{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"94.0.4606.71-bp153.2.31.1","chromium":"94.0.4606.71-bp153.2.31.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP3","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"94.0.4606.71-bp153.2.31.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"94.0.4606.71-bp153.2.31.1","chromium":"94.0.4606.71-bp153.2.31.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"94.0.4606.71-bp153.2.31.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChromium 94.0.4606.54 (boo#1190765):\n\n* CVE-2021-37956: Use after free in Offline use\n* CVE-2021-37957: Use after free in WebGPU\n* CVE-2021-37958: Inappropriate implementation in Navigation\n* CVE-2021-37959: Use after free in Task Manager\n* CVE-2021-37960: Inappropriate implementation in Blink graphics\n* CVE-2021-37961: Use after free in Tab Strip\n* CVE-2021-37962: Use after free in Performance Manager\n* CVE-2021-37963: Side-channel information leakage in DevTools\n* CVE-2021-37964: Inappropriate implementation in ChromeOS Networking\n* CVE-2021-37965: Inappropriate implementation in Background Fetch API\n* CVE-2021-37966: Inappropriate implementation in Compositing\n* CVE-2021-37967: Inappropriate implementation in Background Fetch API\n* CVE-2021-37968: Inappropriate implementation in Background Fetch API\n* CVE-2021-37969: Inappropriate implementation in Google Updater\n* CVE-2021-37970: Use after free in File System API\n* CVE-2021-37971: Incorrect security UI in Web Browser UI\n* CVE-2021-37972: Out of bounds read in libjpeg-turbo\n\nChromium 94.0.4606.61 (boo#1191166):\n\n* CVE-2021-37973: Use after free in Portals\n\nChromium 94.0.4606.71 (boo#1191204):\n\n* CVE-2021-37974 : Use after free in Safe Browsing\n* CVE-2021-37975 : Use after free in V8\n* CVE-2021-37976 : Information leak in core\n","id":"openSUSE-SU-2021:1339-1","modified":"2021-10-11T09:15:00Z","published":"2021-10-11T09:15:00Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GDJ2M5H37726GXT3YZBJRSXV3JYGN7CL/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190765"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191166"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37956"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37957"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37958"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37959"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37960"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37961"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37963"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37965"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37966"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37967"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37968"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37969"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37970"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37971"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37972"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37973"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37974"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37975"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-37976"}],"related":["CVE-2021-37956","CVE-2021-37957","CVE-2021-37958","CVE-2021-37959","CVE-2021-37960","CVE-2021-37961","CVE-2021-37962","CVE-2021-37963","CVE-2021-37964","CVE-2021-37965","CVE-2021-37966","CVE-2021-37967","CVE-2021-37968","CVE-2021-37969","CVE-2021-37970","CVE-2021-37971","CVE-2021-37972","CVE-2021-37973","CVE-2021-37974","CVE-2021-37975","CVE-2021-37976"],"summary":"Security update for chromium","upstream":["CVE-2021-37956","CVE-2021-37957","CVE-2021-37958","CVE-2021-37959","CVE-2021-37960","CVE-2021-37961","CVE-2021-37962","CVE-2021-37963","CVE-2021-37964","CVE-2021-37965","CVE-2021-37966","CVE-2021-37967","CVE-2021-37968","CVE-2021-37969","CVE-2021-37970","CVE-2021-37971","CVE-2021-37972","CVE-2021-37973","CVE-2021-37974","CVE-2021-37975","CVE-2021-37976"]}