openSUSE Security Update: Security update for chromium
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2025:0084-1
Rating:             important
References:         #1238575 
Cross-References:   CVE-2025-1914 CVE-2025-1915 CVE-2025-1916
                    CVE-2025-1917 CVE-2025-1918 CVE-2025-1919
                    CVE-2025-1921 CVE-2025-1922 CVE-2025-1923
                   
Affected Products:
                    openSUSE Backports SLE-15-SP6
______________________________________________________________________________

   An update that fixes 9 vulnerabilities is now available.

Description:

   Chromium was updated to 134.0.6998.35 (stable release 2025-03-04)
   (boo#1238575):

   * CVE-2025-1914: Out of bounds read in V8
   * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted
     Directory in DevTools
   * CVE-2025-1916: Use after free in Profiles
   * CVE-2025-1917: Inappropriate Implementation in Browser UI
   * CVE-2025-1918: Out of bounds read in PDFium
   * CVE-2025-1919: Out of bounds read in Media
   * CVE-2025-1921: Inappropriate Implementation in Media Stream
   * CVE-2025-1922: Inappropriate Implementation in Selection
   * CVE-2025-1923: Inappropriate Implementation in Permission Prompts

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP6:

      zypper in -t patch openSUSE-2025-84=1

Package List:

   - openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

      chromedriver-134.0.6998.35-bp156.2.90.1
      chromium-134.0.6998.35-bp156.2.90.1

References:

   https://www.suse.com/security/cve/CVE-2025-1914.html
   https://www.suse.com/security/cve/CVE-2025-1915.html
   https://www.suse.com/security/cve/CVE-2025-1916.html
   https://www.suse.com/security/cve/CVE-2025-1917.html
   https://www.suse.com/security/cve/CVE-2025-1918.html
   https://www.suse.com/security/cve/CVE-2025-1919.html
   https://www.suse.com/security/cve/CVE-2025-1921.html
   https://www.suse.com/security/cve/CVE-2025-1922.html
   https://www.suse.com/security/cve/CVE-2025-1923.html
   https://bugzilla.suse.com/1238575