Fedora Security Advisories

chromium-149.0.7827.155-1.el9

Fedora Security Advisories
1 hour ago
FEDORA-EPEL-2026-0c2688537b Packages in this update:
  • chromium-149.0.7827.155-1.el9
Update description:

Update to 149.0.7827.155

  • CVE-2026-12437: Use after free in WebShare
  • CVE-2026-12438: Inappropriate implementation in WebView
  • CVE-2026-12439: Use after free in Digital Credentials
  • CVE-2026-12440: Use after free in DigitalCredentials
  • CVE-2026-12441: Use after free in File Input
  • CVE-2026-12442: Use after free in Passwords
  • CVE-2026-12443: Use after free in Web Authentication
  • CVE-2026-12444: Out of bounds read in Chromoting
  • CVE-2026-12445: Use after free in Extensions
  • CVE-2026-12446: Insufficient data validation in Passwords
  • CVE-2026-12447: Heap buffer overflow in WebRTC
  • CVE-2026-12448: Inappropriate implementation in WebView
  • CVE-2026-12449: Use after free in Chromoting
  • CVE-2026-12450: Inappropriate implementation in Media
  • CVE-2026-12451: Use after free in DigitalCredentials
  • CVE-2026-12452: Use after free in Downloads
  • CVE-2026-12453: Insufficient validation of untrusted input in Input
  • CVE-2026-12454: Race in Safe Browsing
  • CVE-2026-12455: Use after free in Tab Strip
  • CVE-2026-12456: Insufficient validation of untrusted input in Extensions
  • CVE-2026-12457: Insufficient data validation in Extensions
  • CVE-2026-12458: Incorrect security UI in Passwords
  • CVE-2026-12459: Inappropriate implementation in Serial
  • CVE-2026-12460: Insufficient policy enforcement in File System Access
  • CVE-2026-12461: Out of bounds read in WebRTC
  • CVE-2026-12462: Use after free in Media
  • CVE-2026-12463: Inappropriate implementation in Views
  • CVE-2026-12464: Use after free in Browser
  • CVE-2026-12465: Insufficient validation of untrusted input in Metrics
  • CVE-2026-12466: Heap buffer overflow in WebRTC
  • CVE-2026-12467: Use after free in Extensions
  • CVE-2026-12468: Inappropriate implementation in Updater
  • CVE-2026-12469: Uninitialized Use in GPU

chromium-149.0.7827.155-1.el10_2

Fedora Security Advisories
1 hour ago
FEDORA-EPEL-2026-ad8f61e943 Packages in this update:
  • chromium-149.0.7827.155-1.el10_2
Update description:

Update to 149.0.7827.155

  • CVE-2026-12437: Use after free in WebShare
  • CVE-2026-12438: Inappropriate implementation in WebView
  • CVE-2026-12439: Use after free in Digital Credentials
  • CVE-2026-12440: Use after free in DigitalCredentials
  • CVE-2026-12441: Use after free in File Input
  • CVE-2026-12442: Use after free in Passwords
  • CVE-2026-12443: Use after free in Web Authentication
  • CVE-2026-12444: Out of bounds read in Chromoting
  • CVE-2026-12445: Use after free in Extensions
  • CVE-2026-12446: Insufficient data validation in Passwords
  • CVE-2026-12447: Heap buffer overflow in WebRTC
  • CVE-2026-12448: Inappropriate implementation in WebView
  • CVE-2026-12449: Use after free in Chromoting
  • CVE-2026-12450: Inappropriate implementation in Media
  • CVE-2026-12451: Use after free in DigitalCredentials
  • CVE-2026-12452: Use after free in Downloads
  • CVE-2026-12453: Insufficient validation of untrusted input in Input
  • CVE-2026-12454: Race in Safe Browsing
  • CVE-2026-12455: Use after free in Tab Strip
  • CVE-2026-12456: Insufficient validation of untrusted input in Extensions
  • CVE-2026-12457: Insufficient data validation in Extensions
  • CVE-2026-12458: Incorrect security UI in Passwords
  • CVE-2026-12459: Inappropriate implementation in Serial
  • CVE-2026-12460: Insufficient policy enforcement in File System Access
  • CVE-2026-12461: Out of bounds read in WebRTC
  • CVE-2026-12462: Use after free in Media
  • CVE-2026-12463: Inappropriate implementation in Views
  • CVE-2026-12464: Use after free in Browser
  • CVE-2026-12465: Insufficient validation of untrusted input in Metrics
  • CVE-2026-12466: Heap buffer overflow in WebRTC
  • CVE-2026-12467: Use after free in Extensions
  • CVE-2026-12468: Inappropriate implementation in Updater
  • CVE-2026-12469: Uninitialized Use in GPU

chromium-149.0.7827.155-1.el10_3

Fedora Security Advisories
1 hour ago
FEDORA-EPEL-2026-e97f88e82c Packages in this update:
  • chromium-149.0.7827.155-1.el10_3
Update description:

Update to 149.0.7827.155

  • CVE-2026-12437: Use after free in WebShare
  • CVE-2026-12438: Inappropriate implementation in WebView
  • CVE-2026-12439: Use after free in Digital Credentials
  • CVE-2026-12440: Use after free in DigitalCredentials
  • CVE-2026-12441: Use after free in File Input
  • CVE-2026-12442: Use after free in Passwords
  • CVE-2026-12443: Use after free in Web Authentication
  • CVE-2026-12444: Out of bounds read in Chromoting
  • CVE-2026-12445: Use after free in Extensions
  • CVE-2026-12446: Insufficient data validation in Passwords
  • CVE-2026-12447: Heap buffer overflow in WebRTC
  • CVE-2026-12448: Inappropriate implementation in WebView
  • CVE-2026-12449: Use after free in Chromoting
  • CVE-2026-12450: Inappropriate implementation in Media
  • CVE-2026-12451: Use after free in DigitalCredentials
  • CVE-2026-12452: Use after free in Downloads
  • CVE-2026-12453: Insufficient validation of untrusted input in Input
  • CVE-2026-12454: Race in Safe Browsing
  • CVE-2026-12455: Use after free in Tab Strip
  • CVE-2026-12456: Insufficient validation of untrusted input in Extensions
  • CVE-2026-12457: Insufficient data validation in Extensions
  • CVE-2026-12458: Incorrect security UI in Passwords
  • CVE-2026-12459: Inappropriate implementation in Serial
  • CVE-2026-12460: Insufficient policy enforcement in File System Access
  • CVE-2026-12461: Out of bounds read in WebRTC
  • CVE-2026-12462: Use after free in Media
  • CVE-2026-12463: Inappropriate implementation in Views
  • CVE-2026-12464: Use after free in Browser
  • CVE-2026-12465: Insufficient validation of untrusted input in Metrics
  • CVE-2026-12466: Heap buffer overflow in WebRTC
  • CVE-2026-12467: Use after free in Extensions
  • CVE-2026-12468: Inappropriate implementation in Updater
  • CVE-2026-12469: Uninitialized Use in GPU

haveged-1.9.23-3.el8

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-EPEL-2026-f8b56453b1 Packages in this update:
  • haveged-1.9.23-3.el8
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-3.el10_2

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-EPEL-2026-7238dbdbd4 Packages in this update:
  • haveged-1.9.23-3.el10_2
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-3.el10_3

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-EPEL-2026-ef7be8379d Packages in this update:
  • haveged-1.9.23-3.el10_3
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-3.el9

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-EPEL-2026-166b182fb8 Packages in this update:
  • haveged-1.9.23-3.el9
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-3.fc43

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-2026-47a467ca27 Packages in this update:
  • haveged-1.9.23-3.fc43
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-4.fc44

Fedora Security Advisories
1 hour 23 minutes ago
FEDORA-2026-6d3873ec0d Packages in this update:
  • haveged-1.9.23-4.fc44
Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

yt-dlp-2026.06.09-1.fc43

Fedora Security Advisories
10 hours 57 minutes ago
FEDORA-2026-03f87de373 Packages in this update:
  • yt-dlp-2026.06.09-1.fc43
Update description:
  • Update to 2026.06.09. Fixes rhbz#2487407.
  • Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574

yt-dlp-2026.06.09-1.fc44

Fedora Security Advisories
10 hours 57 minutes ago
FEDORA-2026-bb702c613b Packages in this update:
  • yt-dlp-2026.06.09-1.fc44
Update description:
  • Update to 2026.06.09. Fixes rhbz#2487407.
  • Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574

haveged-1.9.23-2.el8

Fedora Security Advisories
10 hours 58 minutes ago
FEDORA-EPEL-2026-20c6017771 Packages in this update:
  • haveged-1.9.23-2.el8
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el10_3

Fedora Security Advisories
10 hours 58 minutes ago
FEDORA-EPEL-2026-94647282a7 Packages in this update:
  • haveged-1.9.23-2.el10_3
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el10_2

Fedora Security Advisories
11 hours 7 minutes ago
FEDORA-EPEL-2026-0a509be2eb Packages in this update:
  • haveged-1.9.23-2.el10_2
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el9

Fedora Security Advisories
11 hours 7 minutes ago
FEDORA-EPEL-2026-ca98e0cf9b Packages in this update:
  • haveged-1.9.23-2.el9
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.fc43

Fedora Security Advisories
11 hours 10 minutes ago
FEDORA-2026-f59528a390 Packages in this update:
  • haveged-1.9.23-2.fc43
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Checked
27 minutes 54 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security