Python, Fontforge, Chromedriver, Go Prometheus, Chromium updates for SUSE

SUSE 5548 Published by

A set of recent openSUSE security announcements has been issued for both Tumbleweed and Backports SLE‑15 SP6/7, covering updates to Python 3.15, FontForge, Chromium/chromedriver, Prometheus, and related packages. The moderate‑rated releases patch multiple CVEs—CVE‑2025‑11468, CVE‑2025‑0672 in python315; CVE‑2025‑15269/75/79 in FontForge; CVE‑2026‑1504 in Chromium/chromedriver; and CVE‑2025‑13465 in Prometheus. The Backports SLE‑15 releases are marked important, providing the same Chromium update (CVE‑2026‑1504) for both SP6 and SP7 with platform‑specific packages.

openSUSE-SU-2026:10126-1: moderate: python315-3.15.0~a3-3.1 on GA media
openSUSE-SU-2026:10122-1: moderate: fontforge-20251009-4.1 on GA media
openSUSE-SU-2026:10121-1: moderate: chromedriver-144.0.7559.109-1.1 on GA media
openSUSE-SU-2026:10124-1: moderate: golang-github-prometheus-prometheus-3.9.1-2.1 on GA media
openSUSE-SU-2026:0034-1: important: Security update for chromium
openSUSE-SU-2026:0035-1: important: Security update for chromium




openSUSE-SU-2026:10126-1: moderate: python315-3.15.0~a3-3.1 on GA media


# python315-3.15.0~a3-3.1 on GA media

Announcement ID: openSUSE-SU-2026:10126-1
Rating: moderate

Cross-References:

* CVE-2025-11468
* CVE-2026-0672

CVSS scores:

* CVE-2025-11468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-11468 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-0672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-0672 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python315-3.15.0~a3-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python315 3.15.0~a3-3.1
* python315-curses 3.15.0~a3-3.1
* python315-dbm 3.15.0~a3-3.1
* python315-idle 3.15.0~a3-3.1
* python315-profiling 3.15.0~a3-3.1
* python315-tk 3.15.0~a3-3.1
* python315-x86-64-v3 3.15.0~a3-3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11468.html
* https://www.suse.com/security/cve/CVE-2026-0672.html



openSUSE-SU-2026:10122-1: moderate: fontforge-20251009-4.1 on GA media


# fontforge-20251009-4.1 on GA media

Announcement ID: openSUSE-SU-2026:10122-1
Rating: moderate

Cross-References:

* CVE-2025-15269
* CVE-2025-15275
* CVE-2025-15279

CVSS scores:

* CVE-2025-15269 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-15275 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-15279 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the fontforge-20251009-4.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* fontforge 20251009-4.1
* fontforge-devel 20251009-4.1
* fontforge-doc 20251009-4.1

## References:

* https://www.suse.com/security/cve/CVE-2025-15269.html
* https://www.suse.com/security/cve/CVE-2025-15275.html
* https://www.suse.com/security/cve/CVE-2025-15279.html



openSUSE-SU-2026:10121-1: moderate: chromedriver-144.0.7559.109-1.1 on GA media


# chromedriver-144.0.7559.109-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10121-1
Rating: moderate

Cross-References:

* CVE-2026-1504

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the chromedriver-144.0.7559.109-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 144.0.7559.109-1.1
* chromium 144.0.7559.109-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1504.html



openSUSE-SU-2026:10124-1: moderate: golang-github-prometheus-prometheus-3.9.1-2.1 on GA media


# golang-github-prometheus-prometheus-3.9.1-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10124-1
Rating: moderate

Cross-References:

* CVE-2025-13465

CVSS scores:

* CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the golang-github-prometheus-prometheus-3.9.1-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* golang-github-prometheus-prometheus 3.9.1-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-13465.html



openSUSE-SU-2026:0034-1: important: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0034-1
Rating: important
References: #1257404
Cross-References: CVE-2026-1504
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

Chromium was updated to fix the following issues:

Chromium 144.0.7559.109 (boo#1257404)

* CVE-2026-1504: Inappropriate implementation in Background Fetch API

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-34=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-144.0.7559.109-bp156.2.221.1
chromium-144.0.7559.109-bp156.2.221.1

References:

https://www.suse.com/security/cve/CVE-2026-1504.html
https://bugzilla.suse.com/1257404



openSUSE-SU-2026:0035-1: important: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0035-1
Rating: important
References: #1257404
Cross-References: CVE-2026-1504
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

Chromium was updated to fix the following issues:

Chromium 144.0.7559.109 (boo#1257404)

* CVE-2026-1504: Inappropriate implementation in Background Fetch API

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-35=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-144.0.7559.109-bp157.2.106.1
chromium-144.0.7559.109-bp157.2.106.1

References:

https://www.suse.com/security/cve/CVE-2026-1504.html
https://bugzilla.suse.com/1257404


Kernel, Python, PHP, and more updates for RHEL

ModSecurity, Pyasn1, Python Tornado updates for Debian

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...