-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-9209f91f93 2026-03-16 00:23:58.434842+00:00 --------------------------------------------------------------------------------
Name : chromium Product : Fedora EPEL 10.1 Version : 146.0.7680.71 Release : 1.el10_1 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 146.0.7680.71 CVE-2026-3913: Heap buffer overflow in WebML CVE-2026-3914: Integer overflow in WebML CVE-2026-3915: Heap buffer overflow in WebML CVE-2026-3916: Out of bounds read in Web Speech CVE-2026-3917: Use after free in Agents CVE-2026-3918: Use after free in WebMCP CVE-2026-3919: Use after free in Extensions CVE-2026-3920: Out of bounds memory access in WebML CVE-2026-3921: Use after free in TextEncoding CVE-2026-3922: Use after free in MediaStream CVE-2026-3923: Use after free in WebMIDI CVE-2026-3924: Use after free in WindowDialog CVE-2026-3925: Incorrect security UI in LookalikeChecks CVE-2026-3926: Out of bounds read in V8 CVE-2026-3927: Incorrect security UI in PictureInPicture CVE-2026-3928: Insufficient policy enforcement in Extensions CVE-2026-3929: Side-channel information leakage in ResourceTiming CVE-2026-3930: Unsafe navigation in Navigation CVE-2026-3931: Heap buffer overflow in Skia CVE-2026-3932: Insufficient policy enforcement in PDF CVE-2026-3934: Insufficient policy enforcement in ChromeDriver CVE-2026-3935: Incorrect security UI in WebAppInstalls CVE-2026-3936: Use after free in WebView CVE-2026-3937: Incorrect security UI in Downloads CVE-2026-3938: Insufficient policy enforcement in Clipboard CVE-2026-3939: Insufficient policy enforcement in PDF CVE-2026-3940: Insufficient policy enforcement in DevTools CVE-2026-3941: Insufficient policy enforcement in DevTools CVE-2026-3942: Incorrect security UI in PictureInPicture -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 12 2026 Than Ngo <[email protected]> - 146.0.7680.71-1 - Update to 146.0.7680.71 * CVE-2026-3913: Heap buffer overflow in WebML * CVE-2026-3914: Integer overflow in WebML * CVE-2026-3915: Heap buffer overflow in WebML * CVE-2026-3916: Out of bounds read in Web Speech * CVE-2026-3917: Use after free in Agents * CVE-2026-3918: Use after free in WebMCP * CVE-2026-3919: Use after free in Extensions * CVE-2026-3920: Out of bounds memory access in WebML * CVE-2026-3921: Use after free in TextEncoding * CVE-2026-3922: Use after free in MediaStream * CVE-2026-3923: Use after free in WebMIDI * CVE-2026-3924: Use after free in WindowDialog * CVE-2026-3925: Incorrect security UI in LookalikeChecks * CVE-2026-3926: Out of bounds read in V8 * CVE-2026-3927: Incorrect security UI in PictureInPicture * CVE-2026-3928: Insufficient policy enforcement in Extensions * CVE-2026-3929: Side-channel information leakage in ResourceTiming * CVE-2026-3930: Unsafe navigation in Navigation * CVE-2026-3931: Heap buffer overflow in Skia * CVE-2026-3932: Insufficient policy enforcement in PDF * CVE-2026-3934: Insufficient policy enforcement in ChromeDriver * CVE-2026-3935: Incorrect security UI in WebAppInstalls * CVE-2026-3936: Use after free in WebView * CVE-2026-3937: Incorrect security UI in Downloads * CVE-2026-3938: Insufficient policy enforcement in Clipboard * CVE-2026-3939: Insufficient policy enforcement in PDF * CVE-2026-3940: Insufficient policy enforcement in DevTools * CVE-2026-3941: Insufficient policy enforcement in DevTools * CVE-2026-3942: Incorrect security UI in PictureInPicture -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update chromium' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ epel-package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
