Aggregator

cef-146.0.9^chromium146.0.7680.164-1.fc43

3 days 10 hours ago
FEDORA-2026-a67eba175f Packages in this update:
  • cef-146.0.9^chromium146.0.7680.164-1.fc43
Update description:

Update to cef-146.0.9+g3ca6a87 + chromium 146.0.7680.164

  • High CVE-2026-4673: Heap buffer overflow in WebAudio
  • High CVE-2026-4674: Out of bounds read in CSS
  • High CVE-2026-4675: Heap buffer overflow in WebGL
  • High CVE-2026-4676: Use after free in Dawn
  • High CVE-2026-4677: Out of bounds read in WebAudio
  • High CVE-2026-4678: Use after free in WebGPU
  • High CVE-2026-4679: Integer overflow in Fonts
  • High CVE-2026-4680: Use after free in FedCM
  • CVE-2026-4439: Out of bounds memory access in WebGL
  • CVE-2026-4440: Out of bounds read and write in WebGL
  • CVE-2026-4441: Use after free in Base
  • CVE-2026-4442: Heap buffer overflow in CSS
  • CVE-2026-4443: Heap buffer overflow in WebAudio
  • CVE-2026-4444: Stack buffer overflow in WebRTC
  • CVE-2026-4445: Use after free in WebRTC
  • CVE-2026-4446: Use after free in WebRTC
  • CVE-2026-4447: Inappropriate implementation in V8
  • CVE-2026-4448: Heap buffer overflow in ANGLE
  • CVE-2026-4449: Use after free in Blink
  • CVE-2026-4450: Out of bounds write in V8
  • CVE-2026-4451: Insufficient validation of untrusted input in Navigation
  • CVE-2026-4452: Integer overflow in ANGLE
  • CVE-2026-4453: Integer overflow in Dawn
  • CVE-2026-4454: Use after free in Network
  • CVE-2026-4455: Heap buffer overflow in PDFium
  • CVE-2026-4456: Use after free in Digital Credentials API
  • CVE-2026-4457: Type Confusion in V8
  • CVE-2026-4458: Use after free in Extensions
  • CVE-2026-4459: Out of bounds read and write in WebAudio
  • CVE-2026-4460: Out of bounds read in Skia
  • CVE-2026-4461: Inappropriate implementation in V8
  • CVE-2026-4462: Out of bounds read in Blink
  • CVE-2026-4463: Heap buffer overflow in WebRTC
  • CVE-2026-4464: Integer overflow in ANGLE
  • CVE-2026-3909: Out of bounds write in Ski
  • CVE-2026-3909: Out of bounds write in Skia
  • CVE-2026-3910: Inappropriate implementation in V8
  • CVE-2026-3913: Heap buffer overflow in WebML
  • CVE-2026-3914: Integer overflow in WebML
  • CVE-2026-3915: Heap buffer overflow in WebML
  • CVE-2026-3916: Out of bounds read in Web Speech
  • CVE-2026-3917: Use after free in Agents
  • CVE-2026-3909: Out of bounds write in Skia
  • CVE-2026-3910: Inappropriate implementation in V8
  • CVE-2026-3913: Heap buffer overflow in WebML
  • CVE-2026-3914: Integer overflow in WebML
  • CVE-2026-3915: Heap buffer overflow in WebML
  • CVE-2026-3916: Out of bounds read in Web Speech
  • CVE-2026-3917: Use after free in Agents
  • CVE-2026-3918: Use after free in WebMCP
  • CVE-2026-3919: Use after free in Extensions
  • CVE-2026-3920: Out of bounds memory access in WebML
  • CVE-2026-3921: Use after free in TextEncoding
  • CVE-2026-3922: Use after free in MediaStream
  • CVE-2026-3923: Use after free in WebMIDI
  • CVE-2026-3924: Use after free in WindowDialog
  • CVE-2026-3925: Incorrect security UI in LookalikeChecks
  • CVE-2026-3926: Out of bounds read in V8
  • CVE-2026-3927: Incorrect security UI in PictureInPicture
  • CVE-2026-3928: Insufficient policy enforcement in Extensions
  • CVE-2026-3929: Side-channel information leakage in ResourceTiming
  • CVE-2026-3930: Unsafe navigation in Navigation
  • CVE-2026-3931: Heap buffer overflow in Skia
  • CVE-2026-3932: Insufficient policy enforcement in PDF
  • CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
  • CVE-2026-3935: Incorrect security UI in WebAppInstalls
  • CVE-2026-3936: Use after free in WebView
  • CVE-2026-3937: Incorrect security UI in Downloads
  • CVE-2026-3938: Insufficient policy enforcement in Clipboard
  • CVE-2026-3939: Insufficient policy enforcement in PDF
  • CVE-2026-3940: Insufficient policy enforcement in DevTools
  • CVE-2026-3941: Insufficient policy enforcement in DevTools
  • CVE-2026-3942: Incorrect security UI in PictureInPicture

cef-146.0.9^chromium146.0.7680.164-1.fc44

3 days 10 hours ago
FEDORA-2026-1d6da76bba Packages in this update:
  • cef-146.0.9^chromium146.0.7680.164-1.fc44
Update description:

Update to cef-146.0.9+g3ca6a87 + chromium 146.0.7680.164

  • High CVE-2026-4673: Heap buffer overflow in WebAudio
  • High CVE-2026-4674: Out of bounds read in CSS
  • High CVE-2026-4675: Heap buffer overflow in WebGL
  • High CVE-2026-4676: Use after free in Dawn
  • High CVE-2026-4677: Out of bounds read in WebAudio
  • High CVE-2026-4678: Use after free in WebGPU
  • High CVE-2026-4679: Integer overflow in Fonts
  • High CVE-2026-4680: Use after free in FedCM
  • CVE-2026-4439: Out of bounds memory access in WebGL
  • CVE-2026-4440: Out of bounds read and write in WebGL
  • CVE-2026-4441: Use after free in Base
  • CVE-2026-4442: Heap buffer overflow in CSS
  • CVE-2026-4443: Heap buffer overflow in WebAudio
  • CVE-2026-4444: Stack buffer overflow in WebRTC
  • CVE-2026-4445: Use after free in WebRTC
  • CVE-2026-4446: Use after free in WebRTC
  • CVE-2026-4447: Inappropriate implementation in V8
  • CVE-2026-4448: Heap buffer overflow in ANGLE
  • CVE-2026-4449: Use after free in Blink
  • CVE-2026-4450: Out of bounds write in V8
  • CVE-2026-4451: Insufficient validation of untrusted input in Navigation
  • CVE-2026-4452: Integer overflow in ANGLE
  • CVE-2026-4453: Integer overflow in Dawn
  • CVE-2026-4454: Use after free in Network
  • CVE-2026-4455: Heap buffer overflow in PDFium
  • CVE-2026-4456: Use after free in Digital Credentials API
  • CVE-2026-4457: Type Confusion in V8
  • CVE-2026-4458: Use after free in Extensions
  • CVE-2026-4459: Out of bounds read and write in WebAudio
  • CVE-2026-4460: Out of bounds read in Skia
  • CVE-2026-4461: Inappropriate implementation in V8
  • CVE-2026-4462: Out of bounds read in Blink
  • CVE-2026-4463: Heap buffer overflow in WebRTC
  • CVE-2026-4464: Integer overflow in ANGLE
  • CVE-2026-3909: Out of bounds write in Ski
  • CVE-2026-3909: Out of bounds write in Skia
  • CVE-2026-3910: Inappropriate implementation in V8
  • CVE-2026-3913: Heap buffer overflow in WebML
  • CVE-2026-3914: Integer overflow in WebML
  • CVE-2026-3915: Heap buffer overflow in WebML
  • CVE-2026-3916: Out of bounds read in Web Speech
  • CVE-2026-3917: Use after free in Agents
  • CVE-2026-3909: Out of bounds write in Skia
  • CVE-2026-3910: Inappropriate implementation in V8
  • CVE-2026-3913: Heap buffer overflow in WebML
  • CVE-2026-3914: Integer overflow in WebML
  • CVE-2026-3915: Heap buffer overflow in WebML
  • CVE-2026-3916: Out of bounds read in Web Speech
  • CVE-2026-3917: Use after free in Agents
  • CVE-2026-3918: Use after free in WebMCP
  • CVE-2026-3919: Use after free in Extensions
  • CVE-2026-3920: Out of bounds memory access in WebML
  • CVE-2026-3921: Use after free in TextEncoding
  • CVE-2026-3922: Use after free in MediaStream
  • CVE-2026-3923: Use after free in WebMIDI
  • CVE-2026-3924: Use after free in WindowDialog
  • CVE-2026-3925: Incorrect security UI in LookalikeChecks
  • CVE-2026-3926: Out of bounds read in V8
  • CVE-2026-3927: Incorrect security UI in PictureInPicture
  • CVE-2026-3928: Insufficient policy enforcement in Extensions
  • CVE-2026-3929: Side-channel information leakage in ResourceTiming
  • CVE-2026-3930: Unsafe navigation in Navigation
  • CVE-2026-3931: Heap buffer overflow in Skia
  • CVE-2026-3932: Insufficient policy enforcement in PDF
  • CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
  • CVE-2026-3935: Incorrect security UI in WebAppInstalls
  • CVE-2026-3936: Use after free in WebView
  • CVE-2026-3937: Incorrect security UI in Downloads
  • CVE-2026-3938: Insufficient policy enforcement in Clipboard
  • CVE-2026-3939: Insufficient policy enforcement in PDF
  • CVE-2026-3940: Insufficient policy enforcement in DevTools
  • CVE-2026-3941: Insufficient policy enforcement in DevTools
  • CVE-2026-3942: Incorrect security UI in PictureInPicture

USN-8136-1: Dovecot vulnerabilities

3 days 12 hours ago
It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-59028) It was discovered that Dovecot script decode2text.sh incorrectly handled zip files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-59031) It was discovered that Dovecot incorrectly handled certain AUTHENTICATE requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-59032) It was discovered that Dovecot incorrectly handled certain SQL based authentication. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 25.10. (CVE-2026-24031) It was discovered that Dovecot incorrectly handled certain LDAP based authentication. An attacker could possibly use this issue to bypass restrictions and allow probing of LDAP structure. This issue only affected Ubuntu 25.10. (CVE-2026-27860) It was discovered that Dovecot is vulnerable to replay attack under certain conditions. An attacker could possibly use this issue to bypass authentication. (CVE-2026-27855) It was discovered that Dovecot is vulnerable to a timing attack under certain conditions. An attacker could possibly use this issue to bypass authentication. (CVE-2026-27856) It was discovered that Dovecot incorrectly handled certain IMAP login requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27857) It was discovered that Dovecot incorrectly handled certain specially crafted messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27858) It was discovered that Dovecot incorrectly handled certain specially crafted mail messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-27859) It was discovered that Dovecot incorrectly handles file paths. A attacker could possibly use this issue to perform a path traversal and obtain or modify arbitrary files. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2026-0394)

python-pydicom-3.0.2-1.fc43

3 days 14 hours ago
FEDORA-2026-f5c971af6c Packages in this update:
  • python-pydicom-3.0.2-1.fc43
Update description:

Patch release for security advisory CVE-2026-32711. A crafted DICOMDIR could create a path traversal by setting ReferencedFileID to a path outside the File-set root.

python-pydicom-3.0.2-1.fc44

3 days 14 hours ago
FEDORA-2026-9eecdef4e0 Packages in this update:
  • python-pydicom-3.0.2-1.fc44
Update description:

Patch release for security advisory CVE-2026-32711. A crafted DICOMDIR could create a path traversal by setting ReferencedFileID to a path outside the File-set root.

roundcubemail-1.7~rc6-1.fc44

3 days 16 hours ago
FEDORA-2026-6d293b6889 Packages in this update:
  • roundcubemail-1.7~rc6-1.fc44
Update description:

Version 1.7-rc6

This is hopefully the last release candidate for the next major version 1.7 of Roundcube Webmail. It provides a fix to recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

We believe it is production ready, but we recommend to test it on a separate environment.

Migrate existing configs with either the installto.sh or the update.sh scripts.

And don't forget to backup your data before installing it!

CHANGELOG

  • Added support for arrays in smtp_user and smtp_pass config options (#10083)
  • Added system health checker CLI script (#10106)
  • Stricter recognition of an Ajax request (#10118)
  • Password: Added Stalwart driver (#10114)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.6.15-1.el10_2

3 days 16 hours ago
FEDORA-EPEL-2026-646aebe990 Packages in this update:
  • roundcubemail-1.6.15-1.el10_2
Update description:

Version 1.6.15

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.6.15-1.fc42

3 days 16 hours ago
FEDORA-2026-051825ca18 Packages in this update:
  • roundcubemail-1.6.15-1.fc42
Update description:

Version 1.6.15

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.6.15-1.el10_1

3 days 16 hours ago
FEDORA-EPEL-2026-82b702d826 Packages in this update:
  • roundcubemail-1.6.15-1.el10_1
Update description:

Version 1.6.15

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.6.15-1.el10_3

3 days 16 hours ago
FEDORA-EPEL-2026-f7a0d90857 Packages in this update:
  • roundcubemail-1.6.15-1.el10_3
Update description:

Version 1.6.15

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.6.15-1.fc43

3 days 16 hours ago
FEDORA-2026-8ba1a085a9 Packages in this update:
  • roundcubemail-1.6.15-1.fc43
Update description:

Version 1.6.15

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

roundcubemail-1.5.15-1.el9

3 days 16 hours ago
FEDORA-EPEL-2026-bf73d904ba Packages in this update:
  • roundcubemail-1.5.15-1.el9
Update description:

Version 1.5.15

This is a security update to the stable version 1.5 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.5.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix so distribution packages (and composer.json) don't include development dependencies
  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke

USN-8135-1: Pillow vulnerabilities

3 days 21 hours ago
It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-25287, CVE-2021-25288) It was discovered that Pillow did not correctly handle certain integer arithmetic, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-25290) It was discovered that Pillow did not correctly perform bounds checking for certain operations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-28675, CVE-2021-28676, CVE-2021-28677) It was discovered that Pillow did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-44271) It was discovered that Pillow did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-50447)