Описание
Security update for nodejs-electron
This update for nodejs-electron fixes the following issues:
- Fix webpack-4 with OpenSSL 3.0
Update to version 16.0.9
Update to version 16.0.8
-
Add devel package with node headers (e.g. for node-gyp)
-
Update to version 16.0.7
-
Update to version 15.3.3
-
Update to version 13.6.3 https://github.com/electron/electron/releases/tag/v13.6.3
-
Update to version 13.6.2 https://github.com/electron/electron/releases/tag/v13.6.2
-
Fix for CVE-2021-37998
-
Fix for CVE-2021-38001
-
Fix for CVE-2021-38002
-
Fix for CVE-2021-38003
-
Do not build with H264
-
Update to version 13.6.1 https://github.com/electron/electron/releases/tag/v13.6.1
-
Fix for CVE-2021-37981
-
Fix for CVE-2021-37984
-
Fix for CVE-2021-37987
-
Fix for CVE-2021-37989
-
Fix for CVE-2021-37992
-
Fix for CVE-2021-37996
-
Update to version 13.5.1 https://github.com/electron/electron/releases/tag/v13.5.1
-
Update to version 13.5.0 https://github.com/electron/electron/releases/tag/v13.5.0
-
Fix for CVE-2021-30627
-
Fix for CVE-2021-30631
-
Fix for CVE-2021-30632
-
Fix for CVE-2021-30625
-
Fix for CVE-2021-30626
-
Fix for CVE-2021-30628
-
Fix for CVE-2021-30630
-
Fix for CVE-2021-30633
-
Version 13.4.0
-
Update to version 13.1.8
-
Update to version 13.1.7
-
Update to version 13.1.6
-
Update to version 13.1.4
-
Build with vaapi support
-
Install missing vk_swiftshader_icd.json
-
Update to version 13.1.2
Список пакетов
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2022:0070-1
- SUSE Security Ratings
- SUSE CVE CVE-2021-30625 page
- SUSE CVE CVE-2021-30626 page
- SUSE CVE CVE-2021-30627 page
- SUSE CVE CVE-2021-30628 page
- SUSE CVE CVE-2021-30630 page
- SUSE CVE CVE-2021-30631 page
- SUSE CVE CVE-2021-30632 page
- SUSE CVE CVE-2021-30633 page
- SUSE CVE CVE-2021-37981 page
- SUSE CVE CVE-2021-37984 page
- SUSE CVE CVE-2021-37987 page
- SUSE CVE CVE-2021-37989 page
- SUSE CVE CVE-2021-37992 page
- SUSE CVE CVE-2021-37996 page
- SUSE CVE CVE-2021-37998 page
- SUSE CVE CVE-2021-38001 page
- SUSE CVE CVE-2021-38002 page
- SUSE CVE CVE-2021-38003 page
Описание
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30625
- SUSE Bug 1190476
Описание
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30626
- SUSE Bug 1190476
Описание
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30627
- SUSE Bug 1190476
Описание
Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30628
- SUSE Bug 1190476
Описание
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30630
- SUSE Bug 1190476
Описание
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Затронутые продукты
Ссылки
- CVE-2021-30631
- SUSE Bug 1190476
Описание
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30632
- SUSE Bug 1190476
Описание
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30633
- SUSE Bug 1190476
Описание
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37981
- SUSE Bug 1191844
Описание
Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37984
- SUSE Bug 1191844
Описание
Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37987
- SUSE Bug 1191844
Описание
Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37989
- SUSE Bug 1191844
Описание
Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37992
- SUSE Bug 1191844
Описание
Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.
Затронутые продукты
Ссылки
- CVE-2021-37996
- SUSE Bug 1191844
Описание
Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37998
- SUSE Bug 1192184
Описание
Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-38001
- SUSE Bug 1192184
Описание
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-38002
- SUSE Bug 1192184
Описание
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-38003
- SUSE Bug 1192184