CEF and K9S updates for Fedora 42

Fedora Linux 9271 Published by

Fedora 42 has released updates for two packages: cef and k9s. The cef update includes a bump to version 145.0.28^chromium145.0.7632.159, which fixes several security vulnerabilities, including integer overflows and heap buffer overflows in various Chromium components. The k9s update is a newer version of the Kubernetes CLI tool, with no significant changes noted.

Fedora 42 Update: cef-145.0.28^chromium145.0.7632.159-1.fc42
Fedora 42 Update: k9s-0.50.18-1.fc42




[SECURITY] Fedora 42 Update: cef-145.0.28^chromium145.0.7632.159-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-95fffce421
2026-03-09 01:01:24.903128+00:00
--------------------------------------------------------------------------------

Name : cef
Product : Fedora 42
Version : 145.0.28^chromium145.0.7632.159
Release : 1.fc42
URL : https://bitbucket.org/chromiumembedded/cef
Summary : Chromium Embedded Framework
Description :
CEF is an embeddable build of Chromium, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 (rhbz#2437035)
CVE-2026-3536: Integer overflow in ANGLE
CVE-2026-3537: Object lifecycle issue in PowerVR
CVE-2026-3538: Integer overflow in Skia
CVE-2026-3539: Object lifecycle issue in DevTools
CVE-2026-3540: Inappropriate implementation in WebAudio
CVE-2026-3541: Inappropriate implementation in CSS
CVE-2026-3542: Inappropriate implementation in WebAssembly
CVE-2026-3543: Inappropriate implementation in V8
CVE-2026-3544: Heap buffer overflow in WebCodecs
CVE-2026-3545: Insufficient data validation in Navigation
CVE-2026-3061: Out of bounds read in Media
CVE-2026-3062: Out of bounds read and write in Tint
CVE-2026-3063: Inappropriate implementation in DevTools
CVE-2026-2648: Heap buffer overflow in PDFium
CVE-2026-2649: Integer overflow in V8
CVE-2026-2650: Heap buffer overflow in Media
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 7 2026 Hoshino Lina [lina@lina.yt] - 145.0.28^chromium145.0.7632.159-1
- Bump to cef-145.0.28+g51162e8 (rhbz#2437035)
* Sat Mar 7 2026 Than Ngo [than@redhat.com] - 145.0.25^chromium145.0.7632.159-1
- Update to 145.0.7632.159
- * CVE-2026-3536: Integer overflow in ANGLE
- * CVE-2026-3537: Object lifecycle issue in PowerVR
- * CVE-2026-3538: Integer overflow in Skia
- * CVE-2026-3539: Object lifecycle issue in DevTools
- * CVE-2026-3540: Inappropriate implementation in WebAudio
- * CVE-2026-3541: Inappropriate implementation in CSS
- * CVE-2026-3542: Inappropriate implementation in WebAssembly
- * CVE-2026-3543: Inappropriate implementation in V8
- * CVE-2026-3544: Heap buffer overflow in WebCodecs
- * CVE-2026-3545: Insufficient data validation in Navigation
* Sat Mar 7 2026 Than Ngo [than@redhat.com] - 145.0.25^chromium145.0.7632.116-1
- Update to 145.0.7632.116
- * CVE-2026-3061: Out of bounds read in Media
- * CVE-2026-3062: Out of bounds read and write in Tint
- * CVE-2026-3063: Inappropriate implementation in DevTools
* Sat Mar 7 2026 Than Ngo [than@redhat.com] - 145.0.25^chromium145.0.7632.109-1
- Update to 145.0.7632.109
- * CVE-2026-2648: Heap buffer overflow in PDFium
- * CVE-2026-2649: Integer overflow in V8
- * CVE-2026-2650: Heap buffer overflow in Media
* Sat Mar 7 2026 Hoshino Lina [lina@lina.yt] - 145.0.25^chromium145.0.7632.75-5
- Use C++20 for libcef target
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2437035 - cef-145.0.28 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2437035
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-95fffce421' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 42 Update: k9s-0.50.18-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a74aa25180
2026-03-09 01:01:24.903121+00:00
--------------------------------------------------------------------------------

Name : k9s
Product : Fedora 42
Version : 0.50.18
Release : 1.fc42
URL : https://github.com/derailed/k9s
Summary : Kubernetes CLI To Manage Your Clusters In Style
Description :
Kubernetes CLI To Manage Your Clusters In Style!

--------------------------------------------------------------------------------
Update Information:

Update to 0.50.18
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 28 2026 blinxen - 0.50.18-1
- Update to version 0.50.18 (rhbz#2428576)
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.50.16-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2417127 - CVE-2025-65965 k9s: Grype has a credential disclosure vulnerability in Grype JSON output [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2417127
[ 2 ] Bug #2419013 - CVE-2024-25621 k9s: containerd local privilege escalation [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2419013
[ 3 ] Bug #2420597 - CVE-2025-47913 k9s: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2420597
[ 4 ] Bug #2424014 - [Minor Incident] CVE-2025-52881 k9s: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2424014
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a74aa25180' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new


Linux Security Roundup for Week 10, 2026: Multiple Distributions Release Critical Updates to Address Vulnerabilities

Thunderbird, Kpatch-Patch, GIT-LFS, and more updates for RHEL

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...