{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"87.0.4280.141-lp151.2.165.1","chromium":"87.0.4280.141-lp151.2.165.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"87.0.4280.141-lp151.2.165.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Update to 87.0.4280.141 (boo#1180645)\n  - CVE-2021-21106: Use after free in autofill\n  - CVE-2021-21107: Use after free in drag and drop\n  - CVE-2021-21108: Use after free in media\n  - CVE-2021-21109: Use after free in payments\n  - CVE-2021-21110: Use after free in safe browsing\n  - CVE-2021-21111: Insufficient policy enforcement in WebUI\n  - CVE-2021-21112: Use after free in Blink\n  - CVE-2021-21113: Heap buffer overflow in Skia\n  - CVE-2020-16043: Insufficient data validation in networking\n  - CVE-2021-21114: Use after free in audio\n  - CVE-2020-15995: Out of bounds write in V8\n  - CVE-2021-21115: Use after free in safe browsing\n  - CVE-2021-21116: Heap buffer overflow in audio \n\n- Use main URLs instead of redirects in master preferences\n","id":"openSUSE-SU-2021:0041-1","modified":"2021-01-10T08:53:35Z","published":"2021-01-10T08:53:35Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GR5AM5XB3SLX6EFTV6X7ST2RBPHRH4HY/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180645"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15995"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16043"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21106"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21107"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21108"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21109"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21110"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21111"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21112"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21113"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21114"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21115"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21116"}],"related":["CVE-2020-15995","CVE-2020-16043","CVE-2021-21106","CVE-2021-21107","CVE-2021-21108","CVE-2021-21109","CVE-2021-21110","CVE-2021-21111","CVE-2021-21112","CVE-2021-21113","CVE-2021-21114","CVE-2021-21115","CVE-2021-21116"],"summary":"Security update for chromium","upstream":["CVE-2020-15995","CVE-2020-16043","CVE-2021-21106","CVE-2021-21107","CVE-2021-21108","CVE-2021-21109","CVE-2021-21110","CVE-2021-21111","CVE-2021-21112","CVE-2021-21113","CVE-2021-21114","CVE-2021-21115","CVE-2021-21116"]}