[rpms/chromium] epel10.2: - 149.0.7827.196 security release

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/chromium] epel10.2: - 149.0.7827.196 security release
@ 2026-06-24 20:43 Than Ngo
  0 siblings, 0 replies; only message in thread
From: Than Ngo @ 2026-06-24 20:43 UTC (permalink / raw)
  To: git-commits

          A new commit has been pushed.

          Repo   : rpms/chromium
          Branch : epel10.2
          Commit : 5d94d0ebb5da36acab88bbc9c1755602d9f40600
          Author : Than Ngo <than@redhat.com>
          Date   : 2026-06-24T22:35:09+02:00
          Stats  : +18/-0 in 1 file(s)
          URL    : https://src.fedoraproject.org/rpms/chromium/c/5d94d0ebb5da36acab88bbc9c1755602d9f40600?branch=epel10.2

          Log:
          - 149.0.7827.196 security release
* CVE-2026-13028: Use after free in WebGL
* CVE-2026-13032: Use after free in WebGL
* CVE-2026-13033: Out of bounds read in Blink>InterestGroups
* CVE-2026-13038: Use after free in Autofill
* CVE-2026-13021: Inappropriate implementation in DeviceBoundSessionCredentials
* CVE-2026-13022: Inappropriate implementation in Autofill
* CVE-2026-13023: Uninitialized Use in GPU
* CVE-2026-13024: Insufficient validation of untrusted input in Navigation
* CVE-2026-13025: Insufficient validation of untrusted input in DevTools
* CVE-2026-13026: Use after free in Digital Credentials
* CVE-2026-13027: Use after free in FileSystem
* CVE-2026-13029: Use after free in Web Authentication
* CVE-2026-13030: Uninitialized Use in GPU
* CVE-2026-13031: Use after free in Blink
* CVE-2026-13034: Inappropriate implementation in Passwords
* CVE-2026-13035: Use after free in Bluetooth
* CVE-2026-13036: Use after free in Blink
* CVE-2026-13037: Use after free in WebView

---
diff --git a/chromium.spec b/chromium.spec
index 0e10d74..b5bc876 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -1916,6 +1916,24 @@ fi
 %changelog
 * Wed Jun 24 2026 Than Ngo <than@redhat.com> - 149.0.7827.196-1
 - Update to 149.0.7827.196
+  * CVE-2026-13028: Use after free in WebGL
+  * CVE-2026-13032: Use after free in WebGL
+  * CVE-2026-13033: Out of bounds read in Blink>InterestGroups
+  * CVE-2026-13038: Use after free in Autofill
+  * CVE-2026-13021: Inappropriate implementation in DeviceBoundSessionCredentials
+  * CVE-2026-13022: Inappropriate implementation in Autofill
+  * CVE-2026-13023: Uninitialized Use in GPU
+  * CVE-2026-13024: Insufficient validation of untrusted input in Navigation
+  * CVE-2026-13025: Insufficient validation of untrusted input in DevTools
+  * CVE-2026-13026: Use after free in Digital Credentials
+  * CVE-2026-13027: Use after free in FileSystem
+  * CVE-2026-13029: Use after free in Web Authentication
+  * CVE-2026-13030: Uninitialized Use in GPU
+  * CVE-2026-13031: Use after free in Blink
+  * CVE-2026-13034: Inappropriate implementation in Passwords
+  * CVE-2026-13035: Use after free in Bluetooth
+  * CVE-2026-13036: Use after free in Blink
+  * CVE-2026-13037: Use after free in WebView
 - Upstream patch, Make dark mode apply filter to images irrespective of layout zoom
 
 * Wed Jun 17 2026 Than Ngo <than@redhat.com> - 149.0.7827.155-1

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-24 20:43 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-24 20:43 [rpms/chromium] epel10.2: - 149.0.7827.196 security release Than Ngo

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox