|
|
Log in / Subscribe / Register

Fedora alert FEDORA-2026-3675ac2066 (chromium)



From:
              updates--- via package-announce <package-announce@lists.fedoraproject.org>


To:
              package-announce@lists.fedoraproject.org


Subject:
              [SECURITY] Fedora 42 Update: chromium-147.0.7727.101-1.fc42


Date:
              Thu, 23 Apr 2026 00:58:12 +0000


Message-ID:
              <20260423005812.94493493DE@bastion01.rdu3.fedoraproject.org>


Archive-link:
              Article


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3675ac2066
2026-04-23 00:55:31.005427+00:00
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 42
Version     : 147.0.7727.101
Release     : 1.fc42
URL         : http://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 147.0.7727.101
Critical CVE-2026-6296: Heap buffer overflow in ANGLE
Critical CVE-2026-6297: Use after free in Proxy
Critical CVE-2026-6298: Heap buffer overflow in Skia
Critical CVE-2026-6299: Use after free in Prerender
Critical CVE-2026-6358: Use after free in XR
High CVE-2026-6359: Use after free in Video
High CVE-2026-6300: Use after free in CSS
High CVE-2026-6301: Type Confusion in Turbofan
High CVE-2026-6302: Use after free in Video
High CVE-2026-6303: Use after free in Codecs
High CVE-2026-6304: Use after free in Graphite
High CVE-2026-6305: Heap buffer overflow in PDFium
High CVE-2026-6306: Heap buffer overflow in PDFium
High CVE-2026-6307: Type Confusion in Turbofan
High CVE-2026-6308: Out of bounds read in Media
High CVE-2026-6309: Use after free in Viz
High CVE-2026-6360: Use after free in FileSystem
High CVE-2026-6310: Use after free in Dawn
High CVE-2026-6311: Uninitialized Use in Accessibility
High CVE-2026-6312: Insufficient policy enforcement in Passwords
High CVE-2026-6313: Insufficient policy enforcement in CORS
High CVE-2026-6314: Out of bounds write in GPU
High CVE-2026-6315: Use after free in Permissions
High CVE-2026-6316: Use after free in Forms
High CVE-2026-6361: Heap buffer overflow in PDFium
High CVE-2026-6362: Use after free in Codecs
High CVE-2026-6317: Use after free in Cast
Medium CVE-2026-6363: Type Confusion in V8
Medium CVE-2026-6318: Use after free in Codecs
Medium CVE-2026-6319: Use after free in Payments
Medium CVE-2026-6364: Out of bounds read in Skia
Update to 147.0.7727.55
Critical CVE-2026-5858: Heap buffer overflow in WebML
Critical CVE-2026-5859: Integer overflow in WebML
High CVE-2026-5860: Use after free in WebRTC
High CVE-2026-5861: Use after free in V8
High CVE-2026-5862: Inappropriate implementation in V8
High CVE-2026-5863: Inappropriate implementation in V8
High CVE-2026-5864: Heap buffer overflow in WebAudio
High CVE-2026-5865: Type Confusion in V8
High CVE-2026-5866: Use after free in Media
High CVE-2026-5867: Heap buffer overflow in WebML
High CVE-2026-5868: Heap buffer overflow in ANGLE
High CVE-2026-5869: Heap buffer overflow in WebML
High CVE-2026-5870: Integer overflow in Skia
High CVE-2026-5871: Type Confusion in V8
High CVE-2026-5872: Use after free in Blink
High CVE-2026-5873: Out of bounds read and write in V8
Medium CVE-2026-5874: Use after free in PrivateAI
Medium CVE-2026-5875: Policy bypass in Blink
Medium CVE-2026-5876: Side-channel information leakage in Navigation
Medium CVE-2026-5877: Use after free in Navigation
Medium CVE-2026-5878: Incorrect security UI in Blink
Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE
Medium CVE-2026-5880: Incorrect security UI in browser UI
Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess
Medium CVE-2026-5882: Incorrect security UI in Fullscreen
Medium CVE-2026-5883: Use after free in Media
Medium CVE-2026-5884: Insufficient validation of untrusted input in Media
Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML
Medium CVE-2026-5886: Out of bounds read in WebAudio
Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads
Medium CVE-2026-5888: Uninitialized Use in WebCodecs
Medium CVE-2026-5889: Cryptographic Flaw in PDFium
Medium CVE-2026-5890: Race in WebCodecs
Medium CVE-2026-5891: Insufficient policy enforcement in browser UI
Medium CVE-2026-5892: Insufficient policy enforcement in PWAs
Medium CVE-2026-5893: Race in V8
Low CVE-2026-5894: Inappropriate implementation in PDF
Low CVE-2026-5895: Incorrect security UI in Omnibox
Low CVE-2026-5896: Policy bypass in Audio
Low CVE-2026-5897: Incorrect security UI in Downloads
Low CVE-2026-5898: Incorrect security UI in Omnibox
Low CVE-2026-5899: Incorrect security UI in History Navigation
Low CVE-2026-5900: Policy bypass in Downloads
Low CVE-2026-5901: Policy bypass in DevTools
Low CVE-2026-5902: Race in Media
Low CVE-2026-5903: Policy bypass in IFrameSandbox
Low CVE-2026-5904: Use after free in V8
Low CVE-2026-5905: Incorrect security UI in Permissions
Low CVE-2026-5906: Incorrect security UI in Omnibox
Low CVE-2026-5907: Insufficient data validation in Media
Low CVE-2026-5908: Integer overflow in Media
Low CVE-2026-5909: Integer overflow in Media
Low CVE-2026-5910: Integer overflow in Media
Low CVE-2026-5911: Policy bypass in ServiceWorkers
Low CVE-2026-5912: Integer overflow in WebRTC
Low CVE-2026-5913: Out of bounds read in Blink
Low CVE-2026-5914: Type Confusion in CSS
Low CVE-2026-5915: Insufficient validation of untrusted input in WebML
Low CVE-2026-5918: Inappropriate implementation in Navigation
Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets
Update to 146.0.7680.177
High CVE-2026-5273: Use after free in CSS
High CVE-2026-5272: Heap buffer overflow in GPU
High CVE-2026-5274: Integer overflow in Codecs
High CVE-2026-5275: Heap buffer overflow in ANGLE
High CVE-2026-5276: Insufficient policy enforcement in WebUSB
High CVE-2026-5277: Integer overflow in ANGLE
High CVE-2026-5278: Use after free in Web MIDI
High CVE-2026-5279: Object corruption in V8
High CVE-2026-5280: Use after free in WebCodecs
High CVE-2026-5281: Use after free in Dawn
High CVE-2026-5282: Out of bounds read in WebCodecs
High CVE-2026-5283: Inappropriate implementation in ANGLE
High CVE-2026-5284: Use after free in Dawn
High CVE-2026-5285: Use after free in WebGL
High CVE-2026-5286: Use after free in Dawn
High CVE-2026-5287: Use after free in PDF
High CVE-2026-5288: Use after free in WebView
High CVE-2026-5289: Use after free in Navigation
High CVE-2026-5290: Use after free in Compositing
Medium CVE-2026-5291: Inappropriate implementation in WebGL
Medium CVE-2026-5292: Out of bounds read in WebCodecs
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 15 2026 Than Ngo <than@redhat.com> - 147.0.7727.101-1
- Update to 147.0.7727.101
  * Critical CVE-2026-6296: Heap buffer overflow in ANGLE
  * Critical CVE-2026-6297: Use after free in Proxy
  * Critical CVE-2026-6298: Heap buffer overflow in Skia
  * Critical CVE-2026-6299: Use after free in Prerender
  * Critical CVE-2026-6358: Use after free in XR
  * High CVE-2026-6359: Use after free in Video
  * High CVE-2026-6300: Use after free in CSS
  * High CVE-2026-6301: Type Confusion in Turbofan
  * High CVE-2026-6302: Use after free in Video
  * High CVE-2026-6303: Use after free in Codecs
  * High CVE-2026-6304: Use after free in Graphite
  * High CVE-2026-6305: Heap buffer overflow in PDFium
  * High CVE-2026-6306: Heap buffer overflow in PDFium
  * High CVE-2026-6307: Type Confusion in Turbofan
  * High CVE-2026-6308: Out of bounds read in Media
  * High CVE-2026-6309: Use after free in Viz
  * High CVE-2026-6360: Use after free in FileSystem
  * High CVE-2026-6310: Use after free in Dawn
  * High CVE-2026-6311: Uninitialized Use in Accessibility
  * High CVE-2026-6312: Insufficient policy enforcement in Passwords
  * High CVE-2026-6313: Insufficient policy enforcement in CORS
  * High CVE-2026-6314: Out of bounds write in GPU
  * High CVE-2026-6315: Use after free in Permissions
  * High CVE-2026-6316: Use after free in Forms
  * High CVE-2026-6361: Heap buffer overflow in PDFium
  * High CVE-2026-6362: Use after free in Codecs
  * High CVE-2026-6317: Use after free in Cast
  * Medium CVE-2026-6363: Type Confusion in V8
  * Medium CVE-2026-6318: Use after free in Codecs
  * Medium CVE-2026-6319: Use after free in Payments
  * Medium CVE-2026-6364: Out of bounds read in Skia
* Thu Apr  9 2026 Than Ngo <than@redhat.com> - 147.0.7727.55-1
- Update to 147.0.7727.55
  * Critical CVE-2026-5858: Heap buffer overflow in WebML
  * Critical CVE-2026-5859: Integer overflow in WebML
  * High CVE-2026-5860: Use after free in WebRTC
  * High CVE-2026-5861: Use after free in V8
  * High CVE-2026-5862: Inappropriate implementation in V8
  * High CVE-2026-5863: Inappropriate implementation in V8
  * High CVE-2026-5864: Heap buffer overflow in WebAudio
  * High CVE-2026-5865: Type Confusion in V8
  * High CVE-2026-5866: Use after free in Media
  * High CVE-2026-5867: Heap buffer overflow in WebML
  * High CVE-2026-5868: Heap buffer overflow in ANGLE
  * High CVE-2026-5869: Heap buffer overflow in WebML
  * High CVE-2026-5870: Integer overflow in Skia
  * High CVE-2026-5871: Type Confusion in V8
  * High CVE-2026-5872: Use after free in Blink
  * High CVE-2026-5873: Out of bounds read and write in V8
  * Medium CVE-2026-5874: Use after free in PrivateAI
  * Medium CVE-2026-5875: Policy bypass in Blink
  * Medium CVE-2026-5876: Side-channel information leakage in Navigation
  * Medium CVE-2026-5877: Use after free in Navigation
  * Medium CVE-2026-5878: Incorrect security UI in Blink
  * Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE
  * Medium CVE-2026-5880: Incorrect security UI in browser UI
  * Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess
  * Medium CVE-2026-5882: Incorrect security UI in Fullscreen
  * Medium CVE-2026-5883: Use after free in Media
  * Medium CVE-2026-5884: Insufficient validation of untrusted input in Media
  * Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML
  * Medium CVE-2026-5886: Out of bounds read in WebAudio
  * Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads
  * Medium CVE-2026-5888: Uninitialized Use in WebCodecs
  * Medium CVE-2026-5889: Cryptographic Flaw in PDFium
  * Medium CVE-2026-5890: Race in WebCodecs
  * Medium CVE-2026-5891: Insufficient policy enforcement in browser UI
  * Medium CVE-2026-5892: Insufficient policy enforcement in PWAs
  * Medium CVE-2026-5893: Race in V8
  * Low CVE-2026-5894: Inappropriate implementation in PDF
  * Low CVE-2026-5895: Incorrect security UI in Omnibox
  * Low CVE-2026-5896: Policy bypass in Audio
  * Low CVE-2026-5897: Incorrect security UI in Downloads
  * Low CVE-2026-5898: Incorrect security UI in Omnibox
  * Low CVE-2026-5899: Incorrect security UI in History Navigation
  * Low CVE-2026-5900: Policy bypass in Downloads
  * Low CVE-2026-5901: Policy bypass in DevTools
  * Low CVE-2026-5902: Race in Media
  * Low CVE-2026-5903: Policy bypass in IFrameSandbox
  * Low CVE-2026-5904: Use after free in V8
  * Low CVE-2026-5905: Incorrect security UI in Permissions
  * Low CVE-2026-5906: Incorrect security UI in Omnibox
  * Low CVE-2026-5907: Insufficient data validation in Media
  * Low CVE-2026-5908: Integer overflow in Media
  * Low CVE-2026-5909: Integer overflow in Media
  * Low CVE-2026-5910: Integer overflow in Media
  * Low CVE-2026-5911: Policy bypass in ServiceWorkers
  * Low CVE-2026-5912: Integer overflow in WebRTC
  * Low CVE-2026-5913: Out of bounds read in Blink
  * Low CVE-2026-5914: Type Confusion in CSS
  * Low CVE-2026-5915: Insufficient validation of untrusted input in WebML
  * Low CVE-2026-5918: Inappropriate implementation in Navigation
  * Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets
* Wed Apr  1 2026 Than Ngo <than@redhat.com> - 146.0.7680.177-1
- Update to 146.0.7680.177
  * High CVE-2026-5273: Use after free in CSS
  * High CVE-2026-5272: Heap buffer overflow in GPU
  * High CVE-2026-5274: Integer overflow in Codecs
  * High CVE-2026-5275: Heap buffer overflow in ANGLE
  * High CVE-2026-5276: Insufficient policy enforcement in WebUSB
  * High CVE-2026-5277: Integer overflow in ANGLE
  * High CVE-2026-5278: Use after free in Web MIDI
  * High CVE-2026-5279: Object corruption in V8
  * High CVE-2026-5280: Use after free in WebCodecs
  * High CVE-2026-5281: Use after free in Dawn
  * High CVE-2026-5282: Out of bounds read in WebCodecs
  * High CVE-2026-5283: Inappropriate implementation in ANGLE
  * High CVE-2026-5284: Use after free in Dawn
  * High CVE-2026-5285: Use after free in WebGL
  * High CVE-2026-5286: Use after free in Dawn
  * High CVE-2026-5287: Use after free in PDF
  * High CVE-2026-5288: Use after free in WebView
  * High CVE-2026-5289: Use after free in Navigation
  * High CVE-2026-5290: Use after free in Compositing
  * Medium CVE-2026-5291: Inappropriate implementation in WebGL
  * Medium CVE-2026-5292: Out of bounds read in WebCodecs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2457163 - CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5874
CVE-2026-5875 CVE-2026-5876 CVE-2026-5894 chromium: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2457163
  [ 2 ] Bug #2457164 - CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5874
CVE-2026-5875 CVE-2026-5876 CVE-2026-5894 chromium: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2457164
  [ 3 ] Bug #2458847 - CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6300 CVE-2026-6301
CVE-2026-6302 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358
CVE-2026-6359 CVE-2026-6360 CVE-2026-6362 chromium: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2458847
  [ 4 ] Bug #2458848 - CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6300 CVE-2026-6301
CVE-2026-6302 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358
CVE-2026-6359 CVE-2026-6360 CVE-2026-6362 chromium: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2458848
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3675ac2066' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds