-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c5295ae3b9 2026-02-02 00:40:18.916458+00:00 --------------------------------------------------------------------------------
Name : cef Product : Fedora 43 Version : 144.0.11^chromium144.0.7559.96 Release : 1.fc43 URL : https://bitbucket.org/chromiumembedded/cef Summary : Chromium Embedded Framework Description : CEF is an embeddable build of Chromium, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to cef-144.0.11+ge135be2 + chromium 144.0.7559.96 (rhbz#2432335) CVE-2026-1220: Race in V8 CVE-2026-0899: Out of bounds memory access in V8 CVE-2026-0900: Inappropriate implementation in V8 CVE-2026-0901: Inappropriate implementation in Blink CVE-2026-0902: Inappropriate implementation in V8 CVE-2026-0903: Insufficient validation of untrusted input in Downloads CVE-2026-0904: Incorrect security UI in Digital Credentials CVE-2026-0905: Insufficient policy enforcement in Network CVE-2026-0906: Incorrect security UI CVE-2026-0907: Incorrect security UI in Split View CVE-2026-0908: Use after free in ANGLE -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 24 2026 Hoshino Lina <[email protected]> - 144.0.11^chromium144.0.7559.96-1 - Update to cef-144.0.11+ge135be2 (rhbz#2432335) * Sat Jan 24 2026 Than Ngo <[email protected]> - 144.0.6^chromium144.0.7559.96-1 - Update to 144.0.7559.96 [rhbz#2432335] - * CVE-2026-1220: Race in V8 * Wed Jan 21 2026 Than Ngo <[email protected]> - 144.0.6^chromium144.0.7559.59-1 - Update to 144.0.7559.59 - * CVE-2026-0899: Out of bounds memory access in V8 - * CVE-2026-0900: Inappropriate implementation in V8 - * CVE-2026-0901: Inappropriate implementation in Blink - * CVE-2026-0902: Inappropriate implementation in V8 - * CVE-2026-0903: Insufficient validation of untrusted input in Downloads - * CVE-2026-0904: Incorrect security UI in Digital Credentials - * CVE-2026-0905: Insufficient policy enforcement in Network - * CVE-2026-0906: Incorrect security UI - * CVE-2026-0907: Incorrect security UI in Split View - * CVE-2026-0908: Use after free in ANGLE - Hoshino Lina: Update to cef-144.0.6+g5f7e671 (rhbz#2431156) * Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 143.0.13^chromium143.0.7499.192-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 143.0.13^chromium143.0.7499.192-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2432335 - cef-144.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432335 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c5295ae3b9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
