OPENSUSE-SU-2026:20248-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 19 Feb 2026, 02:43
Last modified:23 Mar 2026, 04:54

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Feb 2026, 02:43
Published
Vulnerability first disclosed
23 Mar 2026, 04:54
Last Modified
Vulnerability information updated

Description

Security update for chromium This update for chromium fixes the following issues: Changes in chromium: - more fixes for desktop file, some variables were lowercased, further adaptions in INSTALL script (boo#1258199) - also copy rollup into third_party/node/node_modules - stay on llvm-10 for swiftshader but bring a similar patch - drop use of rollup binaries and use rollup-3.x which does not use prebuilt binaries (that fail at least on older ppc64le) follow the approach of the debian packaging - update/resync ppc64le patches from fedora - fix INSTALL.sh again to replace the tags in desktop file, appdata and manpage (boo#1258199) - Chromium 145.0.7632.75: * CVE-2026-2441: Use after free in CSS (boo#1258185) - Chromium 145.0.7632.67: * Revert a change in url_fixer that may have caused crashes - Chromium 145.0.7632.45 (boo#1258116) * jpeg-xl support has been readded * CVE-2026-2313: Use after free in CSS * CVE-2026-2314: Heap buffer overflow in Codecs * CVE-2026-2315: Inappropriate implementation in WebGPU * CVE-2026-2316: Insufficient policy enforcement in Frames * CVE-2026-2317: Inappropriate implementation in Animation * CVE-2026-2318: Inappropriate implementation in PictureInPicture * CVE-2026-2319: Race in DevTools * CVE-2026-2320: Inappropriate implementation in File input * CVE-2026-2321: Use after free in Ozone * CVE-2026-2322: Inappropriate implementation in File input * CVE-2026-2323: Inappropriate implementation in Downloads

Affected Systems

  • opensusechromium&distro=openSUSE Leap 16.0

    < 145.0.7632.75-bp160.1.1

References (15)