this update for chromium 138.0.7204.96 (stable released 2025-06-30)
(boo#1245544) fixes the following issues:
* cve-2025-6554: type confusion in v8
* CVE-2025-6555: Use after free in Animation
* CVE-2025-6556: Insufficient policy enforcement in Loader
* CVE-2025-6557: Insufficient data validation in DevTools
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2025-232=1
- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):
gh-2.74.2-bp157.2.3.1
gh-debuginfo-2.74.2-bp157.2.3.1
gn-0.20250520-bp157.2.3.1
gn-debuginfo-0.20250520-bp157.2.3.1
gn-debugsource-0.20250520-bp157.2.3.1
- openSUSE Backports SLE-15-SP7 (aarch64 x86_64):
chromedriver-138.0.7204.96-bp157.2.19.1
chromedriver-debuginfo-138.0.7204.96-bp157.2.19.1
chromium-138.0.7204.96-bp157.2.19.1
chromium-debuginfo-138.0.7204.96-bp157.2.19.1
- openSUSE Backports SLE-15-SP7 (noarch):
gh-bash-completion-2.74.2-bp157.2.3.1
gh-fish-completion-2.74.2-bp157.2.3.1
gh-zsh-completion-2.74.2-bp157.2.3.1
https://www.suse.com/security/cve/CVE-2025-6554.html
https://www.suse.com/security/cve/CVE-2025-6555.html
https://www.suse.com/security/cve/CVE-2025-6556.html
https://www.suse.com/security/cve/CVE-2025-6557.html
https://bugzilla.suse.com/1245332
https://bugzilla.suse.com/1245544
Get the latest Linux and open source security news straight to your inbox.