Fedora Security Advisories

chromium-146.0.7680.153-1.fc43

2 hours 50 minutes ago
FEDORA-2026-ae897eb928 Packages in this update:
  • chromium-146.0.7680.153-1.fc43
Update description:

Update to 146.0.7680.153

* CVE-2026-4439: Out of bounds memory access in WebGL * CVE-2026-4440: Out of bounds read and write in WebGL * CVE-2026-4441: Use after free in Base * CVE-2026-4442: Heap buffer overflow in CSS * CVE-2026-4443: Heap buffer overflow in WebAudio * CVE-2026-4444: Stack buffer overflow in WebRTC * CVE-2026-4445: Use after free in WebRTC * CVE-2026-4446: Use after free in WebRTC * CVE-2026-4447: Inappropriate implementation in V8 * CVE-2026-4448: Heap buffer overflow in ANGLE * CVE-2026-4449: Use after free in Blink * CVE-2026-4450: Out of bounds write in V8 * CVE-2026-4451: Insufficient validation of untrusted input in Navigation * CVE-2026-4452: Integer overflow in ANGLE * CVE-2026-4453: Integer overflow in Dawn * CVE-2026-4454: Use after free in Network * CVE-2026-4455: Heap buffer overflow in PDFium * CVE-2026-4456: Use after free in Digital Credentials API * CVE-2026-4457: Type Confusion in V8 * CVE-2026-4458: Use after free in Extensions * CVE-2026-4459: Out of bounds read and write in WebAudio * CVE-2026-4460: Out of bounds read in Skia * CVE-2026-4461: Inappropriate implementation in V8 * CVE-2026-4462: Out of bounds read in Blink * CVE-2026-4463: Heap buffer overflow in WebRTC * CVE-2026-4464: Integer overflow in ANGLE

chromium-146.0.7680.153-1.fc44

2 hours 50 minutes ago
FEDORA-2026-920df14fb5 Packages in this update:
  • chromium-146.0.7680.153-1.fc44
Update description:

Update to 146.0.7680.153

* CVE-2026-4439: Out of bounds memory access in WebGL * CVE-2026-4440: Out of bounds read and write in WebGL * CVE-2026-4441: Use after free in Base * CVE-2026-4442: Heap buffer overflow in CSS * CVE-2026-4443: Heap buffer overflow in WebAudio * CVE-2026-4444: Stack buffer overflow in WebRTC * CVE-2026-4445: Use after free in WebRTC * CVE-2026-4446: Use after free in WebRTC * CVE-2026-4447: Inappropriate implementation in V8 * CVE-2026-4448: Heap buffer overflow in ANGLE * CVE-2026-4449: Use after free in Blink * CVE-2026-4450: Out of bounds write in V8 * CVE-2026-4451: Insufficient validation of untrusted input in Navigation * CVE-2026-4452: Integer overflow in ANGLE * CVE-2026-4453: Integer overflow in Dawn * CVE-2026-4454: Use after free in Network * CVE-2026-4455: Heap buffer overflow in PDFium * CVE-2026-4456: Use after free in Digital Credentials API * CVE-2026-4457: Type Confusion in V8 * CVE-2026-4458: Use after free in Extensions * CVE-2026-4459: Out of bounds read and write in WebAudio * CVE-2026-4460: Out of bounds read in Skia * CVE-2026-4461: Inappropriate implementation in V8 * CVE-2026-4462: Out of bounds read in Blink * CVE-2026-4463: Heap buffer overflow in WebRTC * CVE-2026-4464: Integer overflow in ANGLE

chromium-146.0.7680.153-1.fc42

2 hours 50 minutes ago
FEDORA-2026-3bed78d162 Packages in this update:
  • chromium-146.0.7680.153-1.fc42
Update description:

Update to 146.0.7680.153

* CVE-2026-4439: Out of bounds memory access in WebGL * CVE-2026-4440: Out of bounds read and write in WebGL * CVE-2026-4441: Use after free in Base * CVE-2026-4442: Heap buffer overflow in CSS * CVE-2026-4443: Heap buffer overflow in WebAudio * CVE-2026-4444: Stack buffer overflow in WebRTC * CVE-2026-4445: Use after free in WebRTC * CVE-2026-4446: Use after free in WebRTC * CVE-2026-4447: Inappropriate implementation in V8 * CVE-2026-4448: Heap buffer overflow in ANGLE * CVE-2026-4449: Use after free in Blink * CVE-2026-4450: Out of bounds write in V8 * CVE-2026-4451: Insufficient validation of untrusted input in Navigation * CVE-2026-4452: Integer overflow in ANGLE * CVE-2026-4453: Integer overflow in Dawn * CVE-2026-4454: Use after free in Network * CVE-2026-4455: Heap buffer overflow in PDFium * CVE-2026-4456: Use after free in Digital Credentials API * CVE-2026-4457: Type Confusion in V8 * CVE-2026-4458: Use after free in Extensions * CVE-2026-4459: Out of bounds read and write in WebAudio * CVE-2026-4460: Out of bounds read in Skia * CVE-2026-4461: Inappropriate implementation in V8 * CVE-2026-4462: Out of bounds read in Blink * CVE-2026-4463: Heap buffer overflow in WebRTC * CVE-2026-4464: Integer overflow in ANGLE

python-scitokens-1.9.7-1.el10_1

3 hours 22 minutes ago
FEDORA-EPEL-2026-6359c6d24a Packages in this update:
  • python-scitokens-1.9.7-1.el10_1
Update description:
  • 1.9.7-1
  • Remove legacy parent SciToken chaining behavior from token initialization and claim handling
  • Harden Enforcer scope path traversal validation (including encoded traversal checks)
  • Clean up documentation references to parent/chained SciTokens

  • 1.9.6-1

  • Fix SQL injection risk in KeyCache by using parameterized SQLite queries
  • Prevent sibling-path authorization bypass in Enforcer scope checks

python-scitokens-1.9.7-1.el10_2

3 hours 22 minutes ago
FEDORA-EPEL-2026-d766064a6e Packages in this update:
  • python-scitokens-1.9.7-1.el10_2
Update description:
  • 1.9.7-1
  • Remove legacy parent SciToken chaining behavior from token initialization and claim handling
  • Harden Enforcer scope path traversal validation (including encoded traversal checks)
  • Clean up documentation references to parent/chained SciTokens

  • 1.9.6-1

  • Fix SQL injection risk in KeyCache by using parameterized SQLite queries
  • Prevent sibling-path authorization bypass in Enforcer scope checks
Checked
31 seconds ago