{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"145.0.7632.75-bp160.1.1","chromium":"145.0.7632.75-bp160.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"145.0.7632.75-bp160.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChanges in chromium:\n\n- more fixes for desktop file, some variables were lowercased,\n  further adaptions in INSTALL script (boo#1258199)\n\n- also copy rollup into third_party/node/node_modules\n- stay on llvm-10 for swiftshader but bring a similar patch\n\n- drop use of rollup binaries and use rollup-3.x which does not\n  use prebuilt binaries (that fail at least on older ppc64le)\n  follow the approach of the debian packaging\n\n- update/resync ppc64le patches from fedora\n\n- fix INSTALL.sh again to replace the tags in desktop file,\n  appdata and manpage (boo#1258199) \n\n- Chromium 145.0.7632.75:\n  * CVE-2026-2441: Use after free in CSS (boo#1258185)\n\n- Chromium 145.0.7632.67:\n  * Revert a change in url_fixer that may have caused crashes\n\n- Chromium 145.0.7632.45 (boo#1258116)\n  * jpeg-xl support has been readded\n  * CVE-2026-2313: Use after free in CSS\n  * CVE-2026-2314: Heap buffer overflow in Codecs\n  * CVE-2026-2315: Inappropriate implementation in WebGPU\n  * CVE-2026-2316: Insufficient policy enforcement in Frames\n  * CVE-2026-2317: Inappropriate implementation in Animation\n  * CVE-2026-2318: Inappropriate implementation in PictureInPicture\n  * CVE-2026-2319: Race in DevTools\n  * CVE-2026-2320: Inappropriate implementation in File input\n  * CVE-2026-2321: Use after free in Ozone\n  * CVE-2026-2322: Inappropriate implementation in File input\n  * CVE-2026-2323: Inappropriate implementation in Downloads\n","id":"openSUSE-SU-2026:20248-1","modified":"2026-02-19T02:43:57Z","published":"2026-02-19T02:43:57Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1258116"},{"type":"REPORT","url":"https://bugzilla.suse.com/1258185"},{"type":"REPORT","url":"https://bugzilla.suse.com/1258199"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2313"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2314"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2315"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2316"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2317"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2318"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2319"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2320"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2321"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2322"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2323"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2441"}],"related":["CVE-2026-2313","CVE-2026-2314","CVE-2026-2315","CVE-2026-2316","CVE-2026-2317","CVE-2026-2318","CVE-2026-2319","CVE-2026-2320","CVE-2026-2321","CVE-2026-2322","CVE-2026-2323","CVE-2026-2441"],"summary":"Security update for chromium","upstream":["CVE-2026-2313","CVE-2026-2314","CVE-2026-2315","CVE-2026-2316","CVE-2026-2317","CVE-2026-2318","CVE-2026-2319","CVE-2026-2320","CVE-2026-2321","CVE-2026-2322","CVE-2026-2323","CVE-2026-2441"]}