Aggregator
USN-8490-1: Linux kernel vulnerabilities
freerdp-3.30.0-1.fc43
- freerdp-3.30.0-1.fc43
Update to 3.30.0
Update to 3.29.0
freerdp-3.30.0-1.fc44
- freerdp-3.30.0-1.fc44
Update to 3.30.0
chromium-150.0.7871.124-1.el10_3
- chromium-150.0.7871.124-1.el10_3
Update to 150.0.7871.124
* CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigationchromium-150.0.7871.124-1.el10_2
- chromium-150.0.7871.124-1.el10_2
Update to 150.0.7871.124
* CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigationchromium-150.0.7871.124-1.fc43
- chromium-150.0.7871.124-1.fc43
Update to 150.0.7871.124
* CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigationchromium-150.0.7871.124-1.el9
- chromium-150.0.7871.124-1.el9
Update to 150.0.7871.124
* CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigationchromium-150.0.7871.124-1.fc44
- chromium-150.0.7871.124-1.fc44
Update to 150.0.7871.124
* CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigationmoby-engine-29.6.2-1.fc44
- moby-engine-29.6.2-1.fc44
- Update to release v29.6.2
- Resolves: rhbz#2496437
- Upstream security fixes
-
- GHSA-hw3h-2gp9-cxpv
-
- GHSA-qx3x-mv6r-52p6
-
- GHSA-32pv-7hq5-qhwq
-
- GHSA-g2h8-426c-7976
-
- GHSA-388v-wmr2-g2v2
python-django5-5.2.16-1.fc43
- python-django5-5.2.16-1.fc43
Update python-django5 to version 5.2.16
Fixes three low-severity CVEs
- CVE-2026-48588: Potential exposure of private data via cached Set-Cookie response
- CVE-2026-53877: Heap buffer over-read in GDALRaster
- CVE-2026-53878: Header injection possibility since DomainNameValidator accepted newlines in input
python-django5-5.2.16-1.fc44
- python-django5-5.2.16-1.fc44
Update python-django5 to version 5.2.16
Fixes three low-severity CVEs
- CVE-2026-48588: Potential exposure of private data via cached Set-Cookie response
- CVE-2026-53877: Heap buffer over-read in GDALRaster
- CVE-2026-53878: Header injection possibility since DomainNameValidator accepted newlines in input
moby-engine-29.6.2-1.fc45
- moby-engine-29.6.2-1.fc45
Automatic update for moby-engine-29.6.2-1.fc45.
Changelog * Thu Jul 16 2026 Bradley G Smith <bradley.g.smith@gmail.com> - 29.6.2-1 - Update to release v29.6.2 - Resolves: rhbz#2496437 - Upstream security fixes - - GHSA-hw3h-2gp9-cxpv - - GHSA-qx3x-mv6r-52p6 - - GHSA-32pv-7hq5-qhwq - - GHSA-g2h8-426c-7976 - - GHSA-388v-wmr2-g2v2 * Thu Jul 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 29.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_45_Mass_Rebuilddotnet10.0-10.0.110-1.fc44
- dotnet10.0-10.0.110-1.fc44
Update to .NET SDK 10.0.110 and Runtime 10.0.10
Fixes: CVE-2026-47300,CVE-2026-47302,CVE-2026-47303,CVE-2026-47304,CVE-2026-50524,CVE-2026-50525,CVE-2026-50526,CVE-2026-50527,CVE-2026-50528,CVE-2026-50646,CVE-2026-50648,CVE-2026-50649,CVE-2026-50650,CVE-2026-50651,CVE-2026-50659,CVE-2026-56158,CVE-2026-57108
Release Notes:
dotnet10.0-10.0.110-1.fc43
- dotnet10.0-10.0.110-1.fc43
Update to .NET SDK 10.0.110 and Runtime 10.0.10
Fixes: CVE-2026-47300,CVE-2026-47302,CVE-2026-47303,CVE-2026-47304,CVE-2026-50524,CVE-2026-50525,CVE-2026-50526,CVE-2026-50527,CVE-2026-50528,CVE-2026-50646,CVE-2026-50648,CVE-2026-50649,CVE-2026-50650,CVE-2026-50651,CVE-2026-50659,CVE-2026-56158,CVE-2026-57108
Release Notes:
USN-8477-2: tar regression
netatalk-4.5.1-1.fc44
- netatalk-4.5.1-1.fc44
4.5.1 Release
libtiff-4.7.2-1.fc44
- libtiff-4.7.2-1.fc44
updated to 4.7.2, fixes security issues
libtiff-4.7.2-1.fc43
- libtiff-4.7.2-1.fc43
updated to 4.7.2, fixes security issues