Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 518
Alerts This Week
Warning Icon 1 518

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 95 articles for you...
89

Fedora 43 Chromium Important Security Release 2026-88eee44bfb

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-88eee44bfb 2026-07-05 00:49:16.510819+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 43 Version : 150.0.7871.46 Release : 1.fc43 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 1 2026 Than Ngo - 150.0.7871.46-1 - Update to 150.0.7871.46 * CVE-2026-13774: Use after free in Extensions * CVE-2026-13775: Use after free in GPU * CVE-2026-13776: Type Confusion in Dawn * CVE-2026-13777: Insufficient validation of untrusted input in iOSWeb * CVE-2026-13778: Use after free in WebUSB * CVE-2026-13779: Use after free in Chromoting * CVE-2026-13780: Insufficient validation of untrusted input in ANGLE * CVE-2026-13781: Insufficient validation of untrusted input in Skia * CVE-2026-13782: Use after free in Browser * CVE-2026-13783: Use after free in Views * CVE-2026-13784: Use after free in Views * CVE-2026-13785: Use after free in Bluetooth * CVE-2026-13786: Use after free in Ozone * CVE-2026-13787: Use after free in Chromoting * CVE-2026-13788: Use after free in Fullscreen * CVE-2026-13789: Use after free in GPU * CVE-2026-13790: Side-channel information leakage in Scroll * CVE-2026-13791: Insufficient validation of untrusted input in Downloads * CVE-2026-13792: Useafter free in Touchbar * CVE-2026-13793: Insufficient policy enforcement in SVG * CVE-2026-13794: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13795: Insufficient policy enforcement in Chrome for iOS * CVE-2026-13796: Integer overflow in Chromecast * CVE-2026-13797: Insufficient validation of untrusted input in Chromecast * CVE-2026-13798: Heap buffer overflow in Chromecast * CVE-2026-13799: Use after free in QUIC * CVE-2026-13800: Inappropriate implementation in Updater * CVE-2026-13801: Integer overflow in Chromecast * CVE-2026-13802: Use after free in Views * CVE-2026-13803: Type Confusion in Chrome Tabs * CVE-2026-13804: Use after free in Chromecast * CVE-2026-13805: Use after free in GFX * CVE-2026-13806: Insufficient validation of untrusted input in Accessibility * CVE-2026-13807: Use after free in Import * CVE-2026-13808: Insufficient data validation in Chrome for iOS * CVE-2026-13809: Side-channel information leakage in Safe Browsing * CVE-2026-13810: Inappropriate implementation in Input * CVE-2026-13811: Use after free in IME * CVE-2026-13812: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13813: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13814: Use after free in Views * CVE-2026-13815: Use after free in Blink * CVE-2026-13816: Insufficient validation of untrusted input in File Input * CVE-2026-13817: Insufficient validation of untrusted input in Glic * CVE-2026-13818: Inappropriate implementation in Passwords * CVE-2026-13819: Out of bounds read in ANGLE * CVE-2026-13820: Out of bounds read in Skia * CVE-2026-13821: Use after free in Canvas * CVE-2026-13822: Inappropriate implementation in Extensions * CVE-2026-13823: Use after free in Glic * CVE-2026-13824: Insufficient validation of untrusted input in Extensions * CVE-2026-13825: Uninitialized Use in Dawn * CVE-2026-13826: Inappropriate implementation in Autofill *CVE-2026-13827: Use after free in Updater * CVE-2026-13828: Inappropriate implementation in Enterprise * CVE-2026-13829: Insufficient validation of untrusted input in Settings * CVE-2026-13830: Use after free in Chromoting * CVE-2026-13831: Use after free in GPU * CVE-2026-13832: Use after free in Headless * CVE-2026-13833: Uninitialized Use in ANGLE * CVE-2026-13834: Insufficient validation of untrusted input in ANGLE * CVE-2026-13835: Inappropriate implementation in XML * CVE-2026-13836: Inappropriate implementation in CSS * CVE-2026-13837: Inappropriate implementation in CSS * CVE-2026-13838: Inappropriate implementation in CSS * CVE-2026-13839: Inappropriate implementation in CSS * CVE-2026-13840: Insufficient policy enforcement in Canvas * CVE-2026-13841: Integer overflow in Skia * CVE-2026-13842: Incorrect security UI in Chrome for iOS * CVE-2026-13843: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13844: Use after free in Updater * CVE-2026-13845: Use after free in DOM * CVE-2026-13846: Use after free in USB * CVE-2026-13847: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13848: Use after free in Forms * CVE-2026-13849: Insufficient validation of untrusted input in Chromoting * CVE-2026-13850: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13851: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13852: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13853: Use after free in Journeys * CVE-2026-13854: Use after free in Ozone * CVE-2026-13855: Use after free in Ozone * CVE-2026-13856: Insufficient validation of untrusted input in Speech * CVE-2026-13857: Inappropriate implementation in Geometry * CVE-2026-13858: Out of bounds read in FFmpeg * CVE-2026-13859: Inappropriate implementation in ANGLE * CVE-2026-13860: Incorrect security UI in Autofill * CVE-2026-13861: Use after free inCore * CVE-2026-13862: Insufficient policy enforcement in Web Authentication (Passkeys & Security Keys) * CVE-2026-13863: Insufficient validation of untrusted input in CustomTabs * CVE-2026-13864: Insufficient policy enforcement in WebHID * CVE-2026-13865: Insufficient validation of untrusted input in Enterprise * CVE-2026-13866: Insufficient validation of untrusted input in Input * CVE-2026-13867: Inappropriate implementation in Geolocation * CVE-2026-13868: Inappropriate implementation in Network * CVE-2026-13869: Use after free in Device * CVE-2026-13870: Use after free in WebView * CVE-2026-13871: Insufficient data validation in GuestView * CVE-2026-13872: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13873: Out of bounds memory access in Layout * CVE-2026-13874: Inappropriate implementation in DataTransfer * CVE-2026-13875: Insufficient validation of untrusted input in GPU * CVE-2026-13876: Inappropriate implementation in Network * CVE-2026-13877: Insufficient validation of untrusted input in ANGLE * CVE-2026-13878: Use after free in Bluetooth * CVE-2026-13879: Use after free in Bluetooth * CVE-2026-13880: Use after free in USB * CVE-2026-13881: Insufficient data validation in WebAppInstalls * CVE-2026-13882: Inappropriate implementation in USB * CVE-2026-13883: Type Confusion in ANGLE * CVE-2026-13884: Heap buffer overflow in Chromecast * CVE-2026-13885: Use after free in Skia * CVE-2026-13886: Policy bypass in Isolated Web Apps * CVE-2026-13887: Insufficient policy enforcement in NFC * CVE-2026-13888: Use after free in Extensions * CVE-2026-13889: Insufficient validation of untrusted input in WebAuthentication * CVE-2026-13890: Out of bounds read in Chromecast * CVE-2026-13891: Insufficient validation of untrusted input in Extensions * CVE-2026-13892: Inappropriate implementation in Chrome for iOS * CVE-2026-13893: Insufficient validation of untrusted input in WebUI *CVE-2026-13894: Insufficient policy enforcement in Network * CVE-2026-13895: Inappropriate implementation in Autofill * CVE-2026-13896: Insufficient policy enforcement in Glic * CVE-2026-13897: Insufficient policy enforcement in Chromecast * CVE-2026-13898: Use after free in Cast Receiver * CVE-2026-13899: Use after free in HTML * CVE-2026-13900: Insufficient validation of untrusted input in Chromecast * CVE-2026-13901: Insufficient validation of untrusted input in Serial * CVE-2026-13902: Inappropriate implementation in Chrome for iOS * CVE-2026-13903: Insufficient policy enforcement in Bluetooth * CVE-2026-13904: Incorrect security UI in Safe Browsing * CVE-2026-13905: Incorrect security UI in Chrome for iOS * CVE-2026-13906: Out of bounds read in Codecs * CVE-2026-13907: Inappropriate implementation in iOSWeb * CVE-2026-13908: Insufficient validation of untrusted input in Omnibox * CVE-2026-13909: Insufficient policy enforcement in DevTools * CVE-2026-13910: Insufficient policy enforcement in WebXR * CVE-2026-13911: Insufficient data validation in Spellcheck * CVE-2026-13912: Incorrect security UI in Safe Browsing * CVE-2026-13913: Insufficient policy enforcement in Autofill * CVE-2026-13914: Inappropriate implementation in Passwords * CVE-2026-13915: Use after free in Chrome for iOS * CVE-2026-13916: Inappropriate implementation in Chrome for iOS * CVE-2026-13917: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13918: Use after free in Chrome for iOS * CVE-2026-13919: Insufficient data validation in Extensions * CVE-2026-13920: Insufficient validation of untrusted input in Media * CVE-2026-13921: Insufficient validation of untrusted input in DeviceBoundSessionCredentials * CVE-2026-13922: Side-channel information leakage in Paint * CVE-2026-13923: Uninitialized Use in GPU * CVE-2026-13924: Insufficient validation of untrusted input in WebView * CVE-2026-13925: Inappropriate implementation inDownloads * CVE-2026-13926: Insufficient validation of untrusted input in Network * CVE-2026-13927: Insufficient validation of untrusted input in UI * CVE-2026-13928: Insufficient validation of untrusted input in Enterprise * CVE-2026-13929: Insufficient validation of untrusted input in DevTools * CVE-2026-13930: Insufficient policy enforcement in Actor * CVE-2026-13931: Inappropriate implementation in Media * CVE-2026-13932: Inappropriate implementation in Sharing * CVE-2026-13933: Insufficient policy enforcement in Passwords * CVE-2026-13934: Insufficient validation of untrusted input in Dawn * CVE-2026-13935: Side-channel information leakage in ComputePressure * CVE-2026-13936: Inappropriate implementation in Passwords * CVE-2026-13937: Insufficient policy enforcement in Passwords * CVE-2026-13938: Integer overflow in Fonts * CVE-2026-13939: Insufficient validation of untrusted input in WebShare * CVE-2026-13940: Uninitialized Use in Cast * CVE-2026-13941: Inappropriate implementation in SiteSettings * CVE-2026-13942: Insufficient validation of untrusted input in Video Capture * CVE-2026-13943: Uninitialized Use in CSS * CVE-2026-13944: Inappropriate implementation in DataTransfer * CVE-2026-13945: Insufficient policy enforcement in Extensions * CVE-2026-13946: Inappropriate implementation in ScriptInjections * CVE-2026-13947: Uninitialized Use in XR * CVE-2026-13948: Insufficient policy enforcement in Extensions * CVE-2026-13949: Insufficient policy enforcement in Payments * CVE-2026-13950: Uninitialized Use in GPU * CVE-2026-13951: Policy bypass in USB * CVE-2026-13952: Inappropriate implementation in PerformanceAPIs * CVE-2026-13953: Inappropriate implementation in SplitView * CVE-2026-13954: Insufficient policy enforcement in XML * CVE-2026-13955: Insufficient validation of untrusted input in CustomTabs * CVE-2026-13956: Incorrect security UI in PageInfo * CVE-2026-13957: Incorrect security UI in Extensions * CVE-2026-13958: Uninitialized Use in Codecs * CVE-2026-13959: Insufficient validation of untrusted input in Blink * CVE-2026-13960: Inappropriate implementation in Passwords * CVE-2026-13961: Insufficient validation of untrusted input in DevTools * CVE-2026-13962: Insufficient data validation in PDF * CVE-2026-13963: Inappropriate implementation in DevTools * CVE-2026-13964: Insufficient policy enforcement in WebView * CVE-2026-13965: Use after free in Oilpan * CVE-2026-13966: Inappropriate implementation in History * CVE-2026-13967: Type Confusion in V8 * CVE-2026-13968: Insufficient validation of untrusted input in DevTools * CVE-2026-13969: Uninitialized Use in UI * CVE-2026-13970: Uninitialized Use in Media * CVE-2026-13971: Uninitialized Use in Skia * CVE-2026-13972: Inappropriate implementation in Paint * CVE-2026-13973: Inappropriate implementation in UI * CVE-2026-13974: Integer overflow in Safe Browsing * CVE-2026-13975: Out of bounds read in ANGLE * CVE-2026-13976: Heap buffer overflow in Storage * CVE-2026-13977: Inappropriate implementation in HTMLParser * CVE-2026-13978: Insufficient policy enforcement in PageInfo * CVE-2026-13979: Inappropriate implementation in Paint * CVE-2026-13980: Incorrect security UI in Chrome for iOS * CVE-2026-13981: Inappropriate implementation in Chrome for iOS * CVE-2026-13982: Incorrect security UI in Passwords * CVE-2026-13983: Incorrect security UI in Chrome for iOS * CVE-2026-13984: Incorrect security UI in TabStrip * CVE-2026-13985: Inappropriate implementation in MediaCapture * CVE-2026-13986: Inappropriate implementation in Media UI * CVE-2026-13987: Incorrect security UI in Mobile * CVE-2026-13988: Inappropriate implementation in Paint * CVE-2026-13989: Insufficient policy enforcement in PageInfo * CVE-2026-13990: Insufficient validation of untrusted input in DataTransfer * CVE-2026-13991: Insufficient validation of untrusted input in Chrome for iOS *CVE-2026-13992: Inappropriate implementation in UI * CVE-2026-13993: Incorrect security UI in WebAppInstalls * CVE-2026-13994: Inappropriate implementation in Credential Management * CVE-2026-13995: Insufficient validation of untrusted input in Autofill * CVE-2026-13996: Incorrect security UI in Permissions * CVE-2026-13997: Incorrect security UI in Extensions * CVE-2026-13998: Incorrect security UI in File Input * CVE-2026-13999: Inappropriate implementation in Extensions * CVE-2026-14000: Inappropriate implementation in XML * CVE-2026-14001: Inappropriate implementation in Network * CVE-2026-14002: Inappropriate implementation in Geolocation * CVE-2026-14003: Insufficient policy enforcement in Extensions * CVE-2026-14004: Inappropriate implementation in CSS * CVE-2026-14005: Use after free in Omnibox * CVE-2026-14006: Use after free in Navigation * CVE-2026-14007: Insufficient policy enforcement in PermissionsPolicy * CVE-2026-14008: Uninitialized Use in WebXR * CVE-2026-14009: Insufficient data validation in Passwords * CVE-2026-14010: Uninitialized Use in Codecs * CVE-2026-14011: Out of bounds read in SurfaceCapture * CVE-2026-14012: Side-channel information leakage in CSS * CVE-2026-14013: Inappropriate implementation in SVG * CVE-2026-14014: Inappropriate implementation in Paint * CVE-2026-14015: Inappropriate implementation in WebRTC * CVE-2026-14016: Insufficient policy enforcement in SVG * CVE-2026-14017: Inappropriate implementation in Navigation * CVE-2026-14018: Use after free in Updater * CVE-2026-14019: Inappropriate implementation in Passwords * CVE-2026-14020: Insufficient validation of untrusted input in WebXR * CVE-2026-14021: Insufficient validation of untrusted input in StorageAccessAPI * CVE-2026-14022: Insufficient validation of untrusted input in Network * CVE-2026-14023: Insufficient validation of untrusted input in SanitizerAPI * CVE-2026-14024: Use after free in Ozone * CVE-2026-14025: Useafter free in Views * CVE-2026-14026: Incorrect security UI in SplitView * CVE-2026-14027: Use after free in SignIn * CVE-2026-14028: Incorrect security UI in Chrome for iOS * CVE-2026-14030: Incorrect security UI in SplitView * CVE-2026-14031: Incorrect security UI in File Input * CVE-2026-14032: Use after free in Bluetooth * CVE-2026-14033: Insufficient policy enforcement in Media * CVE-2026-14034: Inappropriate implementation in WebXR * CVE-2026-14035: Insufficient policy enforcement in Bluetooth * CVE-2026-14036: Insufficient policy enforcement in Bluetooth * CVE-2026-14037: Insufficient policy enforcement in GPU * CVE-2026-14038: Insufficient validation of untrusted input in New Tab Page * CVE-2026-14039: Insufficient policy enforcement in GetUserMedia * CVE-2026-14040: Use after free in BrowserTag * CVE-2026-14041: Insufficient policy enforcement in Serial * CVE-2026-14042: Inappropriate implementation in Isolated Web Apps * CVE-2026-14043: Use after free in GetUserMedia * CVE-2026-14044: Use after free in ANGLE * CVE-2026-14045: Insufficient validation of untrusted input in Network * CVE-2026-14046: Inappropriate implementation in CustomTabs * CVE-2026-14047: Insufficient policy enforcement in Extensions * CVE-2026-14048: Use after free in Chromecast * CVE-2026-14049: Inappropriate implementation in GPU * CVE-2026-14050: Insufficient policy enforcement in Passwords * CVE-2026-14051: Uninitialized Use in GamepadAPI * CVE-2026-14052: Insufficient policy enforcement in FileSystem * CVE-2026-14053: Insufficient policy enforcement in Extensions * CVE-2026-14054: Insufficient policy enforcement in Network * CVE-2026-14055: Insufficient validation of untrusted input in Device Trust * CVE-2026-14056: Insufficient validation of untrusted input in Media * CVE-2026-14057: Insufficient policy enforcement in FedCM * CVE-2026-14058: Policy bypass in Parser * CVE-2026-14059: Insufficient policy enforcement inRelated-Website-Sets * CVE-2026-14060: Insufficient validation of untrusted input in Chromoting * CVE-2026-14061: Inappropriate implementation in Dawn * CVE-2026-14062: Inappropriate implementation in Views * CVE-2026-14063: Out of bounds memory access in Chromecast * CVE-2026-14064: Use after free in PageInfo * CVE-2026-14065: Insufficient validation of untrusted input in PageInfo * CVE-2026-14066: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-14067: Use after free in Chrome for iOS * CVE-2026-14068: Inappropriate implementation in Omnibox * CVE-2026-14069: Integer overflow in WebNN * CVE-2026-14070: Uninitialized Use in WebNN * CVE-2026-14071: Side-channel information leakage in WebAudio * CVE-2026-14072: Incorrect security UI in SplitView * CVE-2026-14073: Insufficient policy enforcement in WebXR * CVE-2026-14074: Side-channel information leakage in WebAuthentication * CVE-2026-14075: Policy bypass in Chrome for iOS * CVE-2026-14076: Policy bypass in Network * CVE-2026-14077: Incorrect security UI in Select * CVE-2026-14078: Policy bypass in WebRTC * CVE-2026-14079: Policy bypass in Network * CVE-2026-14080: Insufficient validation of untrusted input in TabSwitcher * CVE-2026-14081: Insufficient policy enforcement in DevTools * CVE-2026-14082: Race in Storage * CVE-2026-14083: Insufficient validation of untrusted input in HTML * CVE-2026-14084: Insufficient validation of untrusted input in Chromoting * CVE-2026-14085: Side-channel information leakage in CSS * CVE-2026-14086: Insufficient policy enforcement in HID * CVE-2026-14087: Insufficient validation of untrusted input in WebNN * CVE-2026-14088: Uninitialized Use in Canvas * CVE-2026-14089: Insufficient validation of untrusted input in PopupBlocker * CVE-2026-14090: Out of bounds read in CameraCapture * CVE-2026-14091: Use after free in DevTools * CVE-2026-14092: Insufficient policy enforcement in Privacy * CVE-2026-14093: Useafter free in Cast * CVE-2026-14094: Use after free in Installer * CVE-2026-14095: Insufficient validation of untrusted input in Browser * CVE-2026-14096: Object lifecycle issue in Input * CVE-2026-14097: Inappropriate implementation in WebAppInstalls * CVE-2026-14098: Inappropriate implementation in CSS * CVE-2026-14099: Use after free in Chrome for iOS * CVE-2026-14100: Insufficient data validation in NetworkCache * CVE-2026-14101: Insufficient policy enforcement in Sandbox * CVE-2026-14102: Use after free in Passwords * CVE-2026-14103: Use after free in SSL * CVE-2026-14104: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14105: Insufficient policy enforcement in Speech * CVE-2026-14106: Insufficient validation of untrusted input in Text * CVE-2026-14107: Use after free in Scheduling * CVE-2026-14108: Use after free in PDFium * CVE-2026-14109: Insufficient policy enforcement in Mojo * CVE-2026-14110: Inappropriate implementation in DarkMode * CVE-2026-14111: Use after free in WebProtect * CVE-2026-14112: Inappropriate implementation in Enterprise * CVE-2026-14113: Use after free in Updater * CVE-2026-14114: Inappropriate implementation in WebAppInstalls * CVE-2026-14115: Insufficient validation of untrusted input in Cast * CVE-2026-14116: Insufficient validation of untrusted input in DevTools * CVE-2026-14117: Insufficient validation of untrusted input in DevTools * CVE-2026-14118: Insufficient data validation in DevTools * CVE-2026-14119: Type Confusion in Bluetooth * CVE-2026-14120: Inappropriate implementation in DevTools * CVE-2026-14121: Use after free in Chromoting * CVE-2026-14122: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14123: Incorrect security UI in Chrome for iOS * CVE-2026-14124: Inappropriate implementation in CredentialProvider * CVE-2026-14125: Uninitialized Use in ANGLE * CVE-2026-14126: Incorrect security UI in UI * CVE-2026-14127:Inappropriate implementation in Printing * CVE-2026-14128: Insufficient data validation in Chrome for iOS * CVE-2026-14129: Incorrect security UI in PreviewTab * CVE-2026-14130: Incorrect security UI in Omnibox * CVE-2026-14131: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14132: Inappropriate implementation in WebXR * CVE-2026-14133: Race in History Embeddings * CVE-2026-14134: Inappropriate implementation in Autofill * CVE-2026-14135: Insufficient validation of untrusted input in Network * CVE-2026-14136: Incorrect security UI in Chrome for iOS * CVE-2026-14137: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-14138: Inappropriate implementation in WebAppInstalls * CVE-2026-14139: Inappropriate implementation in TabStrip * CVE-2026-14140: Insufficient validation of untrusted input in Input * CVE-2026-14141: Incorrect security UI in Document Picture-in-Picture * CVE-2026-14142: Inappropriate implementation in Extensions * CVE-2026-14143: Incorrect security UI in Passwords * CVE-2026-14144: Incorrect security UI in Views * CVE-2026-14145: Inappropriate implementation in CSS * CVE-2026-14146: Inappropriate implementation in CSS * CVE-2026-14147: Inappropriate implementation in CSS * CVE-2026-14148: Type Confusion in CSS * CVE-2026-14149: Use after free in Audio * CVE-2026-14150: Insufficient validation of untrusted input in Speech * CVE-2026-14151: Inappropriate implementation in AI * CVE-2026-14152: Out of bounds write in ANGLE * CVE-2026-14153: Inappropriate implementation in Glic * CVE-2026-14154: Inappropriate implementation in DevTools * CVE-2026-14155: Insufficient policy enforcement in StorageAccessAPI * CVE-2026-14156: Policy bypass in StorageAccessAPI - Remove Darkmode patches, which are already included in v150 - Refresh patches for v150 - Fix FTBFS with system ffmpeg - Backport upstream patches to fixFTBFS -------------------------------------------------------------------------------- References: [ 1 ] Bug #2495844 - CVE-2026-14101 chromium: chromium-browser: Insufficient policy enforcement in Sandbox [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2495844 [ 2 ] Bug #2495845 - CVE-2026-14101 chromium: chromium-browser: Insufficient policy enforcement in Sandbox [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2495845 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-88eee44bfb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Chromium on Fedora 43 updates to version 150.0.7871.46 includes vital security fixes and addresses multiple vulnerabilities.. Chromium Update, Fedora 43, Security Fixes, Vulnerability Management, Application Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 04, 2026 Important Fedora
100

SUSE Python-urllib3 Important CVE-2026-44431 Info Disclosure Vulnerability

An update that solves one vulnerability can now be installed.. # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:2065-1 Release Date: 2026-05-26T07:11:07Z Rating: important References: * bsc#1265267 Cross-References: * CVE-2026-44431 CVSS scores: * CVE-2026-44431 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44431 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-44431 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44431 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issue * CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects(bsc#1265267). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2026-2065=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2065=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2065=1 ## Package List: * Public Cloud Module 12 (noarch) * python3-urllib3-1.25.10-3.51.1 * python-urllib3-1.25.10-3.51.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * python3-urllib3-1.25.10-3.51.1 * python-urllib3-1.25.10-3.51.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python3-urllib3-1.25.10-3.51.1 * python-urllib3-1.25.10-3.51.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44431.html * https://bugzilla.suse.com/show_bug.cgi?id=1265267 . An important security update for python-urllib3 is available, addressing a sensitive information disclosure issue.. python-urllib3 security update, SUSE Linux patch, sensitive information CVE. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 26, 2026 Important SuSE
100

SUSE Linux Micro 6.0 Kernel Important Local Privilege Issue 2026-21334-1

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21334-1 Release Date: 2026-04-22T17:07:51Z Rating: important References: * bsc#1255066 * bsc#1259859 Cross-References: * CVE-2025-40309 * CVE-2026-23268 CVSS scores: * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-40309: Bluetooth: SCO: Fix UAF on sco_conn_free (bsc#1255066). * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-356=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_6-debugsource-17-3.1 * kernel-livepatch-6_4_0-28-default-17-3.1 * kernel-livepatch-6_4_0-28-default-debuginfo-17-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1255066 * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . SUSELinux Micro 6.0 kernel update resolves important security issues, enhancing system integrity and user privileges.. SUSE Linux Kernel Update, Security Fix, Privilege Management, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 27, 2026 Important SuSE
100

SUSE Linux Micro 6.0 Kernel Significant Patch CVE-2025-40309 CVE-2026-23268

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21343-1 Release Date: 2026-04-22T17:23:57Z Rating: important References: * bsc#1255066 * bsc#1259859 Cross-References: * CVE-2025-40309 * CVE-2026-23268 CVSS scores: * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: * CVE-2025-40309: Bluetooth: SCO: Fix UAF on sco_conn_free (bsc#1255066). * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-363=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-29-default-16-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-16-1.2 * kernel-livepatch-MICRO-6-0_Update_7-debugsource-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1255066 * https://bugzilla.suse.com/show_bug.cgi?id=1259859 .Install vital security updates for important SUSE Linux Micro Kernel vulnerabilities and improve system safety.. SUSE Linux Micro, kernel update, important patch, security vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 27, 2026 Important SuSE
89

Fedora 44 python-cairosvg Important CVE-2026-31899 DoS Security Fix

Security fix for CVE-2026-31899: https://nvd.nist.gov/vuln/detail/CVE-2026-31899 / https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c Exponential DoS via recursive element amplification. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-448e26a9c8 2026-04-25 01:21:36.173244+00:00 -------------------------------------------------------------------------------- Name : python-cairosvg Product : Fedora 44 Version : 2.9.0 Release : 1.fc44 URL : https://cairosvg.org/ Summary : A Simple SVG Converter for Cairo Description : CairoSVG is a SVG 1.1 to PNG, PDF, PS and SVG converter which can also be used as a Python library. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2026-31899: https://nvd.nist.gov/vuln/detail/CVE-2026-31899 / https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c Exponential DoS via recursive element amplification -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 15 2026 Michel Lind - 2.9.0-1 - Update to 2.9.0 upstream release - Resolves: rhbz#2229363 - Resolves: CVE-2026-31899 - Enable Packit - Drop unneeded test shenanigans - Enforce that license is preinstalled, stop installing by hand -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447854 - CVE-2026-31899 python-cairosvg: CairoSVG: Denial of Service via recursive element amplification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2447854 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-448e26a9c8' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 44 python-cairosvg receives a security fix for DoS via CVE-2026-31899 to enhance application resilience.. Fedora 44, python-cairosvg, DoS fix, security update, application security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 25, 2026 Important Fedora
202

openSUSE 2026 libxml2 Major Upgrade Raises Significant Security Alerts

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for osslsigncode ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0116-1 Rating: critical References: #1260680 Cross-References: CVE-2025-70888 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for osslsigncode fixes the following issues: - Update to 2.13 (boo#1260680, CVE-2025-70888): * fixed integer overflows when processing APPX compressed data streams * fixed double-free vulnerabilities in APPX file processing * fixed multiple memory corruption issues in PE page hash computation - Changes from 2.12: * fixed a buffer overflow while extracting message digests - Changes from 2.11: * added keyUsage validation for signer certificate * added printing CRL details during signature verification * implemented a workaround for CRL servers returning the HTTP Content-Type header other than application/pkix-crl * fixed HTTP keep-alive handling * fixed macOS compiler and linker flags * fixed undefined BIO_get_fp() behavior with BIO_FLAGS_UPLINK_INTERNAL - update to 2.10: * added JavaScript signing * added PKCS#11 provider support (requires OpenSSL 3.0+) * added support for providers without specifying "-pkcs11module" option * (OpenSSL 3.0+, e.g., for the upcoming CNG provider) * added compatibility with the CNG engine version 1.1 or later * added the "-engineCtrl" option to control hardware and CNG engines * added the '-blobFile' option to specify a file containing the blob content * improved unauthenticated blob support (thanks to Asger Hautop Drewsen) * improved UTF-8 handling for certificate subjects and issuers *fixed support for multiple signerInfo contentType OIDs (CTL and Authenticode) * fixed tests for python-cryptography > = 43.0.0 - update to version 2.9: * added a 64 bit long pseudo-random NONCE in the TSA request * missing NID_pkcs9_signingTime is no longer an error * added support for PEM-encoded CRLs * fixed the APPX central directory sorting order * added a special "-" file name to read the passphrase from stdin * used native HTTP client with OpenSSL 3.x, removing libcurl dependency * added '-login' option to force a login to PKCS11 engines * added the "-ignore-crl" option to disable fetching and verifying CRL Distribution Points * changed error output to stderr instead of stdout * various testing framework improvements * various memory corruption fixes - update to version 2.8: * Microsoft PowerShell signing sponsored by Cisco Systems, Inc. * fixed setting unauthenticated attributes (Countersignature, Unauthenticated * Data Blob) in a nested signature * added the "-index" option to verify a specific signature or modify its unauthenticated attributes * added CAT file verification * added listing the contents of a CAT file with the "-verbose" option * added the new "extract-data" command to extract a PKCS#7 data content to be signed with "sign" and attached with "attach-signature" * added PKCS9_SEQUENCE_NUMBER authenticated attribute support * added the "-ignore-cdp" option to disable CRL Distribution Points (CDP) online verification * unsuccessful CRL retrieval and verification changed into a critical error the "-p" option modified to also use to configured proxy to connect CRL Distribution Points * added implicit allowlisting of the Microsoft Root Authority serial number 00C1008B3C3C8811D13EF663ECDF40 * added listing of certificate chain retrieved from the signature in case of verification failure -update to 2.7.0 * fixed signing CAB files (by Michael Brown) * fixed handling of unsupported commands (by Maxim Bagryantsev) * fixed writing DIFAT sectors * added APPX support (by Maciej Panek and Ma\u0142gorzata Olszwka) * added a built-in TSA response generation (-TSA-certs, -TSA-key and -TSA-time options) * added verification of CRLs specified in the signing certificate * added MSI DIFAT sectors support (by Max Bagryantsev) * added the "-h" option to set the cryptographic hash function for the "attach -signature" and "add" commands * set the default hash function to "sha256" * added the "attach-signature" option to compute and compare the leaf certificate hash for the "add" command * renamed the "-st" option "-time" * updated the "-time" option to also set explicit verification time * added the "-ignore-timestamp" option * removed the "-timestamp-expiration" option * numerous bugfixes * documentation updates Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-116=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): osslsigncode-2.13-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2025-70888.html https://bugzilla.suse.com/1260680 . A critical security update for osslsigncode addresses integer overflow and memory corruption issues in openSUSE.. osslsigncode security update, openSUSE critical patch, memory corruption fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 03, 2026 Critical OpenSUSE
202

openSUSE Tumbleweed python311-PyPDF2 Moderate Security Fix 2026-10284-1

An update that solves 2 vulnerabilities can now be installed.. # python311-PyPDF2-2.11.1-5.1 on GA media Announcement ID: openSUSE-SU-2026:10284-1 Rating: moderate Cross-References: * CVE-2026-27628 * CVE-2026-27888 CVSS scores: * CVE-2026-27888 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27888 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python311-PyPDF2-2.11.1-5.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python311-PyPDF2 2.11.1-5.1 * python313-PyPDF2 2.11.1-5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27628.html * https://www.suse.com/security/cve/CVE-2026-27888.html . Critical update for openSUSE addressing two security issues in python311-PyPDF2, improving system protection.. openSUSE security, python PyPDF2, moderate vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Mar 05, 2026 OpenSUSE
100

openSUSE Evolution Data Server Moderate File Deletion Risk 2026-0775-1

An update that solves one vulnerability can now be installed.. # Security update for evolution-data-server Announcement ID: SUSE-SU-2026:0775-1 Release Date: 2026-03-03T13:19:22Z Rating: moderate References: * bsc#1258307 Cross-References: * CVE-2026-2604 CVSS scores: * CVE-2026-2604 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-2604 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for evolution-data-server fixes the following issue: * CVE-2026-2604: arbitrary file deletion via inconsistent URI handling (bsc#1258307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-775=1 SUSE-2026-775=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-775=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-775=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-EBook-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataServerUI4-1_0-3.50.3-150600.3.9.1 * libedataserverui4-1_0-0-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-EDataBook-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataServerUI-1_2-3.50.3-150600.3.9.1 * typelib-1_0-ECal-2_0-3.50.3-150600.3.9.1 *libebook-1_2-21-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debuginfo-3.50.3-150600.3.9.1 * libedata-book-1_2-27-3.50.3-150600.3.9.1 * libcamel-1_2-64-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-devel-3.50.3-150600.3.9.1 * libebook-contacts-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-Camel-1_2-3.50.3-150600.3.9.1 * libecal-2_0-2-debuginfo-3.50.3-150600.3.9.1 * libebook-contacts-1_2-4-debuginfo-3.50.3-150600.3.9.1 * libebackend-1_2-11-3.50.3-150600.3.9.1 * typelib-1_0-EDataServer-1_2-3.50.3-150600.3.9.1 * libebackend-1_2-11-debuginfo-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-3.50.3-150600.3.9.1 * libedataserver-1_2-27-debuginfo-3.50.3-150600.3.9.1 * libedataserverui4-1_0-0-debuginfo-3.50.3-150600.3.9.1 * libcamel-1_2-64-debuginfo-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-3.50.3-150600.3.9.1 * typelib-1_0-EBackend-1_2-3.50.3-150600.3.9.1 * libecal-2_0-2-3.50.3-150600.3.9.1 * libedata-book-1_2-27-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debugsource-3.50.3-150600.3.9.1 * libedataserver-1_2-27-3.50.3-150600.3.9.1 * typelib-1_0-EBookContacts-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataCal-2_0-3.50.3-150600.3.9.1 * libebook-1_2-21-3.50.3-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * evolution-data-server-lang-3.50.3-150600.3.9.1 * SUSE Package Hub 15 15-SP7 (aarch64 s390x) * evolution-data-server-3.50.3-150600.3.9.1 * evolution-data-server-devel-3.50.3-150600.3.9.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * typelib-1_0-EBook-1_2-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-EDataBook-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataServerUI-1_2-3.50.3-150600.3.9.1 * typelib-1_0-ECal-2_0-3.50.3-150600.3.9.1 * libebook-1_2-21-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debuginfo-3.50.3-150600.3.9.1 *libedata-book-1_2-27-3.50.3-150600.3.9.1 * libcamel-1_2-64-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-debuginfo-3.50.3-150600.3.9.1 * libebook-contacts-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-Camel-1_2-3.50.3-150600.3.9.1 * libecal-2_0-2-debuginfo-3.50.3-150600.3.9.1 * libebook-contacts-1_2-4-debuginfo-3.50.3-150600.3.9.1 * libebackend-1_2-11-3.50.3-150600.3.9.1 * typelib-1_0-EDataServer-1_2-3.50.3-150600.3.9.1 * libebackend-1_2-11-debuginfo-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-debuginfo-3.50.3-150600.3.9.1 * libedataserver-1_2-27-debuginfo-3.50.3-150600.3.9.1 * libcamel-1_2-64-debuginfo-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-3.50.3-150600.3.9.1 * typelib-1_0-EBackend-1_2-3.50.3-150600.3.9.1 * libecal-2_0-2-3.50.3-150600.3.9.1 * libedata-book-1_2-27-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debugsource-3.50.3-150600.3.9.1 * libedataserver-1_2-27-3.50.3-150600.3.9.1 * typelib-1_0-EBookContacts-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataCal-2_0-3.50.3-150600.3.9.1 * libebook-1_2-21-3.50.3-150600.3.9.1 * SUSE Package Hub 15 15-SP7 (noarch) * evolution-data-server-lang-3.50.3-150600.3.9.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * typelib-1_0-EBook-1_2-3.50.3-150600.3.9.1 * typelib-1_0-EDataServerUI4-1_0-3.50.3-150600.3.9.1 * libedataserverui4-1_0-0-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-EDataServerUI-1_2-3.50.3-150600.3.9.1 * typelib-1_0-ECal-2_0-3.50.3-150600.3.9.1 * libebook-1_2-21-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debuginfo-3.50.3-150600.3.9.1 * libedata-book-1_2-27-3.50.3-150600.3.9.1 * libcamel-1_2-64-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-devel-3.50.3-150600.3.9.1 * libebook-contacts-1_2-4-3.50.3-150600.3.9.1 * typelib-1_0-Camel-1_2-3.50.3-150600.3.9.1 * libecal-2_0-2-debuginfo-3.50.3-150600.3.9.1 *libebook-contacts-1_2-4-debuginfo-3.50.3-150600.3.9.1 * libebackend-1_2-11-3.50.3-150600.3.9.1 * typelib-1_0-EDataServer-1_2-3.50.3-150600.3.9.1 * libebackend-1_2-11-debuginfo-3.50.3-150600.3.9.1 * libedataserverui-1_2-4-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-3.50.3-150600.3.9.1 * libedataserver-1_2-27-debuginfo-3.50.3-150600.3.9.1 * libedataserverui4-1_0-0-debuginfo-3.50.3-150600.3.9.1 * libcamel-1_2-64-debuginfo-3.50.3-150600.3.9.1 * libedata-cal-2_0-2-3.50.3-150600.3.9.1 * libecal-2_0-2-3.50.3-150600.3.9.1 * libedata-book-1_2-27-debuginfo-3.50.3-150600.3.9.1 * evolution-data-server-debugsource-3.50.3-150600.3.9.1 * libedataserver-1_2-27-3.50.3-150600.3.9.1 * typelib-1_0-EBookContacts-1_2-3.50.3-150600.3.9.1 * libebook-1_2-21-3.50.3-150600.3.9.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (noarch) * evolution-data-server-lang-3.50.3-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2604.html * https://bugzilla.suse.com/show_bug.cgi?id=1258307 . Update for evolution-data-server addresses a moderate issue enabling file deletion vulnerabilities on SUSE systems.. evolution-data-server update, SUSE protection, file deletion risk. . LinuxSecurity.com Team

Calendar%202 Mar 03, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200