Aggregator

Version:6.12.85 (longterm) Released:2026-04-30 Source:linux-6.12.85.tar.xz PGP Signature:linux-6.12.85.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.85

Version:6.18.26 (longterm) Released:2026-04-30 Source:linux-6.18.26.tar.xz PGP Signature:linux-6.18.26.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.26

Version:7.0.3 (stable) Released:2026-04-30 Source:linux-7.0.3.tar.xz PGP Signature:linux-7.0.3.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-7.0.3

FEDORA-2026-f5ed344d5c Packages in this update:

• chromium-147.0.7727.137-1.fc44

Update description:

The updates include fixes for:

• Critical CVE-2026-7363: Use after free in Canvas
• Critical CVE-2026-7361: Use after free in iOS
• Critical CVE-2026-7344: Use after free in Accessibility
• Critical CVE-2026-7343: Use after free in Views
• High CVE-2026-7333: Use after free in GPU
• High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
• High CVE-2026-7359: Use after free in ANGLE
• High CVE-2026-7358: Use after free in Animation
• High CVE-2026-7334: Use after free in Views
• High CVE-2026-7357: Use after free in GPU
• High CVE-2026-7356: Use after free in Navigation
• High CVE-2026-7354: Out of bounds read and write in Angle
• High CVE-2026-7353: Heap buffer overflow in Skia
• High CVE-2026-7352: Use after free in Media
• High CVE-2026-7351: Race in MHTML
• High CVE-2026-7350: Use after free in WebMIDI
• High CVE-2026-7349: Use after free in Cast
• High CVE-2026-7348: Use after free in Codecs
• High CVE-2026-7335: Use after free in media
• High CVE-2026-7336: Use after free in WebRTC
• High CVE-2026-7337: Type Confusion in V8
• High CVE-2026-7347: Use after free in Chromoting
• High CVE-2026-7346: Inappropriate implementation in Tint
• High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
• High CVE-2026-7338: Use after free in Cast
• High CVE-2026-7342: Use after free in WebView
• High CVE-2026-7341: Use after free in WebRTC
• Medium CVE-2026-7339: Heap buffer overflow in WebRTC
• Medium CVE-2026-7340: Integer overflow in ANGLE
• Medium CVE-2026-7355: Use after free in Media

FEDORA-2026-af3f470d38 Packages in this update:

• chromium-147.0.7727.137-1.fc43

Update description:

The updates include fixes for:

• Critical CVE-2026-7363: Use after free in Canvas
• Critical CVE-2026-7361: Use after free in iOS
• Critical CVE-2026-7344: Use after free in Accessibility
• Critical CVE-2026-7343: Use after free in Views
• High CVE-2026-7333: Use after free in GPU
• High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
• High CVE-2026-7359: Use after free in ANGLE
• High CVE-2026-7358: Use after free in Animation
• High CVE-2026-7334: Use after free in Views
• High CVE-2026-7357: Use after free in GPU
• High CVE-2026-7356: Use after free in Navigation
• High CVE-2026-7354: Out of bounds read and write in Angle
• High CVE-2026-7353: Heap buffer overflow in Skia
• High CVE-2026-7352: Use after free in Media
• High CVE-2026-7351: Race in MHTML
• High CVE-2026-7350: Use after free in WebMIDI
• High CVE-2026-7349: Use after free in Cast
• High CVE-2026-7348: Use after free in Codecs
• High CVE-2026-7335: Use after free in media
• High CVE-2026-7336: Use after free in WebRTC
• High CVE-2026-7337: Type Confusion in V8
• High CVE-2026-7347: Use after free in Chromoting
• High CVE-2026-7346: Inappropriate implementation in Tint
• High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
• High CVE-2026-7338: Use after free in Cast
• High CVE-2026-7342: Use after free in WebView
• High CVE-2026-7341: Use after free in WebRTC
• Medium CVE-2026-7339: Heap buffer overflow in WebRTC
• Medium CVE-2026-7340: Integer overflow in ANGLE
• Medium CVE-2026-7355: Use after free in Media

FEDORA-2026-36fb406407 Packages in this update:

• chromium-147.0.7727.137-1.fc42

Update description:

The updates include fixes for:

• Critical CVE-2026-7363: Use after free in Canvas
• Critical CVE-2026-7361: Use after free in iOS
• Critical CVE-2026-7344: Use after free in Accessibility
• Critical CVE-2026-7343: Use after free in Views
• High CVE-2026-7333: Use after free in GPU
• High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
• High CVE-2026-7359: Use after free in ANGLE
• High CVE-2026-7358: Use after free in Animation
• High CVE-2026-7334: Use after free in Views
• High CVE-2026-7357: Use after free in GPU
• High CVE-2026-7356: Use after free in Navigation
• High CVE-2026-7354: Out of bounds read and write in Angle
• High CVE-2026-7353: Heap buffer overflow in Skia
• High CVE-2026-7352: Use after free in Media
• High CVE-2026-7351: Race in MHTML
• High CVE-2026-7350: Use after free in WebMIDI
• High CVE-2026-7349: Use after free in Cast
• High CVE-2026-7348: Use after free in Codecs
• High CVE-2026-7335: Use after free in media
• High CVE-2026-7336: Use after free in WebRTC
• High CVE-2026-7337: Type Confusion in V8
• High CVE-2026-7347: Use after free in Chromoting
• High CVE-2026-7346: Inappropriate implementation in Tint
• High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
• High CVE-2026-7338: Use after free in Cast
• High CVE-2026-7342: Use after free in WebView
• High CVE-2026-7341: Use after free in WebRTC
• Medium CVE-2026-7339: Heap buffer overflow in WebRTC
• Medium CVE-2026-7340: Integer overflow in ANGLE
• Medium CVE-2026-7355: Use after free in Media

FEDORA-EPEL-2026-dc2b6d40bc Packages in this update:

• proftpd-1.3.8d-2.el9

Update description:

This update fixes a potential SQL injection via mod_sql (CVE-2026-42167).

The mod_sql module is not enabled by default.

Jared Deckard discovered that Python marshmallow did not correctly handle hiding certain fields. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-17175) It was discovered that Python marshmallow did not efficiently handle merging certain objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2025-68480)

FEDORA-2026-0c9aff64a5 Packages in this update:

• xen-4.19.5-2.fc42

Update description:

oxenstored keeps quota related use counts across domain destruction [XSA-483, CVE-2026-23556] Xenstored DoS via XS_RESET_WATCHES command [XSA-484, CVE-2026-23557] grant table v2 race in status page mapping [XSA-486, CVE-2026-23558] x86: Floating Point Divider State Sampling [XSA-488, CVE-2025-54505]

FEDORA-2026-78cd69d9ae Packages in this update:

• xen-4.20.3-2.fc43

Update description:

oxenstored keeps quota related use counts across domain destruction [XSA-483, CVE-2026-23556] Xenstored DoS via XS_RESET_WATCHES command [XSA-484, CVE-2026-23557] grant table v2 race in status page mapping [XSA-486, CVE-2026-23558] x86: Floating Point Divider State Sampling [XSA-488, CVE-2025-54505]

FEDORA-2026-5bb108e1b7 Packages in this update:

• perl-Starman-0.4018-1.fc44

Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

FEDORA-2026-b94aad33a5 Packages in this update:

• perl-Starman-0.4018-1.fc43

Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

FEDORA-2026-4cca750484 Packages in this update:

• perl-Starman-0.4018-1.fc42

Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

FEDORA-2026-05d463c932 Packages in this update:

• pyOpenSSL-26.1.0-1.fc44

Update description:

Update to pyOpenSSL 26.1.0

This update adds support for cryptography v47 and fixes a single security issue:

• Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475

FEDORA-2026-bc62ef0a6a Packages in this update:

• pyOpenSSL-26.1.0-1.fc43

Update description:

Update to pyOpenSSL 26.1.0

This update adds support for cryptography v47 and fixes a single security issue:

• Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475

FEDORA-2026-13a0c86ba1 Packages in this update:

• kryoptic-1.5.0-2.fc45
• pyOpenSSL-26.1.0-1.fc45
• python-cryptography-47.0.0-1.fc45
• rust-asn1-0.24.1-1.fc45
• rust-asn1_derive-0.24.1-1.fc45

Update description:

Update python-cryptography to 47.0.0

As a result, rust-asn1 is bumped to 0.24, and pyOpenSSL is bumped to 26.1. kryoptic is rebuilt with a patch to support asn1 0.24.

pyOpenSSL 26.1 contains a fix for CVE-2026-40475

FEDORA-2026-6c99aaa6d3 Packages in this update:

• krb5-1.21.3-7.fc42

Update description:

• Fix NegoEx parsing vulnerabilities (CVE-2026-40355, CVE-2026-40356)

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. (CVE-2019-15237) It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and certain SVG attributes. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2024-38356, CVE-2024-38357) It was discovered that Roundcube Webmail did not properly sanitize certain HTML attributes when rendering e-mail messages. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2024-42008) It was discovered that Roundcube Webmail did not properly filter certain CSS token sequences within rendered e-mail messages. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-42010) It was discovered that Roundcube Webmail did not properly treat an SVG tag as an image source within its HTML sanitizer. An attacker could possibly use this issue to bypass remote image blocking to track email open actions or potentially bypass access control. (CVE-2026-25916) It was discovered that Roundcube Webmail did not properly handle comments within Cascading Style Sheets (CSS). An attacker could possibly use this issue to perform a CSS injection attack. (CVE-2026-26079)

FEDORA-2026-684396998a Packages in this update:

• krb5-1.22.2-4.fc43

Update description:

• Fix NegoEx parsing vulnerabilities (CVE-2026-40355, CVE-2026-40356)
• Add upstream patches to build against openssl 4.0
• Make configure.ac work with autoconf 2.73