perl-Config-IniFiles-3.001000-1.fc44
FEDORA-2026-1c2676703e
Packages in this update:
- perl-Config-IniFiles-3.001000-1.fc44
Update to 3.001000, fixes CVE-2026-11527
Aggregator
perl-Config-IniFiles-3.001000-1.el10_3
FEDORA-EPEL-2026-bf53806e4a
Packages in this update:
- perl-Config-IniFiles-3.001000-1.el10_3
Update to 3.001000, fixes CVE-2026-11527
ldns-1.9.2-1.fc43
FEDORA-2026-b33ba1aa06
Packages in this update:
- ldns-1.9.2-1.fc43
Update to 1.9.2 for CVE-2026-10846
ldns-1.9.2-1.fc44
FEDORA-2026-1c6479b257
Packages in this update:
- ldns-1.9.2-1.fc44
Update to 1.9.2 for CVE-2026-10846
next-20260611: linux-next
Version:next-20260611 (linux-next)
Released:2026-06-11
gh-2.94.0-1.fc44
FEDORA-2026-f07b3548d4
Packages in this update:
- gh-2.94.0-1.fc44
Update to 2.94.0
Update to 2.93.0
gh-2.94.0-1.el10_3
FEDORA-EPEL-2026-d82cb6262c
Packages in this update:
- gh-2.94.0-1.el10_3
Update to 2.94.0
Update to 2.93.0
gh-2.94.0-1.el10_2
FEDORA-EPEL-2026-46b506c7c2
Packages in this update:
- gh-2.94.0-1.el10_2
Update to 2.94.0
Update to 2.93.0
gh-2.94.0-1.el9
FEDORA-EPEL-2026-d274f8045b
Packages in this update:
- gh-2.94.0-1.el9
Update to 2.94.0
Update to 2.93.0
USN-8422-1: Mistral vulnerability
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral
did not properly enforce access policies on some API endpoints. An
attacker could possibly execute arbitrary code on a Mistral worker and
possibly extract sensitive data including service credentials from it.
USN-8421-1: Ironic vulnerabilities
Dmitry Tantsur and Tuomo Tanskanen discovered that Ironic did not
properly validate file paths when handling ISO images. A privileged
authenticated remote user could use this issue to perform path
traversal via a crafted ISO image and overwrite arbitrary files on
the Ironic conductor. (CVE-2026-48681)
Dmitry Tantsur and Tuomo Tanskanen discovered that Ironic did not
properly validate kernel command line parameters. A privileged
authenticated remote user could use this issue to inject
scripts during node boot and possibly execute arbitrary code.
(CVE-2026-46447)
Dmitry Tantsur and Tuomo Tanskanen discovered that Ironic
incorrectly restricted access to custom PXE templates. A privileged
authenticated remote user could use this issue to read arbitrary
sensitive files on the Ironic conductor. (CVE-2026-44917)
chromium-149.0.7827.102-1.el10_2
FEDORA-EPEL-2026-9590d638c8
Packages in this update:
- chromium-149.0.7827.102-1.el10_2
Update to 149.0.7827.102
- CVE-2026-11628: Use after free in Ozone
- CVE-2026-11629: Use after free in Ozone
- CVE-2026-11630: Use after free in File Input
- CVE-2026-11631: Use after free in Aura
- CVE-2026-11632: Use after free in TabStrip
- CVE-2026-11633: Use after free in Bluetooth
- CVE-2026-11634: Use after free in Gamepad
- CVE-2026-11635: Use after free in Bluetooth
- CVE-2026-11636: Use after free in Autofill
- CVE-2026-11637: Use after free in Views
- CVE-2026-11638: Use after free in Printing
- CVE-2026-11639: Use after free in Compositing
- CVE-2026-11640: Integer overflow in libyuv
- CVE-2026-11641: Use after free in Bluetooth
- CVE-2026-11642: Use after free in Web Apps
- CVE-2026-11643: Use after free in Proxy
- CVE-2026-11644: Use after free in Views
- CVE-2026-11645: Out of bounds memory access in V8
- CVE-2026-11646: Use after free in ViewTransitions
- CVE-2026-11647: Use after free in Printing
- CVE-2026-11648: Use after free in FullScreen
- CVE-2026-11649: Use after free in V8
- CVE-2026-11650: Use after free in V8
- CVE-2026-11651: Use after free in Network
- CVE-2026-11652: Use after free in Extensions
- CVE-2026-11653: Insufficient validation of untrusted input in Extensions
- CVE-2026-11654: Use after free in CameraCapture
- CVE-2026-11655: Integer overflow in Media
- CVE-2026-11656: Use after free in ServiceWorker
- CVE-2026-11657: Use after free in Payments
- CVE-2026-11658: Insufficient validation of untrusted input in Extensions
- CVE-2026-11659: Insufficient validation of untrusted input in UI
- CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11661: Use after free in Views
- CVE-2026-11662: Type Confusion in Bindings
- CVE-2026-11663: Use after free in Skia
- CVE-2026-11664: Use after free in Payments
- CVE-2026-11665: Out of bounds read in Dawn
- CVE-2026-11666: Insufficient validation of untrusted input in Input
- CVE-2026-11667: Out of bounds read in WebRTC
- CVE-2026-11668: Uninitialized Use in Codecs
- CVE-2026-11669: Integer overflow in Media
- CVE-2026-11670: Use after free in PDF
- CVE-2026-11671: Use after free in Navigation
- CVE-2026-11672: Out of bounds write in GPU
- CVE-2026-11673: Use after free in InterestGroups
- CVE-2026-11674: Use after free in Guest View
- CVE-2026-11675: Insufficient validation of untrusted input in Skia
- CVE-2026-11676: Insufficient validation of untrusted input in Dawn
- CVE-2026-11677: Race in Network
- CVE-2026-11678: Integer overflow in libyuv
- CVE-2026-11679: Use after free in Codecs
- CVE-2026-11680: Use after free in Media
- CVE-2026-11681: Use after free in Ozone
- CVE-2026-11682: Insufficient validation of untrusted input in Views
- CVE-2026-11683: Use after free in WebCodecs
- CVE-2026-11684: Insufficient policy enforcement in Network
- CVE-2026-11685: Insufficient data validation in MediaCapture
- CVE-2026-11686: Insufficient validation of untrusted input in Dawn
- CVE-2026-11687: Use after free in Dawn
- CVE-2026-11688: Object lifecycle issue in SVG
- CVE-2026-11689: Insufficient validation of untrusted input in Passwords
- CVE-2026-11690: Out of bounds read and write in Media
- CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11692: Use after free in Read Anything
- CVE-2026-11693: Inappropriate implementation in Plugins
- CVE-2026-11694: Use after free in ServiceWorker
- CVE-2026-11695: Inappropriate implementation in Passwords
- CVE-2026-11696: Uninitialized Use in Video
- CVE-2026-11697: Insufficient validation of untrusted input in UI
- CVE-2026-11698: Use after free in Bluetooth
- CVE-2026-11699: Use after free in Bluetooth
- CVE-2026-11700: Use after free in Tracing
- CVE-2026-11701: Insufficient validation of untrusted input in Guest View
chromium-149.0.7827.102-1.el9
FEDORA-EPEL-2026-0cafc6e293
Packages in this update:
- chromium-149.0.7827.102-1.el9
Update to 149.0.7827.102
- CVE-2026-11628: Use after free in Ozone
- CVE-2026-11629: Use after free in Ozone
- CVE-2026-11630: Use after free in File Input
- CVE-2026-11631: Use after free in Aura
- CVE-2026-11632: Use after free in TabStrip
- CVE-2026-11633: Use after free in Bluetooth
- CVE-2026-11634: Use after free in Gamepad
- CVE-2026-11635: Use after free in Bluetooth
- CVE-2026-11636: Use after free in Autofill
- CVE-2026-11637: Use after free in Views
- CVE-2026-11638: Use after free in Printing
- CVE-2026-11639: Use after free in Compositing
- CVE-2026-11640: Integer overflow in libyuv
- CVE-2026-11641: Use after free in Bluetooth
- CVE-2026-11642: Use after free in Web Apps
- CVE-2026-11643: Use after free in Proxy
- CVE-2026-11644: Use after free in Views
- CVE-2026-11645: Out of bounds memory access in V8
- CVE-2026-11646: Use after free in ViewTransitions
- CVE-2026-11647: Use after free in Printing
- CVE-2026-11648: Use after free in FullScreen
- CVE-2026-11649: Use after free in V8
- CVE-2026-11650: Use after free in V8
- CVE-2026-11651: Use after free in Network
- CVE-2026-11652: Use after free in Extensions
- CVE-2026-11653: Insufficient validation of untrusted input in Extensions
- CVE-2026-11654: Use after free in CameraCapture
- CVE-2026-11655: Integer overflow in Media
- CVE-2026-11656: Use after free in ServiceWorker
- CVE-2026-11657: Use after free in Payments
- CVE-2026-11658: Insufficient validation of untrusted input in Extensions
- CVE-2026-11659: Insufficient validation of untrusted input in UI
- CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11661: Use after free in Views
- CVE-2026-11662: Type Confusion in Bindings
- CVE-2026-11663: Use after free in Skia
- CVE-2026-11664: Use after free in Payments
- CVE-2026-11665: Out of bounds read in Dawn
- CVE-2026-11666: Insufficient validation of untrusted input in Input
- CVE-2026-11667: Out of bounds read in WebRTC
- CVE-2026-11668: Uninitialized Use in Codecs
- CVE-2026-11669: Integer overflow in Media
- CVE-2026-11670: Use after free in PDF
- CVE-2026-11671: Use after free in Navigation
- CVE-2026-11672: Out of bounds write in GPU
- CVE-2026-11673: Use after free in InterestGroups
- CVE-2026-11674: Use after free in Guest View
- CVE-2026-11675: Insufficient validation of untrusted input in Skia
- CVE-2026-11676: Insufficient validation of untrusted input in Dawn
- CVE-2026-11677: Race in Network
- CVE-2026-11678: Integer overflow in libyuv
- CVE-2026-11679: Use after free in Codecs
- CVE-2026-11680: Use after free in Media
- CVE-2026-11681: Use after free in Ozone
- CVE-2026-11682: Insufficient validation of untrusted input in Views
- CVE-2026-11683: Use after free in WebCodecs
- CVE-2026-11684: Insufficient policy enforcement in Network
- CVE-2026-11685: Insufficient data validation in MediaCapture
- CVE-2026-11686: Insufficient validation of untrusted input in Dawn
- CVE-2026-11687: Use after free in Dawn
- CVE-2026-11688: Object lifecycle issue in SVG
- CVE-2026-11689: Insufficient validation of untrusted input in Passwords
- CVE-2026-11690: Out of bounds read and write in Media
- CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11692: Use after free in Read Anything
- CVE-2026-11693: Inappropriate implementation in Plugins
- CVE-2026-11694: Use after free in ServiceWorker
- CVE-2026-11695: Inappropriate implementation in Passwords
- CVE-2026-11696: Uninitialized Use in Video
- CVE-2026-11697: Insufficient validation of untrusted input in UI
- CVE-2026-11698: Use after free in Bluetooth
- CVE-2026-11699: Use after free in Bluetooth
- CVE-2026-11700: Use after free in Tracing
- CVE-2026-11701: Insufficient validation of untrusted input in Guest View
chromium-149.0.7827.102-1.el10_3
FEDORA-EPEL-2026-af0dc4e356
Packages in this update:
- chromium-149.0.7827.102-1.el10_3
Update to 149.0.7827.102
- CVE-2026-11628: Use after free in Ozone
- CVE-2026-11629: Use after free in Ozone
- CVE-2026-11630: Use after free in File Input
- CVE-2026-11631: Use after free in Aura
- CVE-2026-11632: Use after free in TabStrip
- CVE-2026-11633: Use after free in Bluetooth
- CVE-2026-11634: Use after free in Gamepad
- CVE-2026-11635: Use after free in Bluetooth
- CVE-2026-11636: Use after free in Autofill
- CVE-2026-11637: Use after free in Views
- CVE-2026-11638: Use after free in Printing
- CVE-2026-11639: Use after free in Compositing
- CVE-2026-11640: Integer overflow in libyuv
- CVE-2026-11641: Use after free in Bluetooth
- CVE-2026-11642: Use after free in Web Apps
- CVE-2026-11643: Use after free in Proxy
- CVE-2026-11644: Use after free in Views
- CVE-2026-11645: Out of bounds memory access in V8
- CVE-2026-11646: Use after free in ViewTransitions
- CVE-2026-11647: Use after free in Printing
- CVE-2026-11648: Use after free in FullScreen
- CVE-2026-11649: Use after free in V8
- CVE-2026-11650: Use after free in V8
- CVE-2026-11651: Use after free in Network
- CVE-2026-11652: Use after free in Extensions
- CVE-2026-11653: Insufficient validation of untrusted input in Extensions
- CVE-2026-11654: Use after free in CameraCapture
- CVE-2026-11655: Integer overflow in Media
- CVE-2026-11656: Use after free in ServiceWorker
- CVE-2026-11657: Use after free in Payments
- CVE-2026-11658: Insufficient validation of untrusted input in Extensions
- CVE-2026-11659: Insufficient validation of untrusted input in UI
- CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11661: Use after free in Views
- CVE-2026-11662: Type Confusion in Bindings
- CVE-2026-11663: Use after free in Skia
- CVE-2026-11664: Use after free in Payments
- CVE-2026-11665: Out of bounds read in Dawn
- CVE-2026-11666: Insufficient validation of untrusted input in Input
- CVE-2026-11667: Out of bounds read in WebRTC
- CVE-2026-11668: Uninitialized Use in Codecs
- CVE-2026-11669: Integer overflow in Media
- CVE-2026-11670: Use after free in PDF
- CVE-2026-11671: Use after free in Navigation
- CVE-2026-11672: Out of bounds write in GPU
- CVE-2026-11673: Use after free in InterestGroups
- CVE-2026-11674: Use after free in Guest View
- CVE-2026-11675: Insufficient validation of untrusted input in Skia
- CVE-2026-11676: Insufficient validation of untrusted input in Dawn
- CVE-2026-11677: Race in Network
- CVE-2026-11678: Integer overflow in libyuv
- CVE-2026-11679: Use after free in Codecs
- CVE-2026-11680: Use after free in Media
- CVE-2026-11681: Use after free in Ozone
- CVE-2026-11682: Insufficient validation of untrusted input in Views
- CVE-2026-11683: Use after free in WebCodecs
- CVE-2026-11684: Insufficient policy enforcement in Network
- CVE-2026-11685: Insufficient data validation in MediaCapture
- CVE-2026-11686: Insufficient validation of untrusted input in Dawn
- CVE-2026-11687: Use after free in Dawn
- CVE-2026-11688: Object lifecycle issue in SVG
- CVE-2026-11689: Insufficient validation of untrusted input in Passwords
- CVE-2026-11690: Out of bounds read and write in Media
- CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
- CVE-2026-11692: Use after free in Read Anything
- CVE-2026-11693: Inappropriate implementation in Plugins
- CVE-2026-11694: Use after free in ServiceWorker
- CVE-2026-11695: Inappropriate implementation in Passwords
- CVE-2026-11696: Uninitialized Use in Video
- CVE-2026-11697: Insufficient validation of untrusted input in UI
- CVE-2026-11698: Use after free in Bluetooth
- CVE-2026-11699: Use after free in Bluetooth
- CVE-2026-11700: Use after free in Tracing
- CVE-2026-11701: Insufficient validation of untrusted input in Guest View
USN-8420-1: .NET vulnerabilities
It was discovered that .NET did not properly handle link resolution before
file access. A local attacker could use this issue to perform unauthorized
file tampering and write arbitrary files outside of the intended extraction
directory. (CVE-2026-45491)
It was discovered that .NET did not properly handle deeply-nested
MessagePack arrays. An attacker could use this to cause .NET to consume
excessive resources, resulting in a denial of service. (CVE-2026-45591)
kernel-7.0.12-201.fc44
FEDORA-2026-8b619eef6f
Packages in this update:
- kernel-7.0.12-201.fc44
The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs.
kernel-7.0.12-101.fc43
FEDORA-2026-75fcc75b5f
Packages in this update:
- kernel-7.0.12-101.fc43
The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs.