Fedora Security Advisories

cef-145.0.25^chromium145.0.7632.75-4.fc44

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-2026-376794abc1 Packages in this update:
  • cef-145.0.25^chromium145.0.7632.75-4.fc44
Update description:

Update to cef-145.0.25 + chromium 145.0.7632.75

  • CVE-2026-1861: Heap buffer overflow in libvpx
  • CVE-2026-1862: Type Confusion in V8
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads
  • CVE-2026-2441: Use after free in CSS

cef-145.0.25^chromium145.0.7632.75-4.fc42

Fedora Security Advisories
6 hours 11 minutes ago
FEDORA-2026-a48b5f36ec Packages in this update:
  • cef-145.0.25^chromium145.0.7632.75-4.fc42
Update description:

Update to cef-145.0.25 + chromium 145.0.7632.75

  • CVE-2026-1861: Heap buffer overflow in libvpx
  • CVE-2026-1862: Type Confusion in V8
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads
  • CVE-2026-2441: Use after free in CSS

cef-145.0.25^chromium145.0.7632.75-4.fc43

Fedora Security Advisories
6 hours 11 minutes ago
FEDORA-2026-0bced5158d Packages in this update:
  • cef-145.0.25^chromium145.0.7632.75-4.fc43
Update description:

Update to cef-145.0.25 + chromium 145.0.7632.75

  • CVE-2026-1861: Heap buffer overflow in libvpx
  • CVE-2026-1862: Type Confusion in V8
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads
  • CVE-2026-2441: Use after free in CSS

python-django4.2-4.2.28-1.el9

Fedora Security Advisories
1 day 1 hour ago
FEDORA-EPEL-2026-e4c468db6d Packages in this update:
  • python-django4.2-4.2.28-1.el9
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation

python-django4.2-4.2.28-1.fc42

Fedora Security Advisories
1 day 1 hour ago
FEDORA-2026-ca3d81129a Packages in this update:
  • python-django4.2-4.2.28-1.fc42
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation

python-django5-5.2.11-1.fc43

Fedora Security Advisories
1 day 14 hours ago
FEDORA-2026-3adb735295 Packages in this update:
  • python-django5-5.2.11-1.fc43
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation
  • Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL
  • Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting

python-django5-5.2.11-1.fc42

Fedora Security Advisories
1 day 14 hours ago
FEDORA-2026-00b5bf3150 Packages in this update:
  • python-django5-5.2.11-1.fc42
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation
  • Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL
  • Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting

python3.9-3.9.25-6.fc42

Fedora Security Advisories
2 days 3 hours ago
FEDORA-2026-cad5404d98 Packages in this update:
  • python3.9-3.9.25-6.fc42
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367

python3.9-3.9.25-6.fc43

Fedora Security Advisories
2 days 3 hours ago
FEDORA-2026-289d6d4f69 Packages in this update:
  • python3.9-3.9.25-6.fc43
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367

python3.9-3.9.25-6.fc44

Fedora Security Advisories
2 days 3 hours ago
FEDORA-2026-14a63ba868 Packages in this update:
  • python3.9-3.9.25-6.fc44
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-1536

chromium-145.0.7632.75-1.fc43

Fedora Security Advisories
2 days 18 hours ago
FEDORA-2026-443f9ace49 Packages in this update:
  • chromium-145.0.7632.75-1.fc43
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.el9

Fedora Security Advisories
2 days 18 hours ago
FEDORA-EPEL-2026-b65cc58fcd Packages in this update:
  • chromium-145.0.7632.75-1.el9
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.el10_1

Fedora Security Advisories
2 days 18 hours ago
FEDORA-EPEL-2026-c1f2ed019e Packages in this update:
  • chromium-145.0.7632.75-1.el10_1
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads
Checked
57 minutes 28 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security