products/PackageHub
SHA256
31
1
Fork 13
Code Issues Pull Requests 21 Actions Activity

Pull request for security update for chromium #200

Closed
msmeissn wants to merge 1 commits from msmeissn/PackageHub:maintenance-update-1761724628 into leap-16.0
pull from: msmeissn/PackageHub:maintenance-update-1761724628
merge into: products:leap-16.0
Conversation 6 Commits 1 Files Changed 2 +14 -1
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
chromium

Submodule chromium updated: 02e67c4e70...bd5a7bf744

13
patchinfo.20251029075709103584.187004354831441/_patchinfo Normal file
View File

@@ -0,0 +1,13 @@
<patchinfo>
<issue tracker="cve" id="2025-54874">VUL-0: CVE-2025-54874: TRACKERBUG: openjpeg: missing error check can lead to the use of an uninitialized pointer and cause an out-of-bounds heap</issue>
AndreasStieger commented 2025-10-29 09:40:17 +01:00
Review
Copy Link

This CVE is from a removed patch, not a newly fixed CVE.

In fact there does not seem to be any security advisory (yet) on the announcement.

This CVE is from a removed patch, not a newly fixed CVE. In fact there does not seem to be any security advisory (yet) on the [announcement](https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html).
rfrohl commented 2025-10-29 13:45:33 +01:00
Review
Copy Link

updated in #201

Marcus is sick and I am officially on FTO, so closing 200 may take a bit

updated in https://src.opensuse.org/products/PackageHub/pulls/201 Marcus is sick and I am officially on FTO, so closing 200 may take a bit
<packager>AndreasStieger</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for chromium</summary>
<description>This update for chromium fixes the following issues:
Chromium 142.0.7444.59, the stable channel promotion of 142.
</description>
<package>chromium</package>
<seperate_build_arch/>
</patchinfo>