Aggregator

chromium-147.0.7727.137-1.fc44

Fedora Security Advisories
6 days 11 hours ago
FEDORA-2026-f5ed344d5c Packages in this update:
  • chromium-147.0.7727.137-1.fc44
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.fc43

Fedora Security Advisories
6 days 11 hours ago
FEDORA-2026-af3f470d38 Packages in this update:
  • chromium-147.0.7727.137-1.fc43
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

chromium-147.0.7727.137-1.fc42

Fedora Security Advisories
6 days 11 hours ago
FEDORA-2026-36fb406407 Packages in this update:
  • chromium-147.0.7727.137-1.fc42
Update description:

The updates include fixes for:

  • Critical CVE-2026-7363: Use after free in Canvas
  • Critical CVE-2026-7361: Use after free in iOS
  • Critical CVE-2026-7344: Use after free in Accessibility
  • Critical CVE-2026-7343: Use after free in Views
  • High CVE-2026-7333: Use after free in GPU
  • High CVE-2026-7360: Insufficient validation of untrusted input in Compositing
  • High CVE-2026-7359: Use after free in ANGLE
  • High CVE-2026-7358: Use after free in Animation
  • High CVE-2026-7334: Use after free in Views
  • High CVE-2026-7357: Use after free in GPU
  • High CVE-2026-7356: Use after free in Navigation
  • High CVE-2026-7354: Out of bounds read and write in Angle
  • High CVE-2026-7353: Heap buffer overflow in Skia
  • High CVE-2026-7352: Use after free in Media
  • High CVE-2026-7351: Race in MHTML
  • High CVE-2026-7350: Use after free in WebMIDI
  • High CVE-2026-7349: Use after free in Cast
  • High CVE-2026-7348: Use after free in Codecs
  • High CVE-2026-7335: Use after free in media
  • High CVE-2026-7336: Use after free in WebRTC
  • High CVE-2026-7337: Type Confusion in V8
  • High CVE-2026-7347: Use after free in Chromoting
  • High CVE-2026-7346: Inappropriate implementation in Tint
  • High CVE-2026-7345: Insufficient validation of untrusted input in Feedback
  • High CVE-2026-7338: Use after free in Cast
  • High CVE-2026-7342: Use after free in WebView
  • High CVE-2026-7341: Use after free in WebRTC
  • Medium CVE-2026-7339: Heap buffer overflow in WebRTC
  • Medium CVE-2026-7340: Integer overflow in ANGLE
  • Medium CVE-2026-7355: Use after free in Media

proftpd-1.3.8d-2.el9

Fedora Security Advisories
6 days 12 hours ago
FEDORA-EPEL-2026-dc2b6d40bc Packages in this update:
  • proftpd-1.3.8d-2.el9
Update description:

This update fixes a potential SQL injection via mod_sql (CVE-2026-42167).

The mod_sql module is not enabled by default.

USN-8225-1: Python marshmallow vulnerabilities

Ubuntu Security Advisories
6 days 17 hours ago
Jared Deckard discovered that Python marshmallow did not correctly handle hiding certain fields. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-17175) It was discovered that Python marshmallow did not efficiently handle merging certain objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2025-68480)

xen-4.19.5-2.fc42

Fedora Security Advisories
6 days 23 hours ago
FEDORA-2026-0c9aff64a5 Packages in this update:
  • xen-4.19.5-2.fc42
Update description:

oxenstored keeps quota related use counts across domain destruction [XSA-483, CVE-2026-23556] Xenstored DoS via XS_RESET_WATCHES command [XSA-484, CVE-2026-23557] grant table v2 race in status page mapping [XSA-486, CVE-2026-23558] x86: Floating Point Divider State Sampling [XSA-488, CVE-2025-54505]

xen-4.20.3-2.fc43

Fedora Security Advisories
6 days 23 hours ago
FEDORA-2026-78cd69d9ae Packages in this update:
  • xen-4.20.3-2.fc43
Update description:

oxenstored keeps quota related use counts across domain destruction [XSA-483, CVE-2026-23556] Xenstored DoS via XS_RESET_WATCHES command [XSA-484, CVE-2026-23557] grant table v2 race in status page mapping [XSA-486, CVE-2026-23558] x86: Floating Point Divider State Sampling [XSA-488, CVE-2025-54505]

perl-Starman-0.4018-1.fc44

Fedora Security Advisories
6 days 23 hours ago
FEDORA-2026-5bb108e1b7 Packages in this update:
  • perl-Starman-0.4018-1.fc44
Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

perl-Starman-0.4018-1.fc43

Fedora Security Advisories
6 days 23 hours ago
FEDORA-2026-b94aad33a5 Packages in this update:
  • perl-Starman-0.4018-1.fc43
Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

perl-Starman-0.4018-1.fc42

Fedora Security Advisories
6 days 23 hours ago
FEDORA-2026-4cca750484 Packages in this update:
  • perl-Starman-0.4018-1.fc42
Update description:

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse proxy.

This package updates Starman to 0.4018 where Transfer-Encoding now takes precedence over Content-Length.

pyOpenSSL-26.1.0-1.fc44

Fedora Security Advisories
1 week ago
FEDORA-2026-05d463c932 Packages in this update:
  • pyOpenSSL-26.1.0-1.fc44
Update description:

Update to pyOpenSSL 26.1.0

This update adds support for cryptography v47 and fixes a single security issue:

  • Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475

pyOpenSSL-26.1.0-1.fc43

Fedora Security Advisories
1 week ago
FEDORA-2026-bc62ef0a6a Packages in this update:
  • pyOpenSSL-26.1.0-1.fc43
Update description:

Update to pyOpenSSL 26.1.0

This update adds support for cryptography v47 and fixes a single security issue:

  • Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475

kryoptic-1.5.0-2.fc45 pyOpenSSL-26.1.0-1.fc45 python-cryptography-47.0.0-1.fc45 rust-asn1-0.24.1-1.fc45 rust-asn1_derive-0.24.1-1.fc45

Fedora Security Advisories
1 week ago
FEDORA-2026-13a0c86ba1 Packages in this update:
  • kryoptic-1.5.0-2.fc45
  • pyOpenSSL-26.1.0-1.fc45
  • python-cryptography-47.0.0-1.fc45
  • rust-asn1-0.24.1-1.fc45
  • rust-asn1_derive-0.24.1-1.fc45
Update description:

Update python-cryptography to 47.0.0

As a result, rust-asn1 is bumped to 0.24, and pyOpenSSL is bumped to 26.1. kryoptic is rebuilt with a patch to support asn1 0.24.

pyOpenSSL 26.1 contains a fix for CVE-2026-40475

USN-8223-1: Roundcube Webmail vulnerabilities

Ubuntu Security Advisories
1 week ago
It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. (CVE-2019-15237) It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and certain SVG attributes. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2024-38356, CVE-2024-38357) It was discovered that Roundcube Webmail did not properly sanitize certain HTML attributes when rendering e-mail messages. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2024-42008) It was discovered that Roundcube Webmail did not properly filter certain CSS token sequences within rendered e-mail messages. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-42010) It was discovered that Roundcube Webmail did not properly treat an SVG tag as an image source within its HTML sanitizer. An attacker could possibly use this issue to bypass remote image blocking to track email open actions or potentially bypass access control. (CVE-2026-25916) It was discovered that Roundcube Webmail did not properly handle comments within Cascading Style Sheets (CSS). An attacker could possibly use this issue to perform a CSS injection attack. (CVE-2026-26079)

krb5-1.22.2-4.fc43

Fedora Security Advisories
1 week ago
FEDORA-2026-684396998a Packages in this update:
  • krb5-1.22.2-4.fc43
Update description:
  • Fix NegoEx parsing vulnerabilities (CVE-2026-40355, CVE-2026-40356)
  • Add upstream patches to build against openssl 4.0
  • Make configure.ac work with autoconf 2.73

krb5-1.22.2-4.fc44

Fedora Security Advisories
1 week ago
FEDORA-2026-8b43ea2f82 Packages in this update:
  • krb5-1.22.2-4.fc44
Update description:
  • Fix NegoEx parsing vulnerabilities (CVE-2026-40355, CVE-2026-40356)
  • Add upstream patches to build against openssl 4.0
  • Make configure.ac work with autoconf 2.73

USN-8224-1: Linux kernel (BlueField) vulnerabilities

Ubuntu Security Advisories
1 week ago
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - BTRFS file system; - XFRM subsystem; - Padata parallel execution mechanism; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Network traffic control; - SMC sockets; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49046, CVE-2022-49698, CVE-2024-46816, CVE-2024-49927, CVE-2024-56640, CVE-2025-21726, CVE-2025-21780, CVE-2025-37849, CVE-2025-40019, CVE-2025-40215, CVE-2026-23060, CVE-2026-23074)