Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:0034-1 Final 1 1 2025-01-27T07:28:18Z current 2025-01-27T07:28:18Z 2025-01-27T07:28:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for chromium fixes the following issues: - Chromium 132.0.6834.110 (boo#1236306) * CVE-2025-0611: Object corruption in V8 * CVE-2025-0612: Out of bounds memory access in V8 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2025-34 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YIFQVN4TRWTN3PTWT3IMWFQQI7NCFU5D/ E-Mail link for openSUSE-SU-2025:0034-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1236306 SUSE Bug 1236306 https://www.suse.com/security/cve/CVE-2025-0611/ SUSE CVE CVE-2025-0611 page https://www.suse.com/security/cve/CVE-2025-0612/ SUSE CVE CVE-2025-0612 page SUSE Package Hub 15 SP6 openSUSE Leap 15.6 chromedriver-132.0.6834.110-bp156.2.72.1 chromium-132.0.6834.110-bp156.2.72.1 chromedriver-132.0.6834.110-bp156.2.72.1 as a component of SUSE Package Hub 15 SP6 chromium-132.0.6834.110-bp156.2.72.1 as a component of SUSE Package Hub 15 SP6 chromedriver-132.0.6834.110-bp156.2.72.1 as a component of openSUSE Leap 15.6 chromium-132.0.6834.110-bp156.2.72.1 as a component of openSUSE Leap 15.6 Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-0611 SUSE Package Hub 15 SP6:chromedriver-132.0.6834.110-bp156.2.72.1 SUSE Package Hub 15 SP6:chromium-132.0.6834.110-bp156.2.72.1 openSUSE Leap 15.6:chromedriver-132.0.6834.110-bp156.2.72.1 openSUSE Leap 15.6:chromium-132.0.6834.110-bp156.2.72.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YIFQVN4TRWTN3PTWT3IMWFQQI7NCFU5D/ https://www.suse.com/security/cve/CVE-2025-0611.html CVE-2025-0611 https://bugzilla.suse.com/1236306 SUSE Bug 1236306 Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-0612 SUSE Package Hub 15 SP6:chromedriver-132.0.6834.110-bp156.2.72.1 SUSE Package Hub 15 SP6:chromium-132.0.6834.110-bp156.2.72.1 openSUSE Leap 15.6:chromedriver-132.0.6834.110-bp156.2.72.1 openSUSE Leap 15.6:chromium-132.0.6834.110-bp156.2.72.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YIFQVN4TRWTN3PTWT3IMWFQQI7NCFU5D/ https://www.suse.com/security/cve/CVE-2025-0612.html CVE-2025-0612 https://bugzilla.suse.com/1236306 SUSE Bug 1236306