{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"132.0.6834.83-bp156.2.69.1","chromium":"132.0.6834.83-bp156.2.69.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"132.0.6834.83-bp156.2.69.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"132.0.6834.83-bp156.2.69.1","chromium":"132.0.6834.83-bp156.2.69.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"132.0.6834.83-bp156.2.69.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Chromium 132.0.6834.83\n  (stable released 2024-01-14) (boo#1235892)\n  * CVE-2025-0434: Out of bounds memory access in V8\n  * CVE-2025-0435: Inappropriate implementation in Navigation\n  * CVE-2025-0436: Integer overflow in Skia\n  * CVE-2025-0437: Out of bounds read in Metrics\n  * CVE-2025-0438: Stack buffer overflow in Tracing\n  * CVE-2025-0439: Race in Frames\n  * CVE-2025-0440: Inappropriate implementation in Fullscreen\n  * CVE-2025-0441: Inappropriate implementation in Fenced Frames\n  * CVE-2025-0442: Inappropriate implementation in Payments\n  * CVE-2025-0443: Insufficient data validation in Extensions\n  * CVE-2025-0446: Inappropriate implementation in Extensions\n  * CVE-2025-0447: Inappropriate implementation in Navigation\n  * CVE-2025-0448: Inappropriate implementation in Compositing\n- update esbuild to 0.24.0\n  - drop old tarball\n  - use upstream release tarball for 0.24.0\n  - add vendor tarball for golang.org/x/sys\n- add to keeplibs:\n  third_party/libtess2\n  third_party/devtools-frontend/src/node_modules/fast-glob\n","id":"openSUSE-SU-2025:0018-1","modified":"2025-01-20T09:59:01Z","published":"2025-01-20T09:59:01Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MFF3YLZEHLO6D6YWHQPJAEDFFFBY7ESE/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235892"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0434"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0435"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0436"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0437"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0438"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0439"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0440"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0441"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0442"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0443"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0446"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0447"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0448"}],"related":["CVE-2025-0434","CVE-2025-0435","CVE-2025-0436","CVE-2025-0437","CVE-2025-0438","CVE-2025-0439","CVE-2025-0440","CVE-2025-0441","CVE-2025-0442","CVE-2025-0443","CVE-2025-0446","CVE-2025-0447","CVE-2025-0448"],"summary":"Security update for chromium","upstream":["CVE-2025-0434","CVE-2025-0435","CVE-2025-0436","CVE-2025-0437","CVE-2025-0438","CVE-2025-0439","CVE-2025-0440","CVE-2025-0441","CVE-2025-0442","CVE-2025-0443","CVE-2025-0446","CVE-2025-0447","CVE-2025-0448"]}