Fedora Security Advisories

python-django5-5.2.11-1.fc43

52 minutes 5 seconds ago
FEDORA-2026-3adb735295 Packages in this update:
  • python-django5-5.2.11-1.fc43
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation
  • Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL
  • Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting

python-django5-5.2.11-1.fc42

54 minutes 1 second ago
FEDORA-2026-00b5bf3150 Packages in this update:
  • python-django5-5.2.11-1.fc42
Update description:
  • Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler
  • Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI
  • Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS
  • Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods
  • Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters
  • Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation
  • Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL
  • Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting

python3.9-3.9.25-6.fc42

14 hours 24 minutes ago
FEDORA-2026-cad5404d98 Packages in this update:
  • python3.9-3.9.25-6.fc42
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367

python3.9-3.9.25-6.fc43

14 hours 25 minutes ago
FEDORA-2026-289d6d4f69 Packages in this update:
  • python3.9-3.9.25-6.fc43
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367

python3.9-3.9.25-6.fc44

14 hours 28 minutes ago
FEDORA-2026-14a63ba868 Packages in this update:
  • python3.9-3.9.25-6.fc44
Update description:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-1536

chromium-145.0.7632.75-1.fc43

1 day 4 hours ago
FEDORA-2026-443f9ace49 Packages in this update:
  • chromium-145.0.7632.75-1.fc43
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.el9

1 day 4 hours ago
FEDORA-EPEL-2026-b65cc58fcd Packages in this update:
  • chromium-145.0.7632.75-1.el9
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.el10_1

1 day 4 hours ago
FEDORA-EPEL-2026-c1f2ed019e Packages in this update:
  • chromium-145.0.7632.75-1.el10_1
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.fc42

1 day 4 hours ago
FEDORA-2026-583eef79a8 Packages in this update:
  • chromium-145.0.7632.75-1.fc42
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads

chromium-145.0.7632.75-1.el10_2

1 day 4 hours ago
FEDORA-EPEL-2026-c43b37669d Packages in this update:
  • chromium-145.0.7632.75-1.el10_2
Update description:

Update to 145.0.7632.75

  • CVE-2026-2441: Use after free in CSS
  • CVE-2026-2313: Use after free in CSS
  • CVE-2026-2314: Heap buffer overflow in Codecs
  • CVE-2026-2315: Inappropriate implementation in WebGPU
  • CVE-2026-2316: Insufficient policy enforcement in Frames
  • CVE-2026-2317: Inappropriate implementation in Animation
  • CVE-2026-2318: Inappropriate implementation in PictureInPicture
  • CVE-2026-2319: Race in DevTools
  • CVE-2026-2320: Inappropriate implementation in File input
  • CVE-2026-2321: Use after free in Ozone
  • CVE-2026-2322: Inappropriate implementation in File input
  • CVE-2026-2323: Inappropriate implementation in Downloads
Checked
50 minutes 53 seconds ago