Aggregator

FEDORA-EPEL-2026-d206fb8dbe Packages in this update:

• haveged-1.9.23-1.el10_3

Update description:

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-EPEL-2026-50018db082 Packages in this update:

• haveged-1.9.23-1.el9

Update description:

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-2026-afa00da304 Packages in this update:

• haveged-1.9.23-1.fc43

Update description:

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-2026-333f3f8aba Packages in this update:

• haveged-1.9.23-1.fc44

Update description:

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-2026-9d7328702e Packages in this update:

• nginx-1.30.3-1.fc43
• nginx-mod-brotli-1.0.0~rc-11.fc43
• nginx-mod-fancyindex-0.6.0-6.fc43
• nginx-mod-headers-more-0.39-11.fc43
• nginx-mod-modsecurity-1.0.4-12.fc43
• nginx-mod-naxsi-1.6-19.fc43
• nginx-mod-vts-0.2.4-11.fc43

Update description:

nginx-mod-headers-more:

• Rebuild for 1.30.3

nginx-mod-brotli:

• Rebuild for 1.30.3

nginx-mod-vts:

• Rebuild for 1.30.3

nginx-mod-modsecurity:

• Rebuild for 1.30.3

nginx-mod-fancyindex:

• Rebuild for 1.30.3

nginx-mod-naxsi:

• Rebuild for 1.30.3

nginx:

• update to 1.30.3
• fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142

FEDORA-2026-b8e751787c Packages in this update:

• nginx-1.30.3-1.fc44
• nginx-mod-brotli-1.0.0~rc-11.fc44
• nginx-mod-fancyindex-0.6.0-6.fc44
• nginx-mod-headers-more-0.39-11.fc44
• nginx-mod-js-challenge-0^20230517.gitda6852d-9.fc44
• nginx-mod-modsecurity-1.0.4-12.fc44
• nginx-mod-naxsi-1.6-19.fc44
• nginx-mod-vts-0.2.4-11.fc44

Update description:

nginx-mod-brotli:

• Rebuild for 1.30.3

nginx-mod-fancyindex:

• Rebuild for 1.30.3

nginx-mod-vts:

• Rebuild for 1.30.3

nginx-mod-modsecurity:

• Rebuild for 1.30.3

nginx-mod-headers-more:

• Rebuild for 1.30.3

nginx-mod-naxsi:

• Rebuild for 1.30.3

nginx-mod-js-challenge:

• Rebuild for 1.30.3

nginx:

• update to 1.30.3
• fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142

FEDORA-2026-e212182e6e Packages in this update:

• nginx-1.30.3-1.fc45
• nginx-mod-brotli-1.0.0~rc-11.fc45
• nginx-mod-fancyindex-0.6.0-6.fc45
• nginx-mod-headers-more-0.39-11.fc45
• nginx-mod-js-challenge-0^20230517.gitda6852d-9.fc45
• nginx-mod-modsecurity-1.0.4-12.fc45
• nginx-mod-naxsi-1.6-19.fc45
• nginx-mod-vts-0.2.4-11.fc45

Update description:

nginx-mod-brotli:

• Rebuild for 1.30.3

nginx-mod-fancyindex:

• Rebuild for 1.30.3

nginx-mod-modsecurity:

• Rebuild for 1.30.3

nginx-mod-headers-more:

• Rebuild for 1.30.3

nginx-mod-naxsi:

• Rebuild for 1.30.3

nginx-mod-js-challenge:

• Rebuild for 1.30.3

nginx-mod-vts:

• Rebuild for 1.30.3

nginx:

• update to 1.30.3
• fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142

FEDORA-EPEL-2026-a80cc1ccf4 Packages in this update:

• openbao-2.5.5-1.el10_2

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-EPEL-2026-33e6f5bc0f Packages in this update:

• openbao-2.5.5-1.el10_3

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-2026-da7e499416 Packages in this update:

• openbao-2.5.5-1.fc43

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-EPEL-2026-68c29512d7 Packages in this update:

• openbao-2.5.5-1.el9

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-EPEL-2026-c797cdf471 Packages in this update:

• openbao-2.5.5-1.el8

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-2026-84ff0044db Packages in this update:

• openbao-2.5.5-1.fc44

Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

FEDORA-EPEL-2026-1402b5bee1 Packages in this update:

• python-postorius-1.3.8-9.el9

Update description:

Backport unreleased fix for cross-side scripting via unescaped HTML

FEDORA-2026-ef34f94241 Packages in this update:

• python-postorius-1.3.13-1.fc44

Update description:

Update to 1.3.13 (minor packaging changes); backport unreleased fix for cross-side scripting via unescaped HTML

FEDORA-2026-c2b475c5f1 Packages in this update:

• python-postorius-1.3.13-1.fc43

Update description:

Update to 1.3.13 (minor packaging changes); backport unreleased fix for cross-side scripting via unescaped HTML

It was discovered that kitty incorrectly handled certain image data. An attacker able to write to the terminal's input could possibly use this issue to cause kitty to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-33633) It was discovered that kitty incorrectly handled certain graphics commands. An attacker able to write escape sequences to a kitty terminal could possibly use this issue to cause kitty to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-33642)

FEDORA-2026-b67348bd21 Packages in this update:

• maradns-3.5.0037-1.fc45

Update description:

Automatic update for maradns-3.5.0037-1.fc45.

Changelog * Mon Jun 15 2026 Tomasz Torcz <ttorcz@fedoraproject.org> - 3.5.0037-1 - update to 3.5.0037, fixing DNS-over-TCP bug (rhbz#2488786)

FEDORA-2026-79d9e34e36 Packages in this update:

• liferea-1.16.12-1.fc44

Update description:

Update to 1.16.12

Update to 1.16.11

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container.