2019-8075","CVE-2020-16012","CVE-2020-16014","CVE-2020-16015","CVE-2020-16018","CVE-2020-16019","CVE-2020-16020","CVE-2020-16021","CVE-2020-16022","CVE-2020-16023","CVE-2020-16024","CVE-2020-16025","CVE-2020-16026","CVE-2020-16027","CVE-2020-16028","CVE-2020-16029","CVE-2020-16030","CVE-2020-16031","CVE-2020-16032","CVE-2020-16033","CVE-2020-16034","CVE-2020-16035","CVE-2020-16036"]}