openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0175-1 Rating: important References: #1243741 Cross-References: CVE-2025-5063 CVE-2025-5064 CVE-2025-5065 CVE-2025-5066 CVE-2025-5067 CVE-2025-5280 CVE-2025-5281 CVE-2025-5283 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Update to version 137.0.7151.55 (stable release 2025-05-27) (boo#1243741) - CVE-2025-5063: Use after free in Compositing - CVE-2025-5280: Out of bounds write in V8 - CVE-2025-5064: Inappropriate implementation in Background Fetch API - CVE-2025-5065: Inappropriate implementation in FileSystemAccess API - CVE-2025-5066: Inappropriate implementation in Messages - CVE-2025-5281: Inappropriate implementation in BFCache - CVE-2025-5283: Use after free in libvpx - CVE-2025-5067: Inappropriate implementation in Tab Strip Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-175=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 x86_64): chromedriver-137.0.7151.55-bp157.2.3.2 chromium-137.0.7151.55-bp157.2.3.2 References: https://www.suse.com/security/cve/CVE-2025-5063.html https://www.suse.com/security/cve/CVE-2025-5064.html https://www.suse.com/security/cve/CVE-2025-5065.html https://www.suse.com/security/cve/CVE-2025-5066.html https://www.suse.com/security/cve/CVE-2025-5067.html https://www.suse.com/security/cve/CVE-2025-5280.html https://www.suse.com/security/cve/CVE-2025-5281.html https://www.suse.com/security/cve/CVE-2025-5283.html https://bugzilla.suse.com/1243741