Aggregator

rpki-client-9.8-1.fc44

Fedora Security Advisories
1 week 1 day ago
FEDORA-2026-879659f6c2 Packages in this update:
  • rpki-client-9.8-1.fc44
Update description: rpki-client 9.8
  • Various refactoring for improved compatibility with various libcrypto implementations and in CA/BGPsec certificate handling.
  • Fixed an accounting issue in HTTP gzip compression detection.
  • Added a warning in extra verbose mode (-vv) about standards non-compliant Issuer and Subject ASN.1 string encodings.
  • Added a check for canonical encoding of ASPA eContent in alignment with draft-ietf-sidrops-aspa-profile-22.
  • Ensure that a repository timeout correctly stops repository processing.
  • Fixed a defect in Canonical Cache Representation ROAIPAddressFamily sort order. As a result, rpki-client 9.8 cannot parse rpki-client 9.7's .ccr files and vice versa.
  • Fixed an issue in the parser for the locally configured constraints.
  • A malicious RRDP Publication Server can cause a NULL dereference.
  • A malicious RPKI Publication Server can cause an incorrect error exit.

USN-8145-5: Linux kernel (Azure) vulnerabilities

Ubuntu Security Advisories
1 week 2 days ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control; (CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060, CVE-2026-23074)

USN-8176-1: .NET vulnerabilities

Ubuntu Security Advisories
1 week 2 days ago
Ludvig Pedersen discovered that the System.Security.Cryptography.Xml library in .NET incorrectly handled certain XML inputs. An attacker could possibly use this issue to consume excessive resources, resulting in a denial of service. (CVE-2026-33116, CVE-2026-26171) Ludvig Pedersen and Kevin Jones discovered that the System.Security.Cryptography.Xml library in .NET incorrectly handled certain XML inputs. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. (CVE-2026-32203) Ludvig Pedersen discovered that the System.Net.Mail component in .NET incorrectly handled certain inputs. An attacker could possibly use this issue to perform a network spoofing attack. (CVE-2026-32178)

xorg-x11-server-21.1.22-1.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-2c6941716b Packages in this update:
  • xorg-x11-server-21.1.22-1.fc42
Update description:

Update to xserver 21.1.22, CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003

xorg-x11-server-21.1.22-1.fc43

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-a7ec361237 Packages in this update:
  • xorg-x11-server-21.1.22-1.fc43
Update description:

Update to xserver 21.1.22, CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003

xorg-x11-server-21.1.22-1.fc44

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-cf9e55a7a0 Packages in this update:
  • xorg-x11-server-21.1.22-1.fc44
Update description:

Update to xserver 21.1.22, CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003

cef-146.0.11^chromium146.0.7680.177-2.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-e0c31e9e7e Packages in this update:
  • cef-146.0.11^chromium146.0.7680.177-2.fc42
Update description:

Update to 146.0.7680.177 + cef-146.0.11+g8e1262b

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs

cef-146.0.11^chromium146.0.7680.177-2.fc44

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-83fdfd7e0e Packages in this update:
  • cef-146.0.11^chromium146.0.7680.177-2.fc44
Update description:

Update to 146.0.7680.177 + cef-146.0.11+g8e1262b

  • High CVE-2026-5273: Use after free in CSS
  • High CVE-2026-5272: Heap buffer overflow in GPU
  • High CVE-2026-5274: Integer overflow in Codecs
  • High CVE-2026-5275: Heap buffer overflow in ANGLE
  • High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  • High CVE-2026-5277: Integer overflow in ANGLE
  • High CVE-2026-5278: Use after free in Web MIDI
  • High CVE-2026-5279: Object corruption in V8
  • High CVE-2026-5280: Use after free in WebCodecs
  • High CVE-2026-5281: Use after free in Dawn
  • High CVE-2026-5282: Out of bounds read in WebCodecs
  • High CVE-2026-5283: Inappropriate implementation in ANGLE
  • High CVE-2026-5284: Use after free in Dawn
  • High CVE-2026-5285: Use after free in WebGL
  • High CVE-2026-5286: Use after free in Dawn
  • High CVE-2026-5287: Use after free in PDF
  • High CVE-2026-5288: Use after free in WebView
  • High CVE-2026-5289: Use after free in Navigation
  • High CVE-2026-5290: Use after free in Compositing
  • Medium CVE-2026-5291: Inappropriate implementation in WebGL
  • Medium CVE-2026-5292: Out of bounds read in WebCodecs