Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
89

Fedora 43 Attr Critical Symlink Escalation Fix CVE-2026-54371

rebase to v2.6.0 to fix CVE-2026-54371. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b85570f8e4 2026-07-13 01:03:16.984289+00:00 -------------------------------------------------------------------------------- Name : attr Product : Fedora 43 Version : 2.6.0 Release : 1.fc43 URL : https://savannah.nongnu.org/projects/attr Summary : Utilities for managing filesystem extended attributes Description : A set of tools for manipulating extended attributes on filesystem objects, in particular getfattr(1) and setfattr(1). An attr(1) command is also provided which is largely compatible with the SGI IRIX tool of the same name. -------------------------------------------------------------------------------- Update Information: rebase to v2.6.0 to fix CVE-2026-54371 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Lukáš Zaoral - 2.6.0-1 - rebase to v2.6.0 to fix the following CVEs: - CVE-2026-54371 - Symlink Traversal Privilege Escalation via getfattr (rhbz#2494172) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494172 - CVE-2026-54371 attr: Symlink Traversal Privilege Escalation via getfattr [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494172 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b85570f8e4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 43 to fixCVE-2026-54371 affecting attr utility to prevent privilege escalation.. Fedora update, attr utility, privilege escalation, symlink traversal, system security. . LinuxSecurity.com Team

Calendar%202 Jul 12, 2026 Fedora
89

Fedora 43 ACL Critical Symlink Escalation Fix CVE-2026-54369 CVE-2026-54370

rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-67504c329b 2026-07-13 01:03:16.984286+00:00 -------------------------------------------------------------------------------- Name : acl Product : Fedora 43 Version : 2.4.0 Release : 1.fc43 URL : https://savannah.nongnu.org/projects/acl Summary : Access control list utilities Description : This package contains the getfacl and setfacl utilities needed for manipulating access control lists. -------------------------------------------------------------------------------- Update Information: rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Lukáš Zaoral - 2.4.0-1 - rebase to v2.4.0 to fix the following CVEs: - CVE-2026-54369 - Symlink traversal privilege escalation via libacl functions - CVE-2026-54370 - TOCTOU Symlink Traversal via getfacl/setfacl -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494173 - CVE-2026-54370 acl: TOCTOU Symlink Traversal via getfacl/setfacl [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494173 [ 2 ] Bug #2494174 - CVE-2026-54369 acl: Symlink traversal privilege escalation via libacl functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494174 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-67504c329b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key.More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . This advisory reports critical updates for ACL on Fedora 43, addressing symlink traversal risks with CVE-2026-54369 and CVE-2026-54370.. Access Control List, Fedora security, Symlink Escalation, Critical updates. . LinuxSecurity.com Team

Calendar%202 Jul 12, 2026 Fedora
89

Fedora 44 python-dulwich Critical CVE Fixes for Arbitrary File Write

1.2.9, CVE fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fbd55e52fb 2026-07-12 01:10:38.798647+00:00 -------------------------------------------------------------------------------- Name : python-dulwich Product : Fedora 44 Version : 1.2.9 Release : 1.fc44 URL : https://www.dulwich.io/ Summary : Python implementation of the Git file formats and protocols Description : Dulwich is a Python implementation of the Git file formats and protocols. The project is named after the village in which Mr. and Mrs. Git live in the Monty Python sketch. -------------------------------------------------------------------------------- Update Information: 1.2.9, CVE fixes -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Gwyn Ciesla - 1.2.9-1 - 1.2.9 * Mon Jul 6 2026 Gwyn Ciesla - 1.2.8-1 - 1.2.8 * Tue Jun 30 2026 Gwyn Ciesla - 1.2.7-1 - 1.2.7 * Tue Jun 30 2026 Benjamin A. Beasley - 1.2.6-3 - Allow PyO3 0.29 - Update the `License` expression * Thu Jun 4 2026 Python Maint - 1.2.6-2 - Rebuilt for Python 3.15 * Tue Jun 2 2026 Gwyn Ciesla - 1.2.6-1 - 1.2.6 * Fri May 29 2026 Gwyn Ciesla - 1.2.5-1 - 1.2.5 * Thu May 21 2026 Gwyn Ciesla - 1.2.3-1 - 1.2.3 * Wed Apr 29 2026 Gwyn Ciesla - 1.2.1-1 - 1.2.1 * Thu Apr 23 2026 Gwyn Ciesla - 1.2.0-1 - 1.2.0 * Wed Feb 18 2026 Gwyn Ciesla - 1.1.0-1 - 1.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487904 - CVE-2026-47712 python-dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487904 [ 2 ] Bug #2487907 - CVE-2026-47734 python-dulwich: Dulwich: Denial of Service via crafted Git thin pack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487907 [ 3 ] Bug #2498479 -CVE-2026-42305 python-dulwich: Dulwich: Remote Code Execution via Malicious Git Repository [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498479 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fbd55e52fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . This advisory covers security fixes for Fedora 44 python-dulwich addressing multiple critical exploits.. python dulwich advisory, fedora update, security notification. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Fedora 44 webkitgtk Important Security Fix 2026-3bc4b3ccb3

Fire scrollend event for instant programmatic scrolls. Increase network idle connection timeout to 115 seconds. Fix several crashes and rendering issues. Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712,. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3bc4b3ccb3 2026-07-12 01:10:38.798641+00:00 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 44 Version : 2.52.5 Release : 1.fc44 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Fire scrollend event for instant programmatic scrolls. Increase network idle connection timeout to 115 seconds. Fix several crashes and rendering issues. Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712, CVE-2026-43713, CVE-2026-43715, CVE-2026-43716, CVE-2026-43720, CVE-2026-43721, CVE-2026-43725, CVE-2026-43726, CVE-2026-43727, CVE-2026-43731, CVE-2026-43732, CVE-2026-43734, CVE-2026-43740, CVE-2026-43742, CVE-2026-43745 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Michael Catanzaro - 2.52.5-1 - Update to 2.52.5 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3bc4b3ccb3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . This update for Fedora 44 addresses security flaws in webkitgtk, ensuring better performance and stability. Immediate action recommended.. Fedora security advisory, webkitgtk update, CVE security patch. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Fedora 44 python-idna Important Denial of Service Fix 2026-822c07add4

Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-822c07add4 2026-07-12 01:10:38.798638+00:00 -------------------------------------------------------------------------------- Name : python-idna Product : Fedora 44 Version : 3.18 Release : 1.fc44 URL : https://github.com/kjd/idna Summary : Internationalized Domain Names in Applications (IDNA) Description : A library to support the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891 . This version of the protocol is often referred to as "IDNA2008" and can produce different results from the earlier standard from 2003. The library is also intended to act as a suitable drop-in replacement for the "encodings.idna" module that comes with the Python standard library but currently only supports the older 2003 specification. -------------------------------------------------------------------------------- Update Information: Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2026 Lumir Balhar - 3.18-1 - Update to 3.18 (rhbz#2483976) * Wed Jun 3 2026 Python Maint - 3.17-2 - Rebuilt for Python 3.15 * Sun May 31 2026 Lumir Balhar - 3.17-1 - Update to 3.17 (rhbz#2480667) * Wed May 13 2026 Lumir Balhar - 3.15-1 - Update to 3.15 (rhbz#2476912) * Mon May 11 2026 Lumir Balhar - 3.14-1 - Update to 3.14 (rhbz#2468686) * Thu Apr 23 2026 Lumir Balhar - 3.13-1 - Update to 3.13 (rhbz#2460821) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2498560 - CVE-2026-45409 python-idna: idna: Denial of Service via specially crafted long inputs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498560 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-822c07add4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Install latest python-idna for critical fixes including DoS vulnerabilities, ensuring application stability and security.. python-idna security update, Fedora security advisory, DoS vulnerabilities, python-idna update, python-idna Denial of Service. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Fedora 44 p11-kit Important Stack Exhaustion RPC Attribute CVE-2026-13757

server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757) fixed confusing error message when trying to store an existing cert with trust anchor fixed assert when parsing p11-kit files with value ("). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-695fd36daa 2026-07-12 01:10:38.798644+00:00 -------------------------------------------------------------------------------- Name : p11-kit Product : Fedora 44 Version : 0.26.4 Release : 1.fc44 URL : http://p11-glue.freedesktop.org/p11-kit.html Summary : Library for loading and sharing PKCS#11 modules Description : p11-kit provides a way to load and enumerate PKCS#11 modules, as well as a standard configuration setup for installing PKCS#11 modules in such a way that they're discoverable. -------------------------------------------------------------------------------- Update Information: server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757) fixed confusing error message when trying to store an existing cert with trust anchor fixed assert when parsing p11-kit files with value (") fixed numerous memory management issues Build and test fixes Updated translations -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 10 2026 Packit - 0.26.4-1 - Update to 0.26.4 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494560 - CVE-2026-13757 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494560 [ 2 ] Bug #2498946 - p11-kit-0.26.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2498946 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-695fd36daa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . A Fedora 44 advisory fixing stack exhaustion and memory management issues in p11-kit to enhance security and functionality.. Fedora advisory, p11-kit update, stack exhaustion fix, security update. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Rising Concerns About Use After Free Vulnerabilities in Fedora 44 Chromium

Update to 150.0.7871.114 * CVE-2026-15112: Use after free in Ozone * CVE-2026-15129: Use after free in Views * CVE-2026-15132: Uninitialized Use in V8 * CVE-2026-15133: Use after free in InterestGroups. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7e82bf89f4 2026-07-12 01:10:38.798635+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 44 Version : 150.0.7871.114 Release : 1.fc44 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 150.0.7871.114 * CVE-2026-15112: Use after free in Ozone * CVE-2026-15129: Use after free in Views * CVE-2026-15132: Uninitialized Use in V8 * CVE-2026-15133: Use after free in InterestGroups * CVE-2026-15108: Integer overflow in Extensions API * CVE-2026-15109: Uninitialized Use in ANGLE * CVE-2026-15110: Use after free in Extensions * CVE-2026-15111: Use after free in Views * CVE-2026-15113: Use after free in Autofill * CVE-2026-15114: Out of bounds read and write in Codecs * CVE-2026-15115: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-15116: Use after free in Actor * CVE-2026-15117: Use after free in Payments * CVE-2026-15118: Use after free in Input * CVE-2026-15119: Inappropriate implementation in GetUserMedia * CVE-2026-15120: Use after free in Core * CVE-2026-15121: Use after free in WebRTC * CVE-2026-15122: Insufficient validation of untrusted input in Codecs * CVE-2026-15123: Insufficient data validation in DOM * CVE-2026-15124: Insufficient policy enforcement in Passwords * CVE-2026-15125: Inappropriate implementation in Forms *CVE-2026-15126: Use after free in Forms * CVE-2026-15127: Inappropriate implementation in WebGL * CVE-2026-15128: Inappropriate implementation in Forms * CVE-2026-15130: Insufficient policy enforcement in Navigation * CVE-2026-15107: Use after free in IndexedDB * CVE-2026-15131: Insufficient data validation in Navigation -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Than Ngo - 150.0.7871.114-1 - Update to 150.0.7871.114 * CVE-2026-15112: Use after free in Ozone * CVE-2026-15129: Use after free in Views * CVE-2026-15132: Uninitialized Use in V8 * CVE-2026-15133: Use after free in InterestGroups * CVE-2026-15108: Integer overflow in Extensions API * CVE-2026-15109: Uninitialized Use in ANGLE * CVE-2026-15110: Use after free in Extensions * CVE-2026-15111: Use after free in Views * CVE-2026-15113: Use after free in Autofill * CVE-2026-15114: Out of bounds read and write in Codecs * CVE-2026-15115: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-15116: Use after free in Actor * CVE-2026-15117: Use after free in Payments * CVE-2026-15118: Use after free in Input * CVE-2026-15119: Inappropriate implementation in GetUserMedia * CVE-2026-15120: Use after free in Core * CVE-2026-15121: Use after free in WebRTC * CVE-2026-15122: Insufficient validation of untrusted input in Codecs * CVE-2026-15123: Insufficient data validation in DOM * CVE-2026-15124: Insufficient policy enforcement in Passwords * CVE-2026-15125: Inappropriate implementation in Forms * CVE-2026-15126: Use after free in Forms * CVE-2026-15127: Inappropriate implementation in WebGL * CVE-2026-15128: Inappropriate implementation in Forms * CVE-2026-15130: Insufficient policy enforcement in Navigation * CVE-2026-15107: Use after free in IndexedDB * CVE-2026-15131: Insufficient data validation inNavigation -------------------------------------------------------------------------------- References: [ 1 ] Bug #2498397 - CVE-2026-15108 CVE-2026-15109 CVE-2026-15110 CVE-2026-15111 CVE-2026-15112 CVE-2026-15113 CVE-2026-15114 CVE-2026-15115 CVE-2026-15116 CVE-2026-15117 CVE-2026-15118 CVE-2026-15119 CVE-2026-15120 CVE-2026-15121 ... chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498397 [ 2 ] Bug #2498398 - CVE-2026-15108 CVE-2026-15109 CVE-2026-15110 CVE-2026-15111 CVE-2026-15112 CVE-2026-15113 CVE-2026-15114 CVE-2026-15115 CVE-2026-15116 CVE-2026-15117 CVE-2026-15118 CVE-2026-15119 CVE-2026-15120 CVE-2026-15121 ... chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498398 [ 3 ] Bug #2498404 - CVE-2026-15126 chromium: Google Chrome Forms: Arbitrary code execution via use-after-free vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498404 [ 4 ] Bug #2498405 - CVE-2026-15126 chromium: Google Chrome Forms: Arbitrary code execution via use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498405 [ 5 ] Bug #2498407 - CVE-2026-15107 chromium: Google Chrome: Arbitrary code execution via use after free in IndexedDB [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498407 [ 6 ] Bug #2498408 - CVE-2026-15107 chromium: Google Chrome: Arbitrary code execution via use after free in IndexedDB [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498408 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7e82bf89f4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical updates for Fedora 44's Chromium resolve numerous use after free issues and integer overflow vulnerabilities.. Fedora 44 Chromium Security Update, Use After Free Vulnerability, Open Source Browser Security. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Fedora 44 xorg-x11-server Important CVE Fixes 2026-28b7854014

Update to xserver 21.1.24, fixes for: CVE-2026-55999, CVE-2025-56000. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-28b7854014 2026-07-12 01:10:38.798625+00:00 -------------------------------------------------------------------------------- Name : xorg-x11-server Product : Fedora 44 Version : 21.1.24 Release : 1.fc44 URL : http://www.x.org Summary : X.Org X11 X server Description : X.Org X11 X server. -------------------------------------------------------------------------------- Update Information: Update to xserver 21.1.24, fixes for: CVE-2026-55999, CVE-2025-56000 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2026 Peter Hutterer - 21.1.24-1 - Update to xserver 21.1.24 Security fixes for: CVE-2026-55999, CVE-2025-56000 * Sat Jun 13 2026 Yaakov Selkowitz - 21.1.23-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-28b7854014' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . xorg-x11-server security update fixes CVE-2026-55999 and CVE-2025-56000 for Fedora 44. Install promptly to ensure safety.. X11 Server Update, Fedora Security, CVE Fixes, xorg-x11-server 21.1.24, Fedora 44 Advisory. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200