Bugzilla – Bug 1183515
VUL-0: chromium: Update to 89.0.4389.90
Last modified: 2021-03-19 14:18:39 UTC
[$500][1167357] High CVE-2021-21191: Use after free in WebRTC. Reported by raven (@raid_akame) on 2021-01-15 [$TBD][1181387] High CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-23 [$TBD][1186287] High CVE-2021-21193: Use after free in Blink. Reported by Anonymous on 2021-03-09 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. Google is aware of reports that an exploit for CVE-2021-21193 exists in the wild.
This is an autogenerated message for OBS integration: This bug (1183515) was mentioned in https://build.opensuse.org/request/show/879173 Factory / chromium https://build.opensuse.org/request/show/879174 Backports:SLE-15-SP3 / chromium https://build.opensuse.org/request/show/879175 15.2 / chromium
openSUSE-SU-2021:0436-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1183515 CVE References: CVE-2021-21191,CVE-2021-21192,CVE-2021-21193 JIRA References: Sources used: openSUSE Leap 15.2 (src): chromium-89.0.4389.90-lp152.2.80.1
Done
openSUSE-SU-2021:0446-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1183515 CVE References: CVE-2021-21191,CVE-2021-21192,CVE-2021-21193 JIRA References: Sources used: openSUSE Backports SLE-15-SP2 (src): chromium-89.0.4389.90-bp152.2.65.1