Bugzilla – Bug 1184700
VUL-0: CVE-2021-21206,CVE-2021-21220: chromium: Update to 89.0.4389.128
Last modified: 2021-04-19 13:37:52 UTC
CVE-2021-21206: Use after free in Blink CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64.(ZDI-CAN-13569) Google is aware of reports that exploits for CVE-2021-21206 and CVE-2021-21220 exist in the wild. Reference https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html
https://build.opensuse.org/request/show/885465 https://build.opensuse.org/request/show/885466
This is an autogenerated message for OBS integration: This bug (1184700) was mentioned in https://build.opensuse.org/request/show/885571 Backports:SLE-15-SP3 / chromium
openSUSE-SU-2021:0567-1: An update that fixes two vulnerabilities is now available. Category: security (critical) Bug References: 1184700 CVE References: CVE-2021-21206,CVE-2021-21220 JIRA References: Sources used: openSUSE Leap 15.2 (src): chromium-89.0.4389.128-lp152.2.86.1
openSUSE-SU-2021:0575-1: An update that fixes two vulnerabilities is now available. Category: security (critical) Bug References: 1184700 CVE References: CVE-2021-21206,CVE-2021-21220 JIRA References: Sources used: openSUSE Backports SLE-15-SP2 (src): chromium-89.0.4389.128-bp152.2.71.1
done