Aggregator

Version:5.10.257 (longterm) Released:2026-05-23 Source:linux-5.10.257.tar.xz PGP Signature:linux-5.10.257.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-5.10.257

Version:7.0.10 (stable) Released:2026-05-23 Source:linux-7.0.10.tar.xz PGP Signature:linux-7.0.10.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-7.0.10

Version:6.18.33 (longterm) Released:2026-05-23 Source:linux-6.18.33.tar.xz PGP Signature:linux-6.18.33.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.33

Version:6.12.91 (longterm) Released:2026-05-23 Source:linux-6.12.91.tar.xz PGP Signature:linux-6.12.91.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.91

Version:6.6.141 (longterm) Released:2026-05-23 Source:linux-6.6.141.tar.xz PGP Signature:linux-6.6.141.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.141

FEDORA-2026-dd9cd16b18 Packages in this update:

• nginx-1.30.2-1.fc43
• nginx-mod-brotli-1.0.0~rc-10.fc43
• nginx-mod-fancyindex-0.6.0-5.fc43
• nginx-mod-headers-more-0.39-10.fc43
• nginx-mod-modsecurity-1.0.4-11.fc43
• nginx-mod-naxsi-1.6-18.fc43
• nginx-mod-vts-0.2.4-10.fc43

Update description:

nginx-mod-brotli:

• Rebuild for 1.30.2

nginx-mod-fancyindex:

• Rebuild for 1.30.2

nginx-mod-naxsi:

• Rebuild for 1.30.2

nginx-mod-headers-more:

• Rebuild for 1.30.2

nginx-mod-vts:

• Rebuild for 1.30.2

nginx-mod-modsecurity:

• Rebuild for 1.30.2

nginx:

• update to 1.30.2
• fixes CVE-2026-9256

FEDORA-2026-da68d7bf53 Packages in this update:

• nginx-1.30.2-1.fc44
• nginx-mod-brotli-1.0.0~rc-10.fc44
• nginx-mod-fancyindex-0.6.0-5.fc44
• nginx-mod-headers-more-0.39-10.fc44
• nginx-mod-js-challenge-0^20230517.gitda6852d-8.fc44
• nginx-mod-modsecurity-1.0.4-11.fc44
• nginx-mod-naxsi-1.6-18.fc44
• nginx-mod-vts-0.2.4-10.fc44

Update description:

nginx-mod-headers-more:

• Rebuild for 1.30.2

nginx-mod-vts:

• Rebuild for 1.30.2

nginx-mod-fancyindex:

• Rebuild for 1.30.2

nginx-mod-brotli:

• Rebuild for 1.30.2

nginx-mod-naxsi:

• Rebuild for 1.30.2

nginx-mod-js-challenge:

• Rebuild for 1.30.2

nginx-mod-modsecurity:

• Rebuild for 1.30.2

nginx:

• update to 1.30.2
• fixes CVE-2026-9256

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - UACCE accelerator framework; - Ethernet bonding driver; - Network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - NVME drivers; - PHY drivers; - SLIMbus drivers; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - NFC subsystem; - BPF subsystem; - IRQ subsystem; - Memory management; - Bluetooth subsystem; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - NET/ROM layer; - Network traffic control; - SCTP protocol; - TLS protocol; - XFRM subsystem; - Creative Sound Blaster X-Fi driver; - USB sound devices; (CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209)

FEDORA-EPEL-2026-cb90c89045 Packages in this update:

• netatalk-4.4.3-1.el10_2

Update description:

4.4.3 release

FEDORA-EPEL-2026-b4a86bd068 Packages in this update:

• netatalk-4.4.3-1.el10_3

Update description:

4.4.3 Release

FEDORA-2026-9fd50b2ff1 Packages in this update:

• netatalk-4.4.3-1.fc43

Update description:

4.4.3 Release

FEDORA-2026-e7e7bb2417 Packages in this update:

• netatalk-4.4.3-1.fc44

Update description:

4.4.3 Release

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; - TLS protocol; (CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; (CVE-2026-31504, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

FEDORA-EPEL-2026-e7b8776a02 Packages in this update:

• libssh2-1.11.1-6.el9

Update description:

This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings.

FEDORA-EPEL-2026-afcb3443a1 Packages in this update:

• libssh2-1.11.1-6.el10_2

Update description:

This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings.

FEDORA-EPEL-2026-afd26ad447 Packages in this update:

• libssh2-1.11.1-6.el10_3

Update description:

This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings.

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - S390 architecture; - Cryptographic API; - GPU drivers; - Ethernet bonding driver; - Network file system (NFS) server daemon; - Distributed Switch Architecture; - Netfilter; - Control group (cgroup); - Kernel kexec() syscall; - Memory management; - MAC80211 subsystem; - Multipath TCP; - Packet sockets; - TLS protocol; - Unix domain sockets; (CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134, CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144, CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)