Aggregator

FEDORA-2026-ba5710ebd0 Packages in this update:

• rust-ingredients-0.2.2-4.fc43

Update description:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:

• CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
• CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
• CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
• CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
• CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
• CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
• CVE-2026-44662 / GHSA-xv59-967r-8726

FEDORA-2026-941244e8ee Packages in this update:

• rust-sevctl-0.6.2-7.fc44

Update description:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:

• CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
• CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
• CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
• CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
• CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
• CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
• CVE-2026-44662 / GHSA-xv59-967r-8726

FEDORA-2026-72a1f0b109 Packages in this update:

• rust-sevctl-0.6.2-7.fc43

Update description:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:

• CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
• CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
• CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
• CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
• CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
• CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
• CVE-2026-44662 / GHSA-xv59-967r-8726

FEDORA-2026-eeb94c0e5e Packages in this update:

• rust-coreos-installer-0.26.0-2.fc44

Update description:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:

• CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
• CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
• CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
• CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
• CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
• CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
• CVE-2026-44662 / GHSA-xv59-967r-8726

FEDORA-2026-b242a3b068 Packages in this update:

• rust-coreos-installer-0.26.0-2.fc43

Update description:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:

• CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
• CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
• CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
• CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
• CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
• CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
• CVE-2026-44662 / GHSA-xv59-967r-8726

FEDORA-EPEL-2026-e4d7315140 Packages in this update:

• editorconfig-0.12.11-1.el8

Update description:

Update to 0.12.11: security fix for CVE-2026-40489.

FEDORA-EPEL-2026-c78a7ccb1c Packages in this update:

• editorconfig-0.12.11-1.el9

Update description:

Update to 0.12.11: security fix for CVE-2026-40489.

FEDORA-EPEL-2026-5ae59c6ef8 Packages in this update:

• rust-sequoia-keystore-server-0.2.0-7.el9
• rust-sequoia-openpgp-2.3.0-1.el9
• rust-sequoia-sq-1.3.1-11.el9

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

This update includes rebuilds of all affected applications to pick up the fixes for these issues.

FEDORA-EPEL-2026-32854cf913 Packages in this update:

• rust-sequoia-openpgp-2.3.0-1.el10_2

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

FEDORA-EPEL-2026-24edbee165 Packages in this update:

• rust-sequoia-openpgp-2.3.0-1.el10_3

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

FEDORA-2026-8df732be8a Packages in this update:

• rust-rpm-sequoia-1.10.2-2.fc42
• rust-sequoia-chameleon-gnupg-0.13.1-12.fc42
• rust-sequoia-git-0.6.0-2.fc42
• rust-sequoia-keystore-server-0.2.0-7.fc42
• rust-sequoia-octopus-librnp-1.11.1-6.fc42
• rust-sequoia-openpgp-2.3.0-1.fc42
• rust-sequoia-sop-0.37.3-3.fc42
• rust-sequoia-sq-1.3.1-11.fc42
• rust-sequoia-sqv-1.3.0-6.fc42

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

This update includes rebuilds of all affected applications to pick up the fixes for these issues.

Update to version 1.10.2. Addresses CVE-2026-2625.

FEDORA-2026-38d57d2e7a Packages in this update:

• rust-rpm-sequoia-1.10.2-2.fc43
• rust-sequoia-chameleon-gnupg-0.13.1-12.fc43
• rust-sequoia-git-0.6.0-2.fc43
• rust-sequoia-keystore-server-0.2.0-7.fc43
• rust-sequoia-octopus-librnp-1.11.1-6.fc43
• rust-sequoia-openpgp-2.3.0-1.fc43
• rust-sequoia-sop-0.37.3-3.fc43
• rust-sequoia-sq-1.3.1-11.fc43
• rust-sequoia-sqv-1.3.0-6.fc43

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

This update includes rebuilds of all affected applications to pick up the fixes for these issues.

FEDORA-2026-5619c60e85 Packages in this update:

• rust-podman-sequoia-0.3.2-2.fc44
• rust-rpm-sequoia-1.10.2-2.fc44
• rust-sequoia-chameleon-gnupg-0.13.1-12.fc44
• rust-sequoia-git-0.6.0-2.fc44
• rust-sequoia-keystore-server-0.2.0-7.fc44
• rust-sequoia-octopus-librnp-1.11.1-6.fc44
• rust-sequoia-openpgp-2.3.0-1.fc44
• rust-sequoia-sop-0.37.3-3.fc44
• rust-sequoia-sq-1.3.1-11.fc44
• rust-sequoia-sqv-1.3.0-6.fc44

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

This update includes rebuilds of all affected applications to pick up the fixes for these issues.

FEDORA-2026-5272623baf Packages in this update:

• rust-podman-sequoia-0.3.2-2.fc45
• rust-rpm-sequoia-1.10.2-2.fc45
• rust-sequoia-chameleon-gnupg-0.13.1-12.fc45
• rust-sequoia-git-0.6.0-2.fc45
• rust-sequoia-keystore-server-0.2.0-7.fc45
• rust-sequoia-octopus-librnp-1.11.1-6.fc45
• rust-sequoia-openpgp-2.3.0-1.fc45
• rust-sequoia-sop-0.37.3-3.fc45
• rust-sequoia-sq-1.3.1-11.fc45
• rust-sequoia-sqv-1.3.0-6.fc45

Update description:

Update sequoia-openpgp to version 2.3.0.

This includes three security relevant fixes (assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-assigned-yet), see "Notable fixes" in the release notes: https://gitlab.com/sequoia-pgp/sequoia/-/raw/openpgp/v2.3.0/openpgp/NEWS

This update includes rebuilds of all affected applications to pick up the fixes for these issues.

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23410, CVE-2026-23411) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - Network drivers; - UDF file system; - NFC subsystem; - Network traffic control; - Sun RPC protocol; - XFRM subsystem; (CVE-2024-27388, CVE-2024-46777, CVE-2024-46816, CVE-2024-49938, CVE-2024-50008, CVE-2024-50142, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060, CVE-2026-23074, CVE-2026-23209)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23410, CVE-2026-23411) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Sun RPC protocol; - XFRM subsystem; (CVE-2024-27388, CVE-2024-46816, CVE-2024-49938, CVE-2024-50008, CVE-2024-50142, CVE-2026-23209)

FEDORA-2026-aa5877c5ba Packages in this update:

• uriparser-1.0.2-1.fc43

Update description:

Update to uriparser-1.0.2.

Update to uriparser-1.0.1.

FEDORA-2026-2a9d57ce6b Packages in this update:

• poppler-25.07.0-5.fc43

Update description:

This update fixes CVE-2025-52885

FEDORA-2026-2bdb132e40 Packages in this update:

• poppler-25.02.0-6.fc42

Update description:

This update fixes CVE-2025-52885 and CVE-2025-43718

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; (CVE-2026-23112, CVE-2026-23273)