6 days 20 hours ago
FEDORA-2026-ced72ab158
Packages in this update:
Update description:
This update provides various security fixes.
- Buffer overflow in scanf %mc (CVE-2026-5450)
- ns_sprintrrf buffer overreads (CVE-2026-6238)
- ns_sprintrrf buffer overflow in TSIG record processing (CVE-2026-5435)
- Memory corruption in ungetwc (CVE-2026-5928)
- Assertion failure in iconv with IBM1390, IBM1399 charsets (CVE-2026-4046)
1 week ago
USN-8226-1 added a mitigation to kmod to disable loading the algif_aead
module. This update adds the same mitigation to Ubuntu 14.04 LTS,
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that the Linux kernel algif_aead module contained a logic
flaw allowing a local attacker to escalate privileges to root. This update
to the kmod package disables loading the algif_aead module as a measure to
mitigate the issue until kernel updates are made available.
See the following URL for more information
https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
1 week ago
It was discovered that the Linux kernel algif_aead module contained a logic
flaw allowing a local attacker to escalate privileges to root. This update
to the kmod package disables loading the algif_aead module as a measure to
mitigate the issue until kernel updates are made available.
See the following URL for more information
https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
1 week ago
FEDORA-2026-593d463bbf
Packages in this update:
Update description:
Update to uriparser-1.0.1.
1 week ago
FEDORA-2026-57515ed8b1
Packages in this update:
Update description:
Update to uriparser-1.0.1.
1 week ago
FEDORA-2026-6b0a579131
Packages in this update:
Update description:
Update to uriparser-1.0.1.
1 week ago
FEDORA-EPEL-2026-c2b734f274
Packages in this update:
- chromium-147.0.7727.137-1.el10_3
Update description:
The updates include fixes for:
- Critical CVE-2026-7363: Use after free in Canvas
- Critical CVE-2026-7361: Use after free in iOS
- Critical CVE-2026-7344: Use after free in Accessibility
- Critical CVE-2026-7343: Use after free in Views
- High CVE-2026-7333: Use after free in GPU
- High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
- High CVE-2026-7359: Use after free in ANGLE
- High CVE-2026-7358: Use after free in Animation
- High CVE-2026-7334: Use after free in Views
- High CVE-2026-7357: Use after free in GPU
- High CVE-2026-7356: Use after free in Navigation
- High CVE-2026-7354: Out of bounds read and write in Angle
- High CVE-2026-7353: Heap buffer overflow in Skia
- High CVE-2026-7352: Use after free in Media
- High CVE-2026-7351: Race in MHTML
- High CVE-2026-7350: Use after free in WebMIDI
- High CVE-2026-7349: Use after free in Cast
- High CVE-2026-7348: Use after free in Codecs
- High CVE-2026-7335: Use after free in media
- High CVE-2026-7336: Use after free in WebRTC
- High CVE-2026-7337: Type Confusion in V8
- High CVE-2026-7347: Use after free in Chromoting
- High CVE-2026-7346: Inappropriate implementation in Tint
- High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
- High CVE-2026-7338: Use after free in Cast
- High CVE-2026-7342: Use after free in WebView
- High CVE-2026-7341: Use after free in WebRTC
- Medium CVE-2026-7339: Heap buffer overflow in WebRTC
- Medium CVE-2026-7340: Integer overflow in ANGLE
- Medium CVE-2026-7355: Use after free in Media
1 week ago
FEDORA-EPEL-2026-1a398e4f20
Packages in this update:
- chromium-147.0.7727.137-1.el10_1
Update description:
The updates include fixes for:
- Critical CVE-2026-7363: Use after free in Canvas
- Critical CVE-2026-7361: Use after free in iOS
- Critical CVE-2026-7344: Use after free in Accessibility
- Critical CVE-2026-7343: Use after free in Views
- High CVE-2026-7333: Use after free in GPU
- High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
- High CVE-2026-7359: Use after free in ANGLE
- High CVE-2026-7358: Use after free in Animation
- High CVE-2026-7334: Use after free in Views
- High CVE-2026-7357: Use after free in GPU
- High CVE-2026-7356: Use after free in Navigation
- High CVE-2026-7354: Out of bounds read and write in Angle
- High CVE-2026-7353: Heap buffer overflow in Skia
- High CVE-2026-7352: Use after free in Media
- High CVE-2026-7351: Race in MHTML
- High CVE-2026-7350: Use after free in WebMIDI
- High CVE-2026-7349: Use after free in Cast
- High CVE-2026-7348: Use after free in Codecs
- High CVE-2026-7335: Use after free in media
- High CVE-2026-7336: Use after free in WebRTC
- High CVE-2026-7337: Type Confusion in V8
- High CVE-2026-7347: Use after free in Chromoting
- High CVE-2026-7346: Inappropriate implementation in Tint
- High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
- High CVE-2026-7338: Use after free in Cast
- High CVE-2026-7342: Use after free in WebView
- High CVE-2026-7341: Use after free in WebRTC
- Medium CVE-2026-7339: Heap buffer overflow in WebRTC
- Medium CVE-2026-7340: Integer overflow in ANGLE
- Medium CVE-2026-7355: Use after free in Media
1 week ago
FEDORA-EPEL-2026-eaa2514539
Packages in this update:
- chromium-147.0.7727.137-1.el9
Update description:
The updates include fixes for:
- Critical CVE-2026-7363: Use after free in Canvas
- Critical CVE-2026-7361: Use after free in iOS
- Critical CVE-2026-7344: Use after free in Accessibility
- Critical CVE-2026-7343: Use after free in Views
- High CVE-2026-7333: Use after free in GPU
- High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
- High CVE-2026-7359: Use after free in ANGLE
- High CVE-2026-7358: Use after free in Animation
- High CVE-2026-7334: Use after free in Views
- High CVE-2026-7357: Use after free in GPU
- High CVE-2026-7356: Use after free in Navigation
- High CVE-2026-7354: Out of bounds read and write in Angle
- High CVE-2026-7353: Heap buffer overflow in Skia
- High CVE-2026-7352: Use after free in Media
- High CVE-2026-7351: Race in MHTML
- High CVE-2026-7350: Use after free in WebMIDI
- High CVE-2026-7349: Use after free in Cast
- High CVE-2026-7348: Use after free in Codecs
- High CVE-2026-7335: Use after free in media
- High CVE-2026-7336: Use after free in WebRTC
- High CVE-2026-7337: Type Confusion in V8
- High CVE-2026-7347: Use after free in Chromoting
- High CVE-2026-7346: Inappropriate implementation in Tint
- High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
- High CVE-2026-7338: Use after free in Cast
- High CVE-2026-7342: Use after free in WebView
- High CVE-2026-7341: Use after free in WebRTC
- Medium CVE-2026-7339: Heap buffer overflow in WebRTC
- Medium CVE-2026-7340: Integer overflow in ANGLE
- Medium CVE-2026-7355: Use after free in Media
1 week ago
FEDORA-EPEL-2026-70912890f2
Packages in this update:
- chromium-147.0.7727.137-1.el10_2
Update description:
The updates include fixes for:
- Critical CVE-2026-7363: Use after free in Canvas
- Critical CVE-2026-7361: Use after free in iOS
- Critical CVE-2026-7344: Use after free in Accessibility
- Critical CVE-2026-7343: Use after free in Views
- High CVE-2026-7333: Use after free in GPU
- High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
- High CVE-2026-7359: Use after free in ANGLE
- High CVE-2026-7358: Use after free in Animation
- High CVE-2026-7334: Use after free in Views
- High CVE-2026-7357: Use after free in GPU
- High CVE-2026-7356: Use after free in Navigation
- High CVE-2026-7354: Out of bounds read and write in Angle
- High CVE-2026-7353: Heap buffer overflow in Skia
- High CVE-2026-7352: Use after free in Media
- High CVE-2026-7351: Race in MHTML
- High CVE-2026-7350: Use after free in WebMIDI
- High CVE-2026-7349: Use after free in Cast
- High CVE-2026-7348: Use after free in Codecs
- High CVE-2026-7335: Use after free in media
- High CVE-2026-7336: Use after free in WebRTC
- High CVE-2026-7337: Type Confusion in V8
- High CVE-2026-7347: Use after free in Chromoting
- High CVE-2026-7346: Inappropriate implementation in Tint
- High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
- High CVE-2026-7338: Use after free in Cast
- High CVE-2026-7342: Use after free in WebView
- High CVE-2026-7341: Use after free in WebRTC
- Medium CVE-2026-7339: Heap buffer overflow in WebRTC
- Medium CVE-2026-7340: Integer overflow in ANGLE
- Medium CVE-2026-7355: Use after free in Media
1 week ago
FEDORA-2026-549ee32ea1
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
FEDORA-EPEL-2026-bae7252e3a
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
FEDORA-2026-739d341ab8
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
FEDORA-2026-bdb9342c72
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
FEDORA-EPEL-2026-dcd5085f2b
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
FEDORA-EPEL-2026-13fd784361
Packages in this update:
Update description:
Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.
1 week ago
Aaron Rainbolt discovered that zuluCrypt used insecure PolicyKit
settings in zuluPolkit. An attacker could possibly use this issue to
cause local privilege escalation to root. (CVE-2025-53391)
1 week ago
FEDORA-2026-e3f870229a
Packages in this update:
Update description:
Update to version 22.22.2
1 week ago
FEDORA-2026-3b76d8047d
Packages in this update:
Update description:
Update to version 22.22.2
1 week ago
Version:next-20260430 (linux-next)
Released:2026-04-30
