Fedora Security Advisories

• php-zumba-json-serializer-3.2.4-1.fc43

Version 3.2.4

• Fix serialization of parent class private properties by @Copilot in #71
• Fix fatal error when serializing objects with uninitialized typed properties by @Copilot in #68

Version 3.2.3

[Security] Added method to restrict which classes can be unserialized. Security Advisory GHSA-v7m3-fpcr-h7m2

• php-zumba-json-serializer-3.2.4-1.fc42

Version 3.2.4

• Fix serialization of parent class private properties by @Copilot in #71
• Fix fatal error when serializing objects with uninitialized typed properties by @Copilot in #68

Version 3.2.3

[Security] Added method to restrict which classes can be unserialized. Security Advisory GHSA-v7m3-fpcr-h7m2

• perl-Crypt-URandom-0.55-1.fc42

This release fixes CVE-2026-2474 (a heap buffer overflow) and handling failed read syscalls.

• perl-Crypt-URandom-0.55-1.fc43

This release fixes CVE-2026-2474 (a heap buffer overflow) and handling failed read syscalls.

• perl-Crypt-URandom-0.55-1.fc44

This release fixes CVE-2026-2474 (a heap buffer overflow) and handling failed read syscalls.

• avr-binutils-2.45-4.fc43.1

• fix CVE-2025-11083: heap-based overflow
• fix CVE-2025-11082: heap-based overflow
• fix CVE-2025-11081: out-of-bounds read

• avr-binutils-2.45-4.fc42.1

• fix CVE-2025-11083: heap-based overflow
• fix CVE-2025-11082: heap-based overflow
• fix CVE-2025-11081: out-of-bounds read

• erlang-26.2.5.17-1.fc43

Erlang ver. 26.2.5.17

• erlang-26.2.5.17-1.fc42

Erlang ver. 26.2.5.17

• nextcloud-32.0.6-1.el10_2

32.0.6 release

• nextcloud-32.0.6-1.fc42

32.0.6 release

• nextcloud-32.0.6-1.el10_1

32.0.6 release

• nextcloud-32.0.6-1.fc43

32.0.6 release

• nextcloud-32.0.6-1.fc44

32.0.6 release

• pgadmin4-9.12-2.fc42

Refresh vendored bundle. fixes multiple CVEs.

• pgadmin4-9.12-2.fc44

Refresh vendored bundle. fixes multiple CVEs.

• pgadmin4-9.12-2.fc43

Refresh vendored bundle. fixes multiple CVEs.

• cef-145.0.25^chromium145.0.7632.75-4.fc44

Update to cef-145.0.25 + chromium 145.0.7632.75

• CVE-2026-1861: Heap buffer overflow in libvpx
• CVE-2026-1862: Type Confusion in V8
• CVE-2026-2313: Use after free in CSS
• CVE-2026-2314: Heap buffer overflow in Codecs
• CVE-2026-2315: Inappropriate implementation in WebGPU
• CVE-2026-2316: Insufficient policy enforcement in Frames
• CVE-2026-2317: Inappropriate implementation in Animation
• CVE-2026-2318: Inappropriate implementation in PictureInPicture
• CVE-2026-2319: Race in DevTools
• CVE-2026-2320: Inappropriate implementation in File input
• CVE-2026-2321: Use after free in Ozone
• CVE-2026-2322: Inappropriate implementation in File input
• CVE-2026-2323: Inappropriate implementation in Downloads
• CVE-2026-2441: Use after free in CSS

• cef-145.0.25^chromium145.0.7632.75-4.fc42

Update to cef-145.0.25 + chromium 145.0.7632.75

• CVE-2026-1861: Heap buffer overflow in libvpx
• CVE-2026-1862: Type Confusion in V8
• CVE-2026-2313: Use after free in CSS
• CVE-2026-2314: Heap buffer overflow in Codecs
• CVE-2026-2315: Inappropriate implementation in WebGPU
• CVE-2026-2316: Insufficient policy enforcement in Frames
• CVE-2026-2317: Inappropriate implementation in Animation
• CVE-2026-2318: Inappropriate implementation in PictureInPicture
• CVE-2026-2319: Race in DevTools
• CVE-2026-2320: Inappropriate implementation in File input
• CVE-2026-2321: Use after free in Ozone
• CVE-2026-2322: Inappropriate implementation in File input
• CVE-2026-2323: Inappropriate implementation in Downloads
• CVE-2026-2441: Use after free in CSS

• cef-145.0.25^chromium145.0.7632.75-4.fc43

Update to cef-145.0.25 + chromium 145.0.7632.75

• CVE-2026-1861: Heap buffer overflow in libvpx
• CVE-2026-1862: Type Confusion in V8
• CVE-2026-2313: Use after free in CSS
• CVE-2026-2314: Heap buffer overflow in Codecs
• CVE-2026-2315: Inappropriate implementation in WebGPU
• CVE-2026-2316: Insufficient policy enforcement in Frames
• CVE-2026-2317: Inappropriate implementation in Animation
• CVE-2026-2318: Inappropriate implementation in PictureInPicture
• CVE-2026-2319: Race in DevTools
• CVE-2026-2320: Inappropriate implementation in File input
• CVE-2026-2321: Use after free in Ozone
• CVE-2026-2322: Inappropriate implementation in File input
• CVE-2026-2323: Inappropriate implementation in Downloads
• CVE-2026-2441: Use after free in CSS