Security update for libqt5-qtwebengine SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:0973-1 Final 1 1 2021-07-05T20:13:32Z current 2021-07-05T20:13:32Z 2021-07-05T20:13:32Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libqt5-qtwebengine This update for libqt5-qtwebengine fixes the following issues: Update to version 5.15.3 CVE fixes backported in chromium updates: - CVE-2020-16044: Use after free in WebRTC - CVE-2021-21118: Heap buffer overflow in Blink - CVE-2021-21119: Use after free in Media - CVE-2021-21120: Use after free in WebSQL - CVE-2021-21121: Use after free in Omnibox - CVE-2021-21122: Use after free in Blink - CVE-2021-21123: Insufficient data validation in File System API - CVE-2021-21125: Insufficient policy enforcement in File System API - CVE-2021-21126: Insufficient policy enforcement in extensions - CVE-2021-21127: Insufficient policy enforcement in extensions - CVE-2021-21128: Heap buffer overflow in Blink - CVE-2021-21129: Insufficient policy enforcement in File System API - CVE-2021-21130: Insufficient policy enforcement in File System API - CVE-2021-21131: Insufficient policy enforcement in File System API - CVE-2021-21132: Inappropriate implementation in DevTools - CVE-2021-21135: Inappropriate implementation in Performance API - CVE-2021-21137: Inappropriate implementation in DevTools - CVE-2021-21140: Uninitialized Use in USB - CVE-2021-21141: Insufficient policy enforcement in File System API - CVE-2021-21145: Use after free in Fonts - CVE-2021-21146: Use after free in Navigation - CVE-2021-21147: Inappropriate implementation in Skia - CVE-2021-21148: Heap buffer overflow in V8 - CVE-2021-21149: Stack overflow in Data Transfer - CVE-2021-21150: Use after free in Downloads - CVE-2021-21152: Heap buffer overflow in Media - CVE-2021-21153: Stack overflow in GPU Process - CVE-2021-21156: Heap buffer overflow in V8 - CVE-2021-21157: Use after free in Web Sockets The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-973 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ E-Mail link for openSUSE-SU-2021:0973-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1130395 SUSE Bug 1130395 https://bugzilla.suse.com/1158516 SUSE Bug 1158516 https://bugzilla.suse.com/1163744 SUSE Bug 1163744 https://bugzilla.suse.com/1163766 SUSE Bug 1163766 https://bugzilla.suse.com/1182233 SUSE Bug 1182233 https://www.suse.com/security/cve/CVE-2020-16044/ SUSE CVE CVE-2020-16044 page https://www.suse.com/security/cve/CVE-2021-21118/ SUSE CVE CVE-2021-21118 page https://www.suse.com/security/cve/CVE-2021-21119/ SUSE CVE CVE-2021-21119 page https://www.suse.com/security/cve/CVE-2021-21120/ SUSE CVE CVE-2021-21120 page https://www.suse.com/security/cve/CVE-2021-21121/ SUSE CVE CVE-2021-21121 page https://www.suse.com/security/cve/CVE-2021-21122/ SUSE CVE CVE-2021-21122 page https://www.suse.com/security/cve/CVE-2021-21123/ SUSE CVE CVE-2021-21123 page https://www.suse.com/security/cve/CVE-2021-21125/ SUSE CVE CVE-2021-21125 page https://www.suse.com/security/cve/CVE-2021-21126/ SUSE CVE CVE-2021-21126 page https://www.suse.com/security/cve/CVE-2021-21127/ SUSE CVE CVE-2021-21127 page https://www.suse.com/security/cve/CVE-2021-21128/ SUSE CVE CVE-2021-21128 page https://www.suse.com/security/cve/CVE-2021-21129/ SUSE CVE CVE-2021-21129 page https://www.suse.com/security/cve/CVE-2021-21130/ SUSE CVE CVE-2021-21130 page https://www.suse.com/security/cve/CVE-2021-21131/ SUSE CVE CVE-2021-21131 page https://www.suse.com/security/cve/CVE-2021-21132/ SUSE CVE CVE-2021-21132 page https://www.suse.com/security/cve/CVE-2021-21135/ SUSE CVE CVE-2021-21135 page https://www.suse.com/security/cve/CVE-2021-21137/ SUSE CVE CVE-2021-21137 page https://www.suse.com/security/cve/CVE-2021-21140/ SUSE CVE CVE-2021-21140 page https://www.suse.com/security/cve/CVE-2021-21141/ SUSE CVE CVE-2021-21141 page https://www.suse.com/security/cve/CVE-2021-21145/ SUSE CVE CVE-2021-21145 page https://www.suse.com/security/cve/CVE-2021-21146/ SUSE CVE CVE-2021-21146 page https://www.suse.com/security/cve/CVE-2021-21147/ SUSE CVE CVE-2021-21147 page https://www.suse.com/security/cve/CVE-2021-21148/ SUSE CVE CVE-2021-21148 page https://www.suse.com/security/cve/CVE-2021-21149/ SUSE CVE CVE-2021-21149 page https://www.suse.com/security/cve/CVE-2021-21150/ SUSE CVE CVE-2021-21150 page https://www.suse.com/security/cve/CVE-2021-21152/ SUSE CVE CVE-2021-21152 page https://www.suse.com/security/cve/CVE-2021-21153/ SUSE CVE CVE-2021-21153 page https://www.suse.com/security/cve/CVE-2021-21156/ SUSE CVE CVE-2021-21156 page https://www.suse.com/security/cve/CVE-2021-21157/ SUSE CVE CVE-2021-21157 page openSUSE Leap 15.2 libQt5Pdf5-5.15.3-lp152.3.3.4 libQt5PdfWidgets5-5.15.3-lp152.3.3.4 libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 libqt5-qtwebengine-5.15.3-lp152.3.3.4 libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 libQt5Pdf5-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libQt5PdfWidgets5-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtwebengine-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 as a component of openSUSE Leap 15.2 Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. CVE-2020-16044 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2020-16044.html CVE-2020-16044 https://bugzilla.suse.com/1180623 SUSE Bug 1180623 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-21118 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21118.html CVE-2021-21118 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21119 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21119.html CVE-2021-21119 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21120 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21120.html CVE-2021-21120 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21121 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21121.html CVE-2021-21121 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21122 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21122.html CVE-2021-21122 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21123 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21123.html CVE-2021-21123 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21125 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21125.html CVE-2021-21125 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. CVE-2021-21126 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21126.html CVE-2021-21126 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension. CVE-2021-21127 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21127.html CVE-2021-21127 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21128 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21128.html CVE-2021-21128 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21129 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21129.html CVE-2021-21129 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21130 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21130.html CVE-2021-21130 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21131 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21131.html CVE-2021-21131 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2021-21132 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21132.html CVE-2021-21132 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21135 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21135.html CVE-2021-21135 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2021-21137 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21137.html CVE-2021-21137 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. CVE-2021-21140 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21140.html CVE-2021-21140 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. CVE-2021-21141 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21141.html CVE-2021-21141 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21145 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21145.html CVE-2021-21145 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21146 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21146.html CVE-2021-21146 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21147 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21147.html CVE-2021-21147 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21148 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21148.html CVE-2021-21148 https://bugzilla.suse.com/1181827 SUSE Bug 1181827 Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2021-21149 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21149.html CVE-2021-21149 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21150 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21150.html CVE-2021-21150 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21152 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21152.html CVE-2021-21152 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-21153 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21153.html CVE-2021-21153 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script. CVE-2021-21156 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21156.html CVE-2021-21156 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21157 openSUSE Leap 15.2:libQt5Pdf5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libQt5PdfWidgets5-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-imports-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtpdf-private-headers-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-devel-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-examples-5.15.3-lp152.3.3.4 openSUSE Leap 15.2:libqt5-qtwebengine-private-headers-devel-5.15.3-lp152.3.3.4 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/ https://www.suse.com/security/cve/CVE-2021-21157.html CVE-2021-21157 https://bugzilla.suse.com/1182358 SUSE Bug 1182358