Aggregator

atril-1.26.4-1.el8

1 hour 3 minutes ago
FEDORA-EPEL-2026-c0bb6674c7 Packages in this update:
  • atril-1.26.4-1.el8
Update description: atril 1.26.4
  • epub: use g_strndup for parsing document path
  • epub: validate epub content before parsing
atril 1.26.3
  • epub: Avoid crash when index list has extraneous entry
  • fix a incompatible pointer type warning for gcc14
  • Fix build with libxml2 2.12
  • fix memleak
  • pdf: Always use poppler_document_save to avoid data loss
  • ev-application: Quote user-supplied strings in ev_spawn command line

atril-1.26.4-1.el9

1 hour 3 minutes ago
FEDORA-EPEL-2026-abc540be8b Packages in this update:
  • atril-1.26.4-1.el9
Update description: atril 1.26.4
  • epub: use g_strndup for parsing document path
  • epub: validate epub content before parsing
atril 1.26.3
  • epub: Avoid crash when index list has extraneous entry
  • fix a incompatible pointer type warning for gcc14
  • Fix build with libxml2 2.12
  • fix memleak
  • pdf: Always use poppler_document_save to avoid data loss
  • ev-application: Quote user-supplied strings in ev_spawn command line

chromium-149.0.7827.102-1.fc44

6 hours 19 minutes ago
FEDORA-2026-2debc85b3c Packages in this update:
  • chromium-149.0.7827.102-1.fc44
Update description:

Update to 149.0.7827.102

  • CVE-2026-11628: Use after free in Ozone
  • CVE-2026-11629: Use after free in Ozone
  • CVE-2026-11630: Use after free in File Input
  • CVE-2026-11631: Use after free in Aura
  • CVE-2026-11632: Use after free in TabStrip
  • CVE-2026-11633: Use after free in Bluetooth
  • CVE-2026-11634: Use after free in Gamepad
  • CVE-2026-11635: Use after free in Bluetooth
  • CVE-2026-11636: Use after free in Autofill
  • CVE-2026-11637: Use after free in Views
  • CVE-2026-11638: Use after free in Printing
  • CVE-2026-11639: Use after free in Compositing
  • CVE-2026-11640: Integer overflow in libyuv
  • CVE-2026-11641: Use after free in Bluetooth
  • CVE-2026-11642: Use after free in Web Apps
  • CVE-2026-11643: Use after free in Proxy
  • CVE-2026-11644: Use after free in Views
  • CVE-2026-11645: Out of bounds memory access in V8
  • CVE-2026-11646: Use after free in ViewTransitions
  • CVE-2026-11647: Use after free in Printing
  • CVE-2026-11648: Use after free in FullScreen
  • CVE-2026-11649: Use after free in V8
  • CVE-2026-11650: Use after free in V8
  • CVE-2026-11651: Use after free in Network
  • CVE-2026-11652: Use after free in Extensions
  • CVE-2026-11653: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11654: Use after free in CameraCapture
  • CVE-2026-11655: Integer overflow in Media
  • CVE-2026-11656: Use after free in ServiceWorker
  • CVE-2026-11657: Use after free in Payments
  • CVE-2026-11658: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11659: Insufficient validation of untrusted input in UI
  • CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11661: Use after free in Views
  • CVE-2026-11662: Type Confusion in Bindings
  • CVE-2026-11663: Use after free in Skia
  • CVE-2026-11664: Use after free in Payments
  • CVE-2026-11665: Out of bounds read in Dawn
  • CVE-2026-11666: Insufficient validation of untrusted input in Input
  • CVE-2026-11667: Out of bounds read in WebRTC
  • CVE-2026-11668: Uninitialized Use in Codecs
  • CVE-2026-11669: Integer overflow in Media
  • CVE-2026-11670: Use after free in PDF
  • CVE-2026-11671: Use after free in Navigation
  • CVE-2026-11672: Out of bounds write in GPU
  • CVE-2026-11673: Use after free in InterestGroups
  • CVE-2026-11674: Use after free in Guest View
  • CVE-2026-11675: Insufficient validation of untrusted input in Skia
  • CVE-2026-11676: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11677: Race in Network
  • CVE-2026-11678: Integer overflow in libyuv
  • CVE-2026-11679: Use after free in Codecs
  • CVE-2026-11680: Use after free in Media
  • CVE-2026-11681: Use after free in Ozone
  • CVE-2026-11682: Insufficient validation of untrusted input in Views
  • CVE-2026-11683: Use after free in WebCodecs
  • CVE-2026-11684: Insufficient policy enforcement in Network
  • CVE-2026-11685: Insufficient data validation in MediaCapture
  • CVE-2026-11686: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11687: Use after free in Dawn
  • CVE-2026-11688: Object lifecycle issue in SVG
  • CVE-2026-11689: Insufficient validation of untrusted input in Passwords
  • CVE-2026-11690: Out of bounds read and write in Media
  • CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11692: Use after free in Read Anything
  • CVE-2026-11693: Inappropriate implementation in Plugins
  • CVE-2026-11694: Use after free in ServiceWorker
  • CVE-2026-11695: Inappropriate implementation in Passwords
  • CVE-2026-11696: Uninitialized Use in Video
  • CVE-2026-11697: Insufficient validation of untrusted input in UI
  • CVE-2026-11698: Use after free in Bluetooth
  • CVE-2026-11699: Use after free in Bluetooth
  • CVE-2026-11700: Use after free in Tracing
  • CVE-2026-11701: Insufficient validation of untrusted input in Guest View

chromium-149.0.7827.102-1.fc43

6 hours 19 minutes ago
FEDORA-2026-c5c0986fb6 Packages in this update:
  • chromium-149.0.7827.102-1.fc43
Update description:

Update to 149.0.7827.102

  • CVE-2026-11628: Use after free in Ozone
  • CVE-2026-11629: Use after free in Ozone
  • CVE-2026-11630: Use after free in File Input
  • CVE-2026-11631: Use after free in Aura
  • CVE-2026-11632: Use after free in TabStrip
  • CVE-2026-11633: Use after free in Bluetooth
  • CVE-2026-11634: Use after free in Gamepad
  • CVE-2026-11635: Use after free in Bluetooth
  • CVE-2026-11636: Use after free in Autofill
  • CVE-2026-11637: Use after free in Views
  • CVE-2026-11638: Use after free in Printing
  • CVE-2026-11639: Use after free in Compositing
  • CVE-2026-11640: Integer overflow in libyuv
  • CVE-2026-11641: Use after free in Bluetooth
  • CVE-2026-11642: Use after free in Web Apps
  • CVE-2026-11643: Use after free in Proxy
  • CVE-2026-11644: Use after free in Views
  • CVE-2026-11645: Out of bounds memory access in V8
  • CVE-2026-11646: Use after free in ViewTransitions
  • CVE-2026-11647: Use after free in Printing
  • CVE-2026-11648: Use after free in FullScreen
  • CVE-2026-11649: Use after free in V8
  • CVE-2026-11650: Use after free in V8
  • CVE-2026-11651: Use after free in Network
  • CVE-2026-11652: Use after free in Extensions
  • CVE-2026-11653: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11654: Use after free in CameraCapture
  • CVE-2026-11655: Integer overflow in Media
  • CVE-2026-11656: Use after free in ServiceWorker
  • CVE-2026-11657: Use after free in Payments
  • CVE-2026-11658: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11659: Insufficient validation of untrusted input in UI
  • CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11661: Use after free in Views
  • CVE-2026-11662: Type Confusion in Bindings
  • CVE-2026-11663: Use after free in Skia
  • CVE-2026-11664: Use after free in Payments
  • CVE-2026-11665: Out of bounds read in Dawn
  • CVE-2026-11666: Insufficient validation of untrusted input in Input
  • CVE-2026-11667: Out of bounds read in WebRTC
  • CVE-2026-11668: Uninitialized Use in Codecs
  • CVE-2026-11669: Integer overflow in Media
  • CVE-2026-11670: Use after free in PDF
  • CVE-2026-11671: Use after free in Navigation
  • CVE-2026-11672: Out of bounds write in GPU
  • CVE-2026-11673: Use after free in InterestGroups
  • CVE-2026-11674: Use after free in Guest View
  • CVE-2026-11675: Insufficient validation of untrusted input in Skia
  • CVE-2026-11676: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11677: Race in Network
  • CVE-2026-11678: Integer overflow in libyuv
  • CVE-2026-11679: Use after free in Codecs
  • CVE-2026-11680: Use after free in Media
  • CVE-2026-11681: Use after free in Ozone
  • CVE-2026-11682: Insufficient validation of untrusted input in Views
  • CVE-2026-11683: Use after free in WebCodecs
  • CVE-2026-11684: Insufficient policy enforcement in Network
  • CVE-2026-11685: Insufficient data validation in MediaCapture
  • CVE-2026-11686: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11687: Use after free in Dawn
  • CVE-2026-11688: Object lifecycle issue in SVG
  • CVE-2026-11689: Insufficient validation of untrusted input in Passwords
  • CVE-2026-11690: Out of bounds read and write in Media
  • CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11692: Use after free in Read Anything
  • CVE-2026-11693: Inappropriate implementation in Plugins
  • CVE-2026-11694: Use after free in ServiceWorker
  • CVE-2026-11695: Inappropriate implementation in Passwords
  • CVE-2026-11696: Uninitialized Use in Video
  • CVE-2026-11697: Insufficient validation of untrusted input in UI
  • CVE-2026-11698: Use after free in Bluetooth
  • CVE-2026-11699: Use after free in Bluetooth
  • CVE-2026-11700: Use after free in Tracing
  • CVE-2026-11701: Insufficient validation of untrusted input in Guest View

Update to 149.0.7827.53

  • fix 429 CVEs ( CVE-2026-10881 through CVE-2026-11309)

USN-8422-1: Mistral vulnerability

8 hours 14 minutes ago
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it.

chromium-149.0.7827.102-1.el10_2

14 hours 2 minutes ago
FEDORA-EPEL-2026-9590d638c8 Packages in this update:
  • chromium-149.0.7827.102-1.el10_2
Update description:

Update to 149.0.7827.102

  • CVE-2026-11628: Use after free in Ozone
  • CVE-2026-11629: Use after free in Ozone
  • CVE-2026-11630: Use after free in File Input
  • CVE-2026-11631: Use after free in Aura
  • CVE-2026-11632: Use after free in TabStrip
  • CVE-2026-11633: Use after free in Bluetooth
  • CVE-2026-11634: Use after free in Gamepad
  • CVE-2026-11635: Use after free in Bluetooth
  • CVE-2026-11636: Use after free in Autofill
  • CVE-2026-11637: Use after free in Views
  • CVE-2026-11638: Use after free in Printing
  • CVE-2026-11639: Use after free in Compositing
  • CVE-2026-11640: Integer overflow in libyuv
  • CVE-2026-11641: Use after free in Bluetooth
  • CVE-2026-11642: Use after free in Web Apps
  • CVE-2026-11643: Use after free in Proxy
  • CVE-2026-11644: Use after free in Views
  • CVE-2026-11645: Out of bounds memory access in V8
  • CVE-2026-11646: Use after free in ViewTransitions
  • CVE-2026-11647: Use after free in Printing
  • CVE-2026-11648: Use after free in FullScreen
  • CVE-2026-11649: Use after free in V8
  • CVE-2026-11650: Use after free in V8
  • CVE-2026-11651: Use after free in Network
  • CVE-2026-11652: Use after free in Extensions
  • CVE-2026-11653: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11654: Use after free in CameraCapture
  • CVE-2026-11655: Integer overflow in Media
  • CVE-2026-11656: Use after free in ServiceWorker
  • CVE-2026-11657: Use after free in Payments
  • CVE-2026-11658: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11659: Insufficient validation of untrusted input in UI
  • CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11661: Use after free in Views
  • CVE-2026-11662: Type Confusion in Bindings
  • CVE-2026-11663: Use after free in Skia
  • CVE-2026-11664: Use after free in Payments
  • CVE-2026-11665: Out of bounds read in Dawn
  • CVE-2026-11666: Insufficient validation of untrusted input in Input
  • CVE-2026-11667: Out of bounds read in WebRTC
  • CVE-2026-11668: Uninitialized Use in Codecs
  • CVE-2026-11669: Integer overflow in Media
  • CVE-2026-11670: Use after free in PDF
  • CVE-2026-11671: Use after free in Navigation
  • CVE-2026-11672: Out of bounds write in GPU
  • CVE-2026-11673: Use after free in InterestGroups
  • CVE-2026-11674: Use after free in Guest View
  • CVE-2026-11675: Insufficient validation of untrusted input in Skia
  • CVE-2026-11676: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11677: Race in Network
  • CVE-2026-11678: Integer overflow in libyuv
  • CVE-2026-11679: Use after free in Codecs
  • CVE-2026-11680: Use after free in Media
  • CVE-2026-11681: Use after free in Ozone
  • CVE-2026-11682: Insufficient validation of untrusted input in Views
  • CVE-2026-11683: Use after free in WebCodecs
  • CVE-2026-11684: Insufficient policy enforcement in Network
  • CVE-2026-11685: Insufficient data validation in MediaCapture
  • CVE-2026-11686: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11687: Use after free in Dawn
  • CVE-2026-11688: Object lifecycle issue in SVG
  • CVE-2026-11689: Insufficient validation of untrusted input in Passwords
  • CVE-2026-11690: Out of bounds read and write in Media
  • CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11692: Use after free in Read Anything
  • CVE-2026-11693: Inappropriate implementation in Plugins
  • CVE-2026-11694: Use after free in ServiceWorker
  • CVE-2026-11695: Inappropriate implementation in Passwords
  • CVE-2026-11696: Uninitialized Use in Video
  • CVE-2026-11697: Insufficient validation of untrusted input in UI
  • CVE-2026-11698: Use after free in Bluetooth
  • CVE-2026-11699: Use after free in Bluetooth
  • CVE-2026-11700: Use after free in Tracing
  • CVE-2026-11701: Insufficient validation of untrusted input in Guest View