[SECURITY] Fedora 44 Update: chromium-146.0.7680.71-1.fc44

updates--- via package-announce Fri, 13 Mar 2026 17:19:26 -0700

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-6e868c481c
2026-03-14 00:15:28.464596+00:00
--------------------------------------------------------------------------------


Name        : chromium
Product     : Fedora 44
Version     : 146.0.7680.71
Release     : 1.fc44
URL         : http://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you 
to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 146.0.7680.71
  * CVE-2026-3913: Heap buffer overflow in WebML
  * CVE-2026-3914: Integer overflow in WebML
  * CVE-2026-3915: Heap buffer overflow in WebML
  * CVE-2026-3916: Out of bounds read in Web Speech
  * CVE-2026-3917: Use after free in Agents
  * CVE-2026-3918: Use after free in WebMCP
  * CVE-2026-3919: Use after free in Extensions
  * CVE-2026-3920: Out of bounds memory access in WebML
  * CVE-2026-3921: Use after free in TextEncoding
  * CVE-2026-3922: Use after free in MediaStream
  * CVE-2026-3923: Use after free in WebMIDI
  * CVE-2026-3924: Use after free in WindowDialog
  * CVE-2026-3925: Incorrect security UI in LookalikeChecks
  * CVE-2026-3926: Out of bounds read in V8
  * CVE-2026-3927: Incorrect security UI in PictureInPicture
  * CVE-2026-3928: Insufficient policy enforcement in Extensions
  * CVE-2026-3929: Side-channel information leakage in ResourceTiming
  * CVE-2026-3930: Unsafe navigation in Navigation
  * CVE-2026-3931: Heap buffer overflow in Skia
  * CVE-2026-3932: Insufficient policy enforcement in PDF
  * CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
  * CVE-2026-3935: Incorrect security UI in WebAppInstalls
  * CVE-2026-3936: Use after free in WebView
  * CVE-2026-3937: Incorrect security UI in Downloads
  * CVE-2026-3938: Insufficient policy enforcement in Clipboard
  * CVE-2026-3939: Insufficient policy enforcement in PDF
  * CVE-2026-3940: Insufficient policy enforcement in DevTools
  * CVE-2026-3941: Insufficient policy enforcement in DevTools
  * CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 12 2026 Than Ngo <[email protected]> - 146.0.7680.71-1
- Update to 146.0.7680.71
  * CVE-2026-3913: Heap buffer overflow in WebML
  * CVE-2026-3914: Integer overflow in WebML
  * CVE-2026-3915: Heap buffer overflow in WebML
  * CVE-2026-3916: Out of bounds read in Web Speech
  * CVE-2026-3917: Use after free in Agents
  * CVE-2026-3918: Use after free in WebMCP
  * CVE-2026-3919: Use after free in Extensions
  * CVE-2026-3920: Out of bounds memory access in WebML
  * CVE-2026-3921: Use after free in TextEncoding
  * CVE-2026-3922: Use after free in MediaStream
  * CVE-2026-3923: Use after free in WebMIDI
  * CVE-2026-3924: Use after free in WindowDialog
  * CVE-2026-3925: Incorrect security UI in LookalikeChecks
  * CVE-2026-3926: Out of bounds read in V8
  * CVE-2026-3927: Incorrect security UI in PictureInPicture
  * CVE-2026-3928: Insufficient policy enforcement in Extensions
  * CVE-2026-3929: Side-channel information leakage in ResourceTiming
  * CVE-2026-3930: Unsafe navigation in Navigation
  * CVE-2026-3931: Heap buffer overflow in Skia
  * CVE-2026-3932: Insufficient policy enforcement in PDF
  * CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
  * CVE-2026-3935: Incorrect security UI in WebAppInstalls
  * CVE-2026-3936: Use after free in WebView
  * CVE-2026-3937: Incorrect security UI in Downloads
  * CVE-2026-3938: Insufficient policy enforcement in Clipboard
  * CVE-2026-3939: Insufficient policy enforcement in PDF
  * CVE-2026-3940: Insufficient policy enforcement in DevTools
  * CVE-2026-3941: Insufficient policy enforcement in DevTools
  * CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-6e868c481c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: chromium-146.0.7680.71-1.fc44

Reply via email to