3 days 2 hours ago
3 days 2 hours ago
3 days 4 hours ago
Youngsung Kim discovered that PJSIP did not properly parse numeric header
fields in SIP messages. A remote attacker could use this issue to cause
PJSIP to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-16872)
Peter Koletzki discovered that PJSIP did not properly handle certain
connection requests. A remote attacker could possibly use this issue to
cause PJSIP to enter an unrecoverable state and reject further connections,
resulting in a denial of service. This issue only affected Ubuntu 16.04
LTS. (CVE-2017-16875)
Alfred Farrugia, Sandro Gauci, and Kevin Harwell discovered that PJSIP did
not properly parse certain SDP messages. A remote attacker could possibly
use this issue to cause PJSIP to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS. (CVE-2018-1000098,
CVE-2018-1000099)
Lauri Vänskä discovered that PJSIP did not verify hostnames when reusing
TLS connections. If a remote attacker were able to intercept communication,
this flaw could possibly be exploited to view sensitive information.
(CVE-2020-15260)
It was discovered that PJSIP did not properly handle certain sequences of
SDP messages. A remote attacker could possibly use this issue to cause
PJSIP to crash, resulting in a denial of service. (CVE-2021-21375)
It was discovered that the SSL socket implementation in PJSIP contained a
race condition. A remote attacker could possibly use this issue to cause
PJSIP to crash, resulting in a denial of service. This issue was only
addressed in Ubuntu 18.04 LTS. (CVE-2021-32686)
It was discovered that PJSIP did not properly parse certain STUN messages.
A remote attacker could use this issue to cause PJSIP to crash, resulting
in a denial of service, or possibly execute arbitrary code.
(CVE-2021-37706)
Uriya Yavnieli discovered that PJSIP did not properly manage memory under
certain conditions. A remote attacker could use this issue to cause PJSIP
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302,
CVE-2021-43303)
It was discovered that PJSIP did not properly manage memory when processing
ICE session credentials. A remote attacker could use this issue to cause
PJSIP to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2026-25994)
3 days 5 hours ago
FEDORA-2026-36594550b0
Packages in this update:
Update description:
Update to 2.52.0:
- Make text look like in other browsers by blending in linear color space.
- Improved rendering performance by using a different tile size depending on whether GPU rendering is enabled or not.
- Improved composition scheduling to avoid blocking waiting for tile painting.
- Improved performance of accelerated 2D canvas by recording operations for batched replay.
- Improved async scrolling when main thread is busy by avoiding locks and rendering the scrollbars from the scrolling thread.
- Enabled dynamic MSAA for accelerated 2D canvas rendering.
- Improved text rendering performance
- Videos with BT2100-PQ colorspace are now tone-mapped to SDR, ensuring colours do not appear washed out.
- Added support for the Audio Output Devices API.
- Added API to handle WebXR permission requests.
- Added API to query the immersive session status.
- Added initial API for web extensions.
3 days 5 hours ago
FEDORA-2026-b4d393799a
Packages in this update:
Update description:
Fix CVE-2026-33056 (tar-rs 0.4.45); Closes rhbz#2449672
3 days 6 hours ago
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
3 days 7 hours ago
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- x86 architecture;
- GPIO subsystem;
- GPU drivers;
- MMC subsystem;
- BTRFS file system;
- XFRM subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- SMC sockets;
(CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2022-49267,
CVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)
3 days 8 hours ago
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- x86 architecture;
- GPIO subsystem;
- GPU drivers;
- MMC subsystem;
- BTRFS file system;
- XFRM subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- SMC sockets;
(CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2022-49267,
CVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)
3 days 8 hours ago
Version:next-20260324 (linux-next)
Released:2026-03-24
3 days 8 hours ago
FEDORA-2026-d62d7fe77e
Packages in this update:
Update description:
Fix CVE-2026-31812: Bump tar-rs to .5.45 - Closes rhbz#2449672
3 days 9 hours ago
FEDORA-2026-2fc36ddefe
Packages in this update:
Update description:
Fix CVE-2026-31812: Bump tar-rs to .5.45 - Closes rhbz#2449672
3 days 11 hours ago
Seunghyun Lee discovered that Redis incorrectly handled memory during
hyperloglog operations. An attacker could use this issue to cause a denial
of service, or possibly achieve remote code execution.
3 days 11 hours ago
FEDORA-2026-e14350a7de
Packages in this update:
- rust-rustls-webpki-0.103.10-1.fc44
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-EPEL-2026-1460f79f2c
Packages in this update:
- rust-rustls-webpki-0.103.10-1.el10_3
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-EPEL-2026-860e57b32b
Packages in this update:
- rust-rustls-webpki-0.103.10-1.el10_2
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-EPEL-2026-e6e6228edf
Packages in this update:
- rust-rustls-webpki-0.103.10-1.el9
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-2026-efe3ef6f55
Packages in this update:
- rust-rustls-webpki-0.103.10-1.fc43
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-2026-334414b5e8
Packages in this update:
- rust-rustls-webpki-0.103.10-1.fc42
Update description:
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
3 days 11 hours ago
FEDORA-2026-6502cee6c2
Packages in this update:
Update description:
Update to 2.52.0:
- Make text look like in other browsers by blending in linear color space.
- Improved rendering performance by using a different tile size depending on whether GPU rendering is enabled or not.
- Improved composition scheduling to avoid blocking waiting for tile painting.
- Improved performance of accelerated 2D canvas by recording operations for batched replay.
- Improved async scrolling when main thread is busy by avoiding locks and rendering the scrollbars from the scrolling thread.
- Enabled dynamic MSAA for accelerated 2D canvas rendering.
- Improved text rendering performance
- Videos with BT2100-PQ colorspace are now tone-mapped to SDR, ensuring colours do not appear washed out.
- Added support for the Audio Output Devices API.
- Added API to handle WebXR permission requests.
- Added API to query the immersive session status.
- Added initial API for web extensions.
2.51.93:
- Make text look like in other browsers by blending in linear color space.
- Avoid composition for non visible layers with running animations.
- Fix several crashes and rendering issues.
2.51.92:
- Fix PDF rendering broken by the accelerated 2D canvas performance improvements.
- Fix flickering while scrolling in some edge cases.
- Support for rotation and mirroring in internal WebCodecs encoder.
- System fallback font selection no longer takes style into account.
- Fix several crashes and rendering issues.
3 days 11 hours ago
FEDORA-2026-431948187d
Packages in this update:
Update description:
Update to 2.52.0:
- Make text look like in other browsers by blending in linear color space.
- Improved rendering performance by using a different tile size depending on whether GPU rendering is enabled or not.
- Improved composition scheduling to avoid blocking waiting for tile painting.
- Improved performance of accelerated 2D canvas by recording operations for batched replay.
- Improved async scrolling when main thread is busy by avoiding locks and rendering the scrollbars from the scrolling thread.
- Enabled dynamic MSAA for accelerated 2D canvas rendering.
- Improved text rendering performance
- Videos with BT2100-PQ colorspace are now tone-mapped to SDR, ensuring colours do not appear washed out.
- Added support for the Audio Output Devices API.
- Added API to handle WebXR permission requests.
- Added API to query the immersive session status.
- Added initial API for web extensions.
