These are all security issues fixed in the grub2-2.06-31.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "grub2-i386-pc-debug": "2.06-31.1", "grub2-x86_64-efi": "2.06-31.1", "grub2-x86_64-efi-debug": "2.06-31.1", "grub2-systemd-sleep-plugin": "2.06-31.1", "grub2-snapper-plugin": "2.06-31.1", "grub2-branding-upstream": "2.06-31.1", "grub2-x86_64-xen": "2.06-31.1", "grub2-i386-pc": "2.06-31.1", "grub2": "2.06-31.1" } ] }