{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"59.0.3071.86-20.1","chromium":"59.0.3071.86-20.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12 SP2","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"59.0.3071.86-20.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update to Chromium 59.0.3071.86 fixes the following security issues:\n\n- CVE-2017-5070: Type confusion in V8\n- CVE-2017-5071: Out of bounds read in V8\n- CVE-2017-5072: Address spoofing in Omnibox\n- CVE-2017-5073: Use after free in print preview\n- CVE-2017-5074: Use after free in Apps Bluetooth\n- CVE-2017-5075: Information leak in CSP reporting\n- CVE-2017-5086: Address spoofing in Omnibox\n- CVE-2017-5076: Address spoofing in Omnibox\n- CVE-2017-5077: Heap buffer overflow in Skia\n- CVE-2017-5078: Possible command injection in mailto handling\n- CVE-2017-5079: UI spoofing in Blink\n- CVE-2017-5080: Use after free in credit card autofill\n- CVE-2017-5081: Extension verification bypass\n- CVE-2017-5082: Insufficient hardening in credit card editor\n- CVE-2017-5083: UI spoofing in Blink\n- CVE-2017-5085: Inappropriate javascript execution on WebUI pages\n","id":"openSUSE-SU-2017:1501-1","modified":"2017-06-07T16:57:03Z","published":"2017-06-07T16:57:03Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TLUTJG74MKQQNV4B46JHCB7CCFA5AHGM/#TLUTJG74MKQQNV4B46JHCB7CCFA5AHGM"},{"type":"REPORT","url":"https://bugzilla.suse.com/1042833"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5070"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5071"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5072"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5073"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5074"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5075"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5076"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5077"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5078"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5079"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5080"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5081"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5082"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5083"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5085"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5086"}],"related":["CVE-2017-5070","CVE-2017-5071","CVE-2017-5072","CVE-2017-5073","CVE-2017-5074","CVE-2017-5075","CVE-2017-5076","CVE-2017-5077","CVE-2017-5078","CVE-2017-5079","CVE-2017-5080","CVE-2017-5081","CVE-2017-5082","CVE-2017-5083","CVE-2017-5085","CVE-2017-5086"],"summary":"Security update for chromium","upstream":["CVE-2017-5070","CVE-2017-5071","CVE-2017-5072","CVE-2017-5073","CVE-2017-5074","CVE-2017-5075","CVE-2017-5076","CVE-2017-5077","CVE-2017-5078","CVE-2017-5079","CVE-2017-5080","CVE-2017-5081","CVE-2017-5082","CVE-2017-5083","CVE-2017-5085","CVE-2017-5086"]}