SUSE Package Hub - openSUSE-2025-145

Update Info

openSUSE-2025-145

Security update for chromium

Type: security

Severity: important

Issued: 2025-05-06

Description:

This update for chromium fixes the following issues:

- Chromium 136.0.7103.48
  (stable release 2025-04-29) (boo#1242153)
  * CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11
  * CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09
  * CVE-2025-4051: Insufficient data validation in DevTools. Reported by Daniel Fröjdendahl on 2025-03-1
  * CVE-2025-4052: Inappropriate implementation in DevTools. Reported by vanillawebdev on 2025-03-10
- bump esbuild from 0.24.0 to 0.25.1
  * Fix incorrect paths in inline source maps (#4070, #4075, #4105)
  * Fix invalid generated source maps (#4080, #4082, #4104, #4107)
  * Fix a regression with non-file source map paths (#4078)
  * Update Go from 1.23.5 to 1.23.7 (#4076, #4077)

- Chromium 135.0.7049.114
  (stable release 2025-04-22)
  * stability fixes

References

CVE: CVE-2025-4096
CVE: CVE-2025-4052
CVE: CVE-2025-4051
CVE: CVE-2025-4050
Bugzilla: 1242153 VUL-0: chromium: 136.0.7103.59 release

Packages

chromium-136.0.7103.59-bp156.2.113.2