Aggregator

FEDORA-2026-ca6321e5f1 Packages in this update:

• chromium-147.0.7727.101-1.fc44

Update description:

Update to 147.0.7727.101

• Critical CVE-2026-6296: Heap buffer overflow in ANGLE
• Critical CVE-2026-6297: Use after free in Proxy
• Critical CVE-2026-6298: Heap buffer overflow in Skia
• Critical CVE-2026-6299: Use after free in Prerender
• Critical CVE-2026-6358: Use after free in XR
• High CVE-2026-6359: Use after free in Video
• High CVE-2026-6300: Use after free in CSS
• High CVE-2026-6301: Type Confusion in Turbofan
• High CVE-2026-6302: Use after free in Video
• High CVE-2026-6303: Use after free in Codecs
• High CVE-2026-6304: Use after free in Graphite
• High CVE-2026-6305: Heap buffer overflow in PDFium
• High CVE-2026-6306: Heap buffer overflow in PDFium
• High CVE-2026-6307: Type Confusion in Turbofan
• High CVE-2026-6308: Out of bounds read in Media
• High CVE-2026-6309: Use after free in Viz
• High CVE-2026-6360: Use after free in FileSystem
• High CVE-2026-6310: Use after free in Dawn
• High CVE-2026-6311: Uninitialized Use in Accessibility
• High CVE-2026-6312: Insufficient policy enforcement in Passwords
• High CVE-2026-6313: Insufficient policy enforcement in CORS
• High CVE-2026-6314: Out of bounds write in GPU
• High CVE-2026-6315: Use after free in Permissions
• High CVE-2026-6316: Use after free in Forms
• High CVE-2026-6361: Heap buffer overflow in PDFium
• High CVE-2026-6362: Use after free in Codecs
• High CVE-2026-6317: Use after free in Cast
• Medium CVE-2026-6363: Type Confusion in V8
• Medium CVE-2026-6318: Use after free in Codecs
• Medium CVE-2026-6319: Use after free in Payments
• Medium CVE-2026-6364: Out of bounds read in Skia

FEDORA-2026-3675ac2066 Packages in this update:

• chromium-147.0.7727.101-1.fc42

Update description:

Update to 147.0.7727.101

• Critical CVE-2026-6296: Heap buffer overflow in ANGLE
• Critical CVE-2026-6297: Use after free in Proxy
• Critical CVE-2026-6298: Heap buffer overflow in Skia
• Critical CVE-2026-6299: Use after free in Prerender
• Critical CVE-2026-6358: Use after free in XR
• High CVE-2026-6359: Use after free in Video
• High CVE-2026-6300: Use after free in CSS
• High CVE-2026-6301: Type Confusion in Turbofan
• High CVE-2026-6302: Use after free in Video
• High CVE-2026-6303: Use after free in Codecs
• High CVE-2026-6304: Use after free in Graphite
• High CVE-2026-6305: Heap buffer overflow in PDFium
• High CVE-2026-6306: Heap buffer overflow in PDFium
• High CVE-2026-6307: Type Confusion in Turbofan
• High CVE-2026-6308: Out of bounds read in Media
• High CVE-2026-6309: Use after free in Viz
• High CVE-2026-6360: Use after free in FileSystem
• High CVE-2026-6310: Use after free in Dawn
• High CVE-2026-6311: Uninitialized Use in Accessibility
• High CVE-2026-6312: Insufficient policy enforcement in Passwords
• High CVE-2026-6313: Insufficient policy enforcement in CORS
• High CVE-2026-6314: Out of bounds write in GPU
• High CVE-2026-6315: Use after free in Permissions
• High CVE-2026-6316: Use after free in Forms
• High CVE-2026-6361: Heap buffer overflow in PDFium
• High CVE-2026-6362: Use after free in Codecs
• High CVE-2026-6317: Use after free in Cast
• Medium CVE-2026-6363: Type Confusion in V8
• Medium CVE-2026-6318: Use after free in Codecs
• Medium CVE-2026-6319: Use after free in Payments
• Medium CVE-2026-6364: Out of bounds read in Skia

Update to 147.0.7727.55

• Critical CVE-2026-5858: Heap buffer overflow in WebML
• Critical CVE-2026-5859: Integer overflow in WebML
• High CVE-2026-5860: Use after free in WebRTC
• High CVE-2026-5861: Use after free in V8
• High CVE-2026-5862: Inappropriate implementation in V8
• High CVE-2026-5863: Inappropriate implementation in V8
• High CVE-2026-5864: Heap buffer overflow in WebAudio
• High CVE-2026-5865: Type Confusion in V8
• High CVE-2026-5866: Use after free in Media
• High CVE-2026-5867: Heap buffer overflow in WebML
• High CVE-2026-5868: Heap buffer overflow in ANGLE
• High CVE-2026-5869: Heap buffer overflow in WebML
• High CVE-2026-5870: Integer overflow in Skia
• High CVE-2026-5871: Type Confusion in V8
• High CVE-2026-5872: Use after free in Blink
• High CVE-2026-5873: Out of bounds read and write in V8
• Medium CVE-2026-5874: Use after free in PrivateAI
• Medium CVE-2026-5875: Policy bypass in Blink
• Medium CVE-2026-5876: Side-channel information leakage in Navigation
• Medium CVE-2026-5877: Use after free in Navigation
• Medium CVE-2026-5878: Incorrect security UI in Blink
• Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE
• Medium CVE-2026-5880: Incorrect security UI in browser UI
• Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess
• Medium CVE-2026-5882: Incorrect security UI in Fullscreen
• Medium CVE-2026-5883: Use after free in Media
• Medium CVE-2026-5884: Insufficient validation of untrusted input in Media
• Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML
• Medium CVE-2026-5886: Out of bounds read in WebAudio
• Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads
• Medium CVE-2026-5888: Uninitialized Use in WebCodecs
• Medium CVE-2026-5889: Cryptographic Flaw in PDFium
• Medium CVE-2026-5890: Race in WebCodecs
• Medium CVE-2026-5891: Insufficient policy enforcement in browser UI
• Medium CVE-2026-5892: Insufficient policy enforcement in PWAs
• Medium CVE-2026-5893: Race in V8
• Low CVE-2026-5894: Inappropriate implementation in PDF
• Low CVE-2026-5895: Incorrect security UI in Omnibox
• Low CVE-2026-5896: Policy bypass in Audio
• Low CVE-2026-5897: Incorrect security UI in Downloads
• Low CVE-2026-5898: Incorrect security UI in Omnibox
• Low CVE-2026-5899: Incorrect security UI in History Navigation
• Low CVE-2026-5900: Policy bypass in Downloads
• Low CVE-2026-5901: Policy bypass in DevTools
• Low CVE-2026-5902: Race in Media
• Low CVE-2026-5903: Policy bypass in IFrameSandbox
• Low CVE-2026-5904: Use after free in V8
• Low CVE-2026-5905: Incorrect security UI in Permissions
• Low CVE-2026-5906: Incorrect security UI in Omnibox
• Low CVE-2026-5907: Insufficient data validation in Media
• Low CVE-2026-5908: Integer overflow in Media
• Low CVE-2026-5909: Integer overflow in Media
• Low CVE-2026-5910: Integer overflow in Media
• Low CVE-2026-5911: Policy bypass in ServiceWorkers
• Low CVE-2026-5912: Integer overflow in WebRTC
• Low CVE-2026-5913: Out of bounds read in Blink
• Low CVE-2026-5914: Type Confusion in CSS
• Low CVE-2026-5915: Insufficient validation of untrusted input in WebML
• Low CVE-2026-5918: Inappropriate implementation in Navigation
• Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets

Update to 146.0.7680.177

• High CVE-2026-5273: Use after free in CSS
• High CVE-2026-5272: Heap buffer overflow in GPU
• High CVE-2026-5274: Integer overflow in Codecs
• High CVE-2026-5275: Heap buffer overflow in ANGLE
• High CVE-2026-5276: Insufficient policy enforcement in WebUSB
• High CVE-2026-5277: Integer overflow in ANGLE
• High CVE-2026-5278: Use after free in Web MIDI
• High CVE-2026-5279: Object corruption in V8
• High CVE-2026-5280: Use after free in WebCodecs
• High CVE-2026-5281: Use after free in Dawn
• High CVE-2026-5282: Out of bounds read in WebCodecs
• High CVE-2026-5283: Inappropriate implementation in ANGLE
• High CVE-2026-5284: Use after free in Dawn
• High CVE-2026-5285: Use after free in WebGL
• High CVE-2026-5286: Use after free in Dawn
• High CVE-2026-5287: Use after free in PDF
• High CVE-2026-5288: Use after free in WebView
• High CVE-2026-5289: Use after free in Navigation
• High CVE-2026-5290: Use after free in Compositing
• Medium CVE-2026-5291: Inappropriate implementation in WebGL
• Medium CVE-2026-5292: Out of bounds read in WebCodecs

FEDORA-EPEL-2026-f2ac7803f9 Packages in this update:

• chromium-147.0.7727.101-1.el10_1

Update description:

Update to 147.0.7727.101

• Critical CVE-2026-6296: Heap buffer overflow in ANGLE
• Critical CVE-2026-6297: Use after free in Proxy
• Critical CVE-2026-6298: Heap buffer overflow in Skia
• Critical CVE-2026-6299: Use after free in Prerender
• Critical CVE-2026-6358: Use after free in XR
• High CVE-2026-6359: Use after free in Video
• High CVE-2026-6300: Use after free in CSS
• High CVE-2026-6301: Type Confusion in Turbofan
• High CVE-2026-6302: Use after free in Video
• High CVE-2026-6303: Use after free in Codecs
• High CVE-2026-6304: Use after free in Graphite
• High CVE-2026-6305: Heap buffer overflow in PDFium
• High CVE-2026-6306: Heap buffer overflow in PDFium
• High CVE-2026-6307: Type Confusion in Turbofan
• High CVE-2026-6308: Out of bounds read in Media
• High CVE-2026-6309: Use after free in Viz
• High CVE-2026-6360: Use after free in FileSystem
• High CVE-2026-6310: Use after free in Dawn
• High CVE-2026-6311: Uninitialized Use in Accessibility
• High CVE-2026-6312: Insufficient policy enforcement in Passwords
• High CVE-2026-6313: Insufficient policy enforcement in CORS
• High CVE-2026-6314: Out of bounds write in GPU
• High CVE-2026-6315: Use after free in Permissions
• High CVE-2026-6316: Use after free in Forms
• High CVE-2026-6361: Heap buffer overflow in PDFium
• High CVE-2026-6362: Use after free in Codecs
• High CVE-2026-6317: Use after free in Cast
• Medium CVE-2026-6363: Type Confusion in V8
• Medium CVE-2026-6318: Use after free in Codecs
• Medium CVE-2026-6319: Use after free in Payments
• Medium CVE-2026-6364: Out of bounds read in Skia

FEDORA-EPEL-2026-9ce82c1a41 Packages in this update:

• chromium-147.0.7727.101-1.el9

Update description:

Update to 147.0.7727.101

• Critical CVE-2026-6296: Heap buffer overflow in ANGLE
• Critical CVE-2026-6297: Use after free in Proxy
• Critical CVE-2026-6298: Heap buffer overflow in Skia
• Critical CVE-2026-6299: Use after free in Prerender
• Critical CVE-2026-6358: Use after free in XR
• High CVE-2026-6359: Use after free in Video
• High CVE-2026-6300: Use after free in CSS
• High CVE-2026-6301: Type Confusion in Turbofan
• High CVE-2026-6302: Use after free in Video
• High CVE-2026-6303: Use after free in Codecs
• High CVE-2026-6304: Use after free in Graphite
• High CVE-2026-6305: Heap buffer overflow in PDFium
• High CVE-2026-6306: Heap buffer overflow in PDFium
• High CVE-2026-6307: Type Confusion in Turbofan
• High CVE-2026-6308: Out of bounds read in Media
• High CVE-2026-6309: Use after free in Viz
• High CVE-2026-6360: Use after free in FileSystem
• High CVE-2026-6310: Use after free in Dawn
• High CVE-2026-6311: Uninitialized Use in Accessibility
• High CVE-2026-6312: Insufficient policy enforcement in Passwords
• High CVE-2026-6313: Insufficient policy enforcement in CORS
• High CVE-2026-6314: Out of bounds write in GPU
• High CVE-2026-6315: Use after free in Permissions
• High CVE-2026-6316: Use after free in Forms
• High CVE-2026-6361: Heap buffer overflow in PDFium
• High CVE-2026-6362: Use after free in Codecs
• High CVE-2026-6317: Use after free in Cast
• Medium CVE-2026-6363: Type Confusion in V8
• Medium CVE-2026-6318: Use after free in Codecs
• Medium CVE-2026-6319: Use after free in Payments
• Medium CVE-2026-6364: Out of bounds read in Skia

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. (CVE-2024-36347) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Ublk userspace block driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPU drivers; - Hardware monitoring drivers; - Intel Trace Hub HW tracing drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Mouse) drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - PA-RISC drivers; - Chrome hardware platform drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - Freescale USB OTG Transceiver Driver; - USB Type-C Connector System Software Interface driver; - Watchdog drivers; - BTRFS file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - HFS+ file system; - File systems infrastructure; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - User-space API (UAPI); - io_uring subsystem; - Scheduler infrastructure; - Shadow Call Stack mechanism; - Tracing infrastructure; - Memory management; - BPF subsystem; - CAIF protocol; - Ceph Core library; - Networking core; - Ethtool driver; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Sun RPC protocol; - Key management; - Landlock security; - STMicroelectronics SoC drivers; - USB sound devices; - KVM subsystem; (CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368, CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767, CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780, CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784, CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802, CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806, CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071, CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71099, CVE-2025-71100, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71115, CVE-2025-71116, CVE-2025-71117, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71124, CVE-2025-71125, CVE-2025-71126, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71143, CVE-2025-71146, CVE-2025-71147, CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2025-71156, CVE-2025-71157, CVE-2026-23091, CVE-2026-23209)

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. (CVE-2024-36347) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Ublk userspace block driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPU drivers; - Hardware monitoring drivers; - Intel Trace Hub HW tracing drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Mouse) drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - PA-RISC drivers; - Chrome hardware platform drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - Freescale USB OTG Transceiver Driver; - USB Type-C Connector System Software Interface driver; - Watchdog drivers; - BTRFS file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - HFS+ file system; - File systems infrastructure; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - User-space API (UAPI); - io_uring subsystem; - Scheduler infrastructure; - Shadow Call Stack mechanism; - Tracing infrastructure; - Memory management; - BPF subsystem; - CAIF protocol; - Ceph Core library; - Networking core; - Ethtool driver; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Sun RPC protocol; - Key management; - Landlock security; - STMicroelectronics SoC drivers; - USB sound devices; - KVM subsystem; (CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368, CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767, CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780, CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784, CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802, CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806, CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071, CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71080, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71099, CVE-2025-71100, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71115, CVE-2025-71116, CVE-2025-71117, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71124, CVE-2025-71125, CVE-2025-71126, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71143, CVE-2025-71146, CVE-2025-71147, CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2025-71156, CVE-2025-71157, CVE-2026-23091, CVE-2026-23209)

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. (CVE-2024-36347) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Ublk userspace block driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPU drivers; - Hardware monitoring drivers; - Intel Trace Hub HW tracing drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Mouse) drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - PA-RISC drivers; - Chrome hardware platform drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - Freescale USB OTG Transceiver Driver; - USB Type-C Connector System Software Interface driver; - Watchdog drivers; - BTRFS file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - HFS+ file system; - File systems infrastructure; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - User-space API (UAPI); - io_uring subsystem; - Scheduler infrastructure; - Shadow Call Stack mechanism; - Tracing infrastructure; - Memory management; - BPF subsystem; - CAIF protocol; - Ceph Core library; - Networking core; - Ethtool driver; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Sun RPC protocol; - Key management; - Landlock security; - STMicroelectronics SoC drivers; - USB sound devices; - KVM subsystem; (CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368, CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767, CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780, CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784, CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802, CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806, CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071, CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71080, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71099, CVE-2025-71100, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71115, CVE-2025-71116, CVE-2025-71117, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71124, CVE-2025-71125, CVE-2025-71126, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71143, CVE-2025-71146, CVE-2025-71147, CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2025-71156, CVE-2025-71157, CVE-2026-23091, CVE-2026-23209)

FEDORA-EPEL-2026-5f723f26cd Packages in this update:

• gum-0.17.0-3.el10_3

Update description:

Update from version 0.16.1 to version 0.17.0. This update also resolves CVE-2025-47906 and CVE-2026-5160.

• https://github.com/charmbracelet/gum/releases/tag/v0.16.2
• https://github.com/charmbracelet/gum/releases/tag/v0.17.0

FEDORA-2026-10cf6ce616 Packages in this update:

• gum-0.17.0-3.fc44

Update description:

Update vendored goldmark to 1.7.17 to resolve CVE-2026-5160.

FEDORA-2026-bebf3b0544 Packages in this update:

• gum-0.16.1-2.fc42

Update description:

Rebuild with latest golang to resolve CVE-2025-47906.

Andrew Lacambra discovered that Rack did not properly parse certain regular expressions. An attacker could possibly use this issue to bypass network security filters. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-26961) William T. Nelson discovered that Rack did not handle multipart headers correctly. An attacker could possibly use this issue to cause downstream parsing issues or a denial of service. This issue only affected Ubuntu 25.10. (CVE-2026-26962) It was discovered that Rack did not handle the Forwarded header correctly. An attacker could possibly use this issue to manipulate header values. This issue only affected Ubuntu 25.10. (CVE-2026-32762) It was discovered that Rack could consume excessive CPU when handling certain Accept-Encoding values. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-34230) Haruki Oyama discovered that certain configurations of Rack could erroneously fail to derive the displayed directory path, and expose the full filesystem path. An attacker could possibly use this issue to disclose deployment details such as layout and usernames. (CVE-2026-34763) It was discovered that Rack did not properly handle static file paths. An attacker could possibly use this issue to exfiltrate unintentionally served data. (CVE-2026-34785) Haruki Oyama discovered that Rack did not apply header rules to certain requests for URL-encoded static paths. An attacker could possibly use this issue to bypass security-relevant response headers. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34786) It was discovered that Rack did not limit the number of ranges requested in the Range header. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34826) It was discovered that Rack could consume excessive CPU when parsing certain multipart parameters. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 25.10. (CVE-2026-34827) It was discovered that Rack could consume unbounded disk space when handling requests without a Content-Length header. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34829) Mehtab Zafar discovered that Rack directly interpreted the X-Accel-Mapping header as a regular expression without escaping. An attacker could possibly use this issue to exfiltrate arbitrary files from internal locations. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34830) It was discovered that Rack did not properly handle messages with Unicode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34831) It was discovered that Rack did not properly parse the Host header. An attacker could possibly use this issue to bypass security filters or poison generated links. This issue only affected Ubuntu 25.10. (CVE-2026-34835)

FEDORA-EPEL-2026-8022001aef Packages in this update:

• coturn-4.10.0-1.el10_3

Update description: Coturn 4.10.0 Performance

• Add Linux-only recvmmsg client receive path for DTLS/UDP listener
• Skip response buffer allocation for STUN indications
• Remove mutex from per-thread super_memory allocator
• Eliminate mutex and reduce copies on auth message dispatch
• Replace mutex_bps with lock-free atomics for bandwidth tracking
• Remove unused mutex from ur_map structure
• WebRTC Auth optimization path
• Improve worst case scenario - avoid memory allocation

Memory issues

• Fix null pointer dereferences in post_parse()
• Fix stack buffer overflow in OAuth token decoding
• Fix uint16_t truncation overflow in stun_get_message_len_str()
• Initialize variables before use

Security

• CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser

General Improvements

• Disable reason string in response messages to reduce amplification factor
• Keep only NEV_UDP_SOCKET_PER_THREAD network engine
• Replace perror with logging
• Extend seed corpus and add more fuzzing scenarios
• Update config and Readme files about deprecated TLSv1/1.1
• Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
• Change port identifiers to use uint16_t
• Fixes: run_tests.sh and no db
• Improve PostgreSQL.md clarity
• Add session usage reporting callback to TURN database driver
• CLI interface is disabled by default

FEDORA-2026-e673311164 Packages in this update:

• coturn-4.10.0-1.fc42

Update description: Coturn 4.10.0 Performance

• Add Linux-only recvmmsg client receive path for DTLS/UDP listener
• Skip response buffer allocation for STUN indications
• Remove mutex from per-thread super_memory allocator
• Eliminate mutex and reduce copies on auth message dispatch
• Replace mutex_bps with lock-free atomics for bandwidth tracking
• Remove unused mutex from ur_map structure
• WebRTC Auth optimization path
• Improve worst case scenario - avoid memory allocation

Memory issues

• Fix null pointer dereferences in post_parse()
• Fix stack buffer overflow in OAuth token decoding
• Fix uint16_t truncation overflow in stun_get_message_len_str()
• Initialize variables before use

Security

• CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser

General Improvements

• Disable reason string in response messages to reduce amplification factor
• Keep only NEV_UDP_SOCKET_PER_THREAD network engine
• Replace perror with logging
• Extend seed corpus and add more fuzzing scenarios
• Update config and Readme files about deprecated TLSv1/1.1
• Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
• Change port identifiers to use uint16_t
• Fixes: run_tests.sh and no db
• Improve PostgreSQL.md clarity
• Add session usage reporting callback to TURN database driver
• CLI interface is disabled by default

FEDORA-EPEL-2026-63737a3630 Packages in this update:

• coturn-4.10.0-1.el10_1

Update description: Coturn 4.10.0 Performance

• Add Linux-only recvmmsg client receive path for DTLS/UDP listener
• Skip response buffer allocation for STUN indications
• Remove mutex from per-thread super_memory allocator
• Eliminate mutex and reduce copies on auth message dispatch
• Replace mutex_bps with lock-free atomics for bandwidth tracking
• Remove unused mutex from ur_map structure
• WebRTC Auth optimization path
• Improve worst case scenario - avoid memory allocation

Memory issues

• Fix null pointer dereferences in post_parse()
• Fix stack buffer overflow in OAuth token decoding
• Fix uint16_t truncation overflow in stun_get_message_len_str()
• Initialize variables before use

Security

• CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser

General Improvements

• Disable reason string in response messages to reduce amplification factor
• Keep only NEV_UDP_SOCKET_PER_THREAD network engine
• Replace perror with logging
• Extend seed corpus and add more fuzzing scenarios
• Update config and Readme files about deprecated TLSv1/1.1
• Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
• Change port identifiers to use uint16_t
• Fixes: run_tests.sh and no db
• Improve PostgreSQL.md clarity
• Add session usage reporting callback to TURN database driver
• CLI interface is disabled by default

FEDORA-2026-1c11dc3e37 Packages in this update:

• coturn-4.10.0-1.fc44

Update description: Coturn 4.10.0 Performance

• Add Linux-only recvmmsg client receive path for DTLS/UDP listener
• Skip response buffer allocation for STUN indications
• Remove mutex from per-thread super_memory allocator
• Eliminate mutex and reduce copies on auth message dispatch
• Replace mutex_bps with lock-free atomics for bandwidth tracking
• Remove unused mutex from ur_map structure
• WebRTC Auth optimization path
• Improve worst case scenario - avoid memory allocation

Memory issues

• Fix null pointer dereferences in post_parse()
• Fix stack buffer overflow in OAuth token decoding
• Fix uint16_t truncation overflow in stun_get_message_len_str()
• Initialize variables before use

Security

• CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser

General Improvements

• Disable reason string in response messages to reduce amplification factor
• Keep only NEV_UDP_SOCKET_PER_THREAD network engine
• Replace perror with logging
• Extend seed corpus and add more fuzzing scenarios
• Update config and Readme files about deprecated TLSv1/1.1
• Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
• Change port identifiers to use uint16_t
• Fixes: run_tests.sh and no db
• Improve PostgreSQL.md clarity
• Add session usage reporting callback to TURN database driver
• CLI interface is disabled by default

FEDORA-EPEL-2026-e0c1b77ba1 Packages in this update:

• coturn-4.10.0-1.el9

Update description: Coturn 4.10.0 Performance

• Add Linux-only recvmmsg client receive path for DTLS/UDP listener
• Skip response buffer allocation for STUN indications
• Remove mutex from per-thread super_memory allocator
• Eliminate mutex and reduce copies on auth message dispatch
• Replace mutex_bps with lock-free atomics for bandwidth tracking
• Remove unused mutex from ur_map structure
• WebRTC Auth optimization path
• Improve worst case scenario - avoid memory allocation

Memory issues

• Fix null pointer dereferences in post_parse()
• Fix stack buffer overflow in OAuth token decoding
• Fix uint16_t truncation overflow in stun_get_message_len_str()
• Initialize variables before use

Security

• CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser

General Improvements

• Disable reason string in response messages to reduce amplification factor
• Keep only NEV_UDP_SOCKET_PER_THREAD network engine
• Replace perror with logging
• Extend seed corpus and add more fuzzing scenarios
• Update config and Readme files about deprecated TLSv1/1.1
• Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
• Change port identifiers to use uint16_t
• Fixes: run_tests.sh and no db
• Improve PostgreSQL.md clarity
• Add session usage reporting callback to TURN database driver
• CLI interface is disabled by default