Fedora Security Advisories

chromium-146.0.7680.177-1.el10_1

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-EPEL-2026-3dc5de63cc Packages in this update:
  • chromium-146.0.7680.177-1.el10_1
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.el9

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-EPEL-2026-6a5f534eb8 Packages in this update:
  • chromium-146.0.7680.177-1.el9
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.fc44

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-2026-450ba465fd Packages in this update:
  • chromium-146.0.7680.177-1.fc44
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.fc42

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-2026-2b2e6a12de Packages in this update:
  • chromium-146.0.7680.177-1.fc42
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.fc43

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-2026-bdd01d79ba Packages in this update:
  • chromium-146.0.7680.177-1.fc43
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.el10_2

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-EPEL-2026-189ae4f7fc Packages in this update:
  • chromium-146.0.7680.177-1.el10_2
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

chromium-146.0.7680.177-1.el10_3

Fedora Security Advisories
3 hours 4 minutes ago
FEDORA-EPEL-2026-efc00c94b6 Packages in this update:
  • chromium-146.0.7680.177-1.el10_3
Update description:

Update to 146.0.7680.177

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

trafficserver-10.1.2-1.fc43

Fedora Security Advisories
4 hours 10 minutes ago
FEDORA-2026-7b719a7a58 Packages in this update:
  • trafficserver-10.1.2-1.fc43
Update description:

Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling

Changes with Apache Traffic Server 10.1.2 #12864 - Fix ppa log field #13037 - Fix prev_is_cr flag handling in chunked encoding parser #13040 - HttpSM - make sure we have a valid buffer to write on.

trafficserver-10.1.2-1.fc44

Fedora Security Advisories
4 hours 10 minutes ago
FEDORA-2026-7839a46d9d Packages in this update:
  • trafficserver-10.1.2-1.fc44
Update description:

Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling

Changes with Apache Traffic Server 10.1.2 #12864 - Fix ppa log field #13037 - Fix prev_is_cr flag handling in chunked encoding parser #13040 - HttpSM - make sure we have a valid buffer to write on.

trafficserver-10.1.2-1.fc42

Fedora Security Advisories
4 hours 10 minutes ago
FEDORA-2026-a157bd84c4 Packages in this update:
  • trafficserver-10.1.2-1.fc42
Update description:

Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling

Changes with Apache Traffic Server 10.1.2 #12864 - Fix ppa log field #13037 - Fix prev_is_cr flag handling in chunked encoding parser #13040 - HttpSM - make sure we have a valid buffer to write on.

trafficserver-9.2.13-1.el9

Fedora Security Advisories
4 hours 12 minutes ago
FEDORA-EPEL-2026-7d17b6d554 Packages in this update:
  • trafficserver-9.2.13-1.el9
Update description:

Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling

Changes with Apache Traffic Server 9.2.13 #12834 - Make 9.2.x buildable on macOS 26 #12909 - Updating make/configure for hdrrwr lib includes #13038 - 9.2.x: Fix prev_is_cr flag handling in chunked encoding parser #13039 - 9.2.x: HttpSM - make sure we have a valid buffer to write on.

trafficserver-9.2.13-1.el8

Fedora Security Advisories
4 hours 12 minutes ago
FEDORA-EPEL-2026-ec5df302a7 Packages in this update:
  • trafficserver-9.2.13-1.el8
Update description:

Resolves: CVE-2025-58136 - A simple legitimate POST request causes a crash CVE-2025-65114 - Malformed chunked message body allows request smuggling

Changes with Apache Traffic Server 9.2.13 #12834 - Make 9.2.x buildable on macOS 26 #12909 - Updating make/configure for hdrrwr lib includes #13038 - 9.2.x: Fix prev_is_cr flag handling in chunked encoding parser #13039 - 9.2.x: HttpSM - make sure we have a valid buffer to write on.

Checked
44 minutes 47 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security