Fedora Security Advisories

chromium-147.0.7727.137-1.el10_3

3 hours 3 minutes ago
FEDORA-EPEL-2026-c2b734f274 Packages in this update:
  • chromium-147.0.7727.137-1.el10_3
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.el10_1

3 hours 3 minutes ago
FEDORA-EPEL-2026-1a398e4f20 Packages in this update:
  • chromium-147.0.7727.137-1.el10_1
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.el9

3 hours 3 minutes ago
FEDORA-EPEL-2026-eaa2514539 Packages in this update:
  • chromium-147.0.7727.137-1.el9
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.el10_2

3 hours 3 minutes ago
FEDORA-EPEL-2026-70912890f2 Packages in this update:
  • chromium-147.0.7727.137-1.el10_2
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

proftpd-1.3.9a-1.fc44

3 hours 6 minutes ago
FEDORA-2026-549ee32ea1 Packages in this update:
  • proftpd-1.3.9a-1.fc44
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

proftpd-1.3.9a-1.el10_3

3 hours 6 minutes ago
FEDORA-EPEL-2026-bae7252e3a Packages in this update:
  • proftpd-1.3.9a-1.el10_3
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

proftpd-1.3.9a-1.fc42

3 hours 6 minutes ago
FEDORA-2026-739d341ab8 Packages in this update:
  • proftpd-1.3.9a-1.fc42
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

proftpd-1.3.9a-1.fc43

3 hours 6 minutes ago
FEDORA-2026-bdb9342c72 Packages in this update:
  • proftpd-1.3.9a-1.fc43
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

proftpd-1.3.9a-1.el10_1

3 hours 6 minutes ago
FEDORA-EPEL-2026-dcd5085f2b Packages in this update:
  • proftpd-1.3.9a-1.el10_1
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

proftpd-1.3.9a-1.el10_2

3 hours 6 minutes ago
FEDORA-EPEL-2026-13fd784361 Packages in this update:
  • proftpd-1.3.9a-1.el10_2
Update description:

Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

nano-8.5-3.fc43

8 hours 42 minutes ago
FEDORA-2026-d0a0f1c3d2 Packages in this update:
  • nano-8.5-3.fc43
Update description:
  • fix CVE-2026-6842 and CVE-29026-6843

Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz#2455127 Resolves: rhbz#2455314

nano-8.7.1-2.fc44

8 hours 42 minutes ago
FEDORA-2026-3111ffa11a Packages in this update:
  • nano-8.7.1-2.fc44
Update description:
  • fix CVE-2026-6842 and CVE-29026-6843

Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz#2455127 Resolves: rhbz#2455314

nano-8.3-4.fc42

8 hours 42 minutes ago
FEDORA-2026-fbeaecb457 Packages in this update:
  • nano-8.3-4.fc42
Update description:
  • fix CVE-2026-6842 and CVE-29026-6843

Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz#2455127 Resolves: rhbz#2455314

chromium-147.0.7727.137-1.fc44

10 hours 9 minutes ago
FEDORA-2026-f5ed344d5c Packages in this update:
  • chromium-147.0.7727.137-1.fc44
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.fc43

10 hours 9 minutes ago
FEDORA-2026-af3f470d38 Packages in this update:
  • chromium-147.0.7727.137-1.fc43
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media
Checked
3 minutes 53 seconds ago