OpenSUSE has released an important security update for SUSE Linux Enterprise 15 SP6 that addresses two critical vulnerabilities found in Chromium version 135.0.7049.95. The update is identified as openSUSE-SU-2025:0133-1 and targets a heap buffer overflow in Codecs (CVE-2025-3619) and a use-after-free issue in USB (CVE-2025-3620).
To apply this update, users are encouraged to utilize recommended installation methods such as the YaST online_update or the command-line tool "zypper patch." Specifically, for openSUSE Backports SLE-15-SP6, the following command can be executed:
The update package includes both `chromedriver` and `chromium`, ensuring that users have the latest fixes for the identified vulnerabilities.
For further details, users can refer to the security references provided, including links to the specific CVEs and the associated bug report on SUSE's Bugzilla.
In addition to addressing these vulnerabilities, it is advisable for users to regularly check for updates and patches for their software, as security threats can evolve rapidly. Keeping systems updated not only protects against known vulnerabilities but also enhances overall system stability and performance. Users should also consider implementing additional security measures, such as using firewalls and intrusion detection systems, to further safeguard their systems from potential threats
To apply this update, users are encouraged to utilize recommended installation methods such as the YaST online_update or the command-line tool "zypper patch." Specifically, for openSUSE Backports SLE-15-SP6, the following command can be executed:
bashzypper in -t patch openSUSE-2025-133=1
The update package includes both `chromedriver` and `chromium`, ensuring that users have the latest fixes for the identified vulnerabilities.
For further details, users can refer to the security references provided, including links to the specific CVEs and the associated bug report on SUSE's Bugzilla.
In addition to addressing these vulnerabilities, it is advisable for users to regularly check for updates and patches for their software, as security threats can evolve rapidly. Keeping systems updated not only protects against known vulnerabilities but also enhances overall system stability and performance. Users should also consider implementing additional security measures, such as using firewalls and intrusion detection systems, to further safeguard their systems from potential threats
Chromium update for SLE 15 SP6
OpenSUSE has issued an update for SUSE Linux Enterprise 15 SP6 addressing two vulnerabilities in Chromium version 135.0.7049.95, which include a heap buffer overflow in Codecs and a use-after-free issue in USB:
openSUSE-SU-2025:0133-1: important: Security update for chromium
