[RndTbl] Re: Fw: [SECURITY] Fedora 43 Update: chromium-148.0.7778.215-1.fc43

Yep, I had to switch to vim-nightly to keep the security folks at work happy. That's the vim-nightly channel for *Windows*, mind you... -Adam Get Outlook for Android<https://aka.ms/AAb9ysg> ________________________________ From: Trevor Cordes via Roundtable <roundtable@muug.ca> Sent: Monday, June 1, 2026 2:11:50 AM To: MUUG RndTbl <roundtable@muug.ca> Subject: [RndTbl] Fw: [SECURITY] Fedora 43 Update: chromium-148.0.7778.215-1.fc43 LOL, that's worse than usual! vim & chromium, the leaders in CVEs. P.S. chromium is just chrome de-googled(ish), so all of these CVEs apply to chrome. I would urge everyone to go back to my firejail presentation and do the simple setup it takes to have your browsers work in firejail! Begin forwarded message: Date: Mon, 1 Jun 2026 01:01:21 +0000 (UTC) From: updates--- via package-announce <package-announce@lists.fedoraproject.org> To: package-announce@lists.fedoraproject.org Subject: [SECURITY] Fedora 43 Update: chromium-148.0.7778.215-1.fc43 -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c004108bb8 2026-06-01 01:00:49.844252+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 43 Version : 148.0.7778.215 Release : 1.fc43 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 148.0.7778.215 CVE-2026-9872: Out of bounds write in GPU CVE-2026-9873: Use after free in Network CVE-2026-9874: Use after free in Dawn CVE-2026-9875: Out of bounds read in WebGL CVE-2026-9876: Use after free in WebGL CVE-2026-9877: Use after free in ANGLE CVE-2026-9878: Use after free in ANGLE CVE-2026-9879: Out of bounds write in ANGLE CVE-2026-9880: Insufficient validation of untrusted input in WebGL CVE-2026-9881: Use after free in Bluetooth CVE-2026-9882: Integer overflow in ANGLE CVE-2026-9883: Use after free in Base CVE-2026-9884: Use after free in Browser CVE-2026-9885: Insufficient validation of untrusted input in UI CVE-2026-9886: Use after free in Base CVE-2026-9887: Use after free in Proxy CVE-2026-9888: Use after free in WebView CVE-2026-9889: Out of bounds read and write in Dawn CVE-2026-9890: Use after free in XR CVE-2026-9891: Use after free in Extensions CVE-2026-9892: Inappropriate implementation in Skia CVE-2026-9893: Use after free in Skia CVE-2026-9894: Use after free in GPU CVE-2026-9895: Out of bounds read in GPU CVE-2026-9896: Out of bounds write in V8 CVE-2026-9897: Use after free in DOM CVE-2026-9898: Insufficient validation of untrusted input in GPU CVE-2026-9899: Use after free in ANGLE CVE-2026-9900: Out of bounds write in ANGLE CVE-2026-9901: Use after free in ANGLE CVE-2026-9902: Use after free in Accessibility CVE-2026-9903: Insufficient validation of untrusted input in Site Isolation CVE-2026-9904: Use after free in ANGLE CVE-2026-9905: Use after free in Accessibility CVE-2026-9906: Out of bounds write in GPU CVE-2026-9907: Out of bounds read in Dawn CVE-2026-9908: Out of bounds read in ANGLE CVE-2026-9909: Integer overflow in Skia CVE-2026-9910: Out of bounds memory access in ANGLE CVE-2026-9911: Integer overflow in ANGLE CVE-2026-9912: Inappropriate implementation in GPU CVE-2026-9913: Inappropriate implementation in ANGLE CVE-2026-9914: Insufficient validation of untrusted input in ANGLE CVE-2026-9915: Heap buffer overflow in ANGLE CVE-2026-9916: Out of bounds write in ANGLE CVE-2026-9917: Uninitialized Use in WebGL CVE-2026-9918: Inappropriate implementation in Tint CVE-2026-9919: Out of bounds read in WebGL CVE-2026-9920: Uninitialized Use in GPU CVE-2026-9921: Uninitialized Use in WebGL CVE-2026-9922: Use after free in GPU CVE-2026-9923: Use after free in Skia CVE-2026-9924: Heap buffer overflow in ANGLE CVE-2026-9925: Use after free in ANGLE CVE-2026-9926: Heap buffer overflow in ANGLE CVE-2026-9927: Use after free in ANGLE CVE-2026-9928: Out of bounds read in ANGLE CVE-2026-9929: Inappropriate implementation in WebGL CVE-2026-9930: Out of bounds write in Dawn CVE-2026-9931: Use after free in GPU CVE-2026-9932: Use after free in ANGLE CVE-2026-9933: Use after free in Input CVE-2026-9934: Use after free in Aura CVE-2026-9935: Uninitialized Use in ANGLE CVE-2026-9936: Use after free in GFX CVE-2026-9937: Use after free in UI CVE-2026-9938: Inappropriate implementation in V8 CVE-2026-9939: Heap buffer overflow in WebCodecs CVE-2026-9940: Heap buffer overflow in ANGLE CVE-2026-9941: Use after free in ANGLE CVE-2026-9942: Uninitialized Use in ANGLE CVE-2026-9943: Out of bounds read in WebGL CVE-2026-9944: Uninitialized Use in ANGLE CVE-2026-9945: Use after free in Media CVE-2026-9946: Use after free in ANGLE CVE-2026-9947: Use after free in XML CVE-2026-9948: Use after free in Views CVE-2026-9949: Use after free in Core CVE-2026-9950: Insufficient validation of untrusted input in iOS CVE-2026-9951: Use after free in UI CVE-2026-9952: Use after free in WebAudio CVE-2026-9953: Out of bounds read in ANGLE CVE-2026-9954: Use after free in TabStrip CVE-2026-9955: Inappropriate implementation in iOS CVE-2026-9956: Use after free in iOS CVE-2026-9957: Use after free in PDF CVE-2026-9958: Use after free in PDFium CVE-2026-9959: Race in WebRTC CVE-2026-9960: Integer overflow in PDFium CVE-2026-9961: Use after free in SurfaceCapture CVE-2026-9962: Use after free in WebRTC CVE-2026-9963: Uninitialized Use in iOS CVE-2026-9964: Use after free in Bluetooth CVE-2026-9965: Out of bounds write in ANGLE CVE-2026-9966: Integer overflow in XML CVE-2026-9967: Out of bounds write in GPU CVE-2026-9968: Integer overflow in V8 CVE-2026-9969: Insufficient validation of untrusted input in ANGLE CVE-2026-9970: Use after free in WebGL CVE-2026-9971: Inappropriate implementation in iOS CVE-2026-9972: Uninitialized Use in Gamepad CVE-2026-9973: Out of bounds write in V8 CVE-2026-9974: Out of bounds write in GPU CVE-2026-9975: Out of bounds read and write in ANGLE CVE-2026-9976: Inappropriate implementation in USB CVE-2026-9977: Insufficient validation of untrusted input in WebShare CVE-2026-9978: Use after free in Glic CVE-2026-9979: Insufficient validation of untrusted input in Input CVE-2026-9980: Insufficient validation of untrusted input in Printing CVE-2026-9981: Inappropriate implementation in Skia CVE-2026-9982: Insufficient validation of untrusted input in ANGLE CVE-2026-9983: Type Confusion in Skia CVE-2026-9984: Use after free in UI CVE-2026-9985: Insufficient validation of untrusted input in Media CVE-2026-9986: Insufficient validation of untrusted input in OptimizationGuide CVE-2026-9987: Insufficient validation of untrusted input in WebAppInstalls CVE-2026-9988: Use after free in WebRTC CVE-2026-9989: Inappropriate implementation in Media CVE-2026-9990: Use after free in WebAppInstalls CVE-2026-9991: Inappropriate implementation in Media CVE-2026-9992: Use after free in Network CVE-2026-9993: Use after free in Views CVE-2026-9994: Use after free in Core CVE-2026-9995: Use after free in WebXR CVE-2026-9996: Out of bounds read in WebRTC CVE-2026-9997: Use after free in Input CVE-2026-9998: Integer overflow in Skia CVE-2026-9999: Inappropriate implementation in ANGLE CVE-2026-10000: Use after free in Passwords CVE-2026-10001: Use after free in PerformanceManager CVE-2026-10002: Use after free in PDFium CVE-2026-10003: Use after free in Views CVE-2026-10004: Insufficient validation of untrusted input in Passwords CVE-2026-10005: Use after free in WebAppInstalls CVE-2026-10006: Race in WebAudio CVE-2026-10007: Use after free in SVG CVE-2026-10008: Uninitialized Use in GPU CVE-2026-10009: Integer overflow in Skia CVE-2026-10010: Inappropriate implementation in Input CVE-2026-10011: Inappropriate implementation in Skia CVE-2026-10012: Use after free in Skia CVE-2026-10013: Use after free in WebCodecs CVE-2026-10014: Use after free in WebMIDI CVE-2026-10015: Integer overflow in WTF CVE-2026-10016: Use after free in DOM CVE-2026-10017: Out of bounds read in Headless CVE-2026-10018: Integer overflow in ANGLE CVE-2026-10019: Integer overflow in ANGLE CVE-2026-10020: Insufficient validation of untrusted input in Skia CVE-2026-10021: Insufficient validation of untrusted input in USB CVE-2026-10022: Type Confusion in V8 -------------------------------------------------------------------------------- _______________________________________________ Roundtable mailing list -- roundtable@muug.ca To unsubscribe send an email to roundtable-leave@muug.ca