Aggregator
bcftools-1.23.1-1.el8 htslib-1.23.1-1.el8 samtools-1.23.1-1.el8
FEDORA-EPEL-2026-74a1834691
Packages in this update:
- bcftools-1.23.1-1.el8
- htslib-1.23.1-1.el8
- samtools-1.23.1-1.el8
Update to 1.23.1
perl-YAML-Syck-1.37-1.el9
FEDORA-EPEL-2026-52be5354a0
Packages in this update:
- perl-YAML-Syck-1.37-1.el9
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
perl-YAML-Syck-1.37-1.el10_2
FEDORA-EPEL-2026-de60bba45b
Packages in this update:
- perl-YAML-Syck-1.37-1.el10_2
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
perl-YAML-Syck-1.37-1.el10_3
FEDORA-EPEL-2026-e7f8f46758
Packages in this update:
- perl-YAML-Syck-1.37-1.el10_3
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
perl-YAML-Syck-1.37-1.fc43
FEDORA-2026-3572f7e01c
Packages in this update:
- perl-YAML-Syck-1.37-1.fc43
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
perl-YAML-Syck-1.37-1.fc44
FEDORA-2026-a8d89d8ae2
Packages in this update:
- perl-YAML-Syck-1.37-1.fc44
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
perl-YAML-Syck-1.37-1.fc42
FEDORA-2026-d226775800
Packages in this update:
- perl-YAML-Syck-1.37-1.fc42
YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.
USN-8105-2: FreeRDP regression
USN-8105-1 fixed vulnerabilities in FreeRDP. The update introduced a
regression which could cause FreeRDP to crash. This update fixes the
problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that FreeRDP incorrectly handled certain RDP packets. A
remote attacker could use this issue to cause FreeRDP to crash, resulting
in a denial of service, or possibly execute arbitrary code.
bcftools-1.23.1-1.fc44 htslib-1.23.1-1.fc44 samtools-1.23.1-1.fc44
FEDORA-2026-cb321bebb5
Packages in this update:
- bcftools-1.23.1-1.fc44
- htslib-1.23.1-1.fc44
- samtools-1.23.1-1.fc44
Update to 1.23.1
bcftools-1.23.1-1.fc43 htslib-1.23.1-1.fc43 samtools-1.23.1-1.fc43
FEDORA-2026-3b06345bf2
Packages in this update:
- bcftools-1.23.1-1.fc43
- htslib-1.23.1-1.fc43
- samtools-1.23.1-1.fc43
Update to 1.23.1
bcftools-1.23.1-1.fc42 htslib-1.23.1-1.fc42 samtools-1.23.1-1.fc42
FEDORA-2026-1fc0d39acd
Packages in this update:
- bcftools-1.23.1-1.fc42
- htslib-1.23.1-1.fc42
- samtools-1.23.1-1.fc42
Update to 1.23.1
USN-8111-1: OpenStack Glance vulnerability
It was discovered that OpenStack Glance was incorrectly validating the IP
addresses and the redirect destination URL when downloading or importing
images from a remote source. An attacker could possibly use this issue to
perform server-side request forgery and obtain sensitive information.
6.19.9: stable
Version:6.19.9 (stable)
Released:2026-03-19
Source:linux-6.19.9.tar.xz
PGP Signature:linux-6.19.9.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.19.9
libsoup3-3.6.6-2.fc43
FEDORA-2026-f029d04054
Packages in this update:
- libsoup3-3.6.6-2.fc43
Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect)
libsoup3-3.6.6-6.fc44
FEDORA-2026-55dabf3975
Packages in this update:
- libsoup3-3.6.6-6.fc44
Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect)
6.18.19: longterm
Version:6.18.19 (longterm)
Released:2026-03-19
Source:linux-6.18.19.tar.xz
PGP Signature:linux-6.18.19.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.18.19
libsoup3-3.6.6-6.fc45
FEDORA-2026-6fb683df94
Packages in this update:
- libsoup3-3.6.6-6.fc45
Automatic update for libsoup3-3.6.6-6.fc45.
Changelog * Thu Mar 19 2026 Milan Crha <mcrha@redhat.com> - 3.6.6-6 - Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect) - Resolves: rhbz#2433867rubygem-json-2.19.2-1.fc44
FEDORA-2026-3a7663d43d
Packages in this update:
- rubygem-json-2.19.2-1.fc44
New version 2.19.2 is released. This fixes a format string injection vulnerability in JSON.parse, which is now assigned as CVE-2026-33210
bcftools-1.23.1-1.el10_3 htslib-1.23.1-1.el10_3 samtools-1.23.1-1.el10_3
FEDORA-EPEL-2026-ab0bf2a308
Packages in this update:
- bcftools-1.23.1-1.el10_3
- htslib-1.23.1-1.el10_3
- samtools-1.23.1-1.el10_3
Update to 1.23.1