next-20260504: linux-next
Version:next-20260504 (linux-next)
Released:2026-05-04
Aggregator
gnutls-3.8.13-1.fc43
FEDORA-2026-d5f140eb90
Packages in this update:
- gnutls-3.8.13-1.fc43
Update to 3.8.13, fixes, like 13 CVEs.
gnutls-3.8.13-1.fc44
FEDORA-2026-668d2793e8
Packages in this update:
- gnutls-3.8.13-1.fc44
Update to 3.8.13, fixes, like 13 CVEs.
USN-8229-1: sed vulnerability
Michał Majchrowicz and Marcin Wyczechowski discovered that sed incorrectly
handled symbolic links when performing in-place edits. A local attacker
could possibly use this issue to overwrite arbitrary files.
USN-8228-1: Exim vulnerabilities
It was discovered that Exim incorrectly handled parsing malformed JSON
in message headers. A remote attacker could possibly use this issue to
execute arbitrary code. (CVE-2026-40685)
It was discovered that Exim incorrectly handled processing of UTF-8
trailing characters. A remote attacker could possibly use this issue to
obtain sensitive information. (CVE-2026-40686)
It was discovered that Exim incorrectly handled SPA authenticator input.
An authenticated user could possibly use this issue to execute arbitrary
code. (CVE-2026-40687)
USN-8227-1: curl vulnerabilities
It was discovered that curl incorrectly reused non-TLS connections when
TLS was required in some STARTTLS configurations. A remote attacker could
possibly use this issue to obtain sensitive information. (CVE-2026-4873)
It was discovered that curl incorrectly reused certain HTTP Negotiate
connections. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2026-5545)
It was discovered that curl incorrectly reused certain SMB connections. A
remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2026-5773)
It was discovered that curl could leak proxy credentials when handling
redirects in some configurations. A remote attacker could possibly use
this issue to obtain sensitive information. (CVE-2026-6253)
It was discovered that curl could leak cookies because of stale custom
cookie host handling in some requests. A remote attacker could possibly
use this issue to obtain sensitive information. (CVE-2026-6276)
It was discovered that curl could leak .netrc credentials when reusing
proxy connections in some situations. A remote attacker could possibly use
this issue to obtain sensitive information. (CVE-2026-6429)
It was discovered that curl could leak Digest authentication state when
switching proxies in some situations. A remote attacker could possibly use
this issue to obtain sensitive information. (CVE-2026-7168)
nodejs20-20.20.2-4.fc42
FEDORA-2026-0f43f09cd9
Packages in this update:
- nodejs20-20.20.2-4.fc42
Update for nodejs20
DSA-6247-1 lxd - security update
7.1-rc2: mainline
gnuplot-6.0.4-2.el10_3
FEDORA-EPEL-2026-a9ba2c8be0
Packages in this update:
- gnuplot-6.0.4-2.el10_3
Bump on EPEL10, fixes a security issue (rhbz#2357751)
DSA-6245-1 imagemagick - security update
DSA-6246-1 openjdk-25 - security update
SDL3_image-3.4.4-1.fc43
FEDORA-2026-0f01e844c3
Packages in this update:
- SDL3_image-3.4.4-1.fc43
Update to 3.4.4.
SDL3_image-3.4.4-1.fc44
FEDORA-2026-992a75bea6
Packages in this update:
- SDL3_image-3.4.4-1.fc44
Update to 3.4.4.
nextcloud-33.0.3-1.fc42
FEDORA-2026-2fed8dd674
Packages in this update:
- nextcloud-33.0.3-1.fc42
33.0.3 Release
nextcloud-33.0.3-1.el10_1
FEDORA-EPEL-2026-5039e33738
Packages in this update:
- nextcloud-33.0.3-1.el10_1
33.0.3 Release
nextcloud-33.0.3-1.el10_2
FEDORA-EPEL-2026-6610e2eca4
Packages in this update:
- nextcloud-33.0.3-1.el10_2
33.0.3 Release
nextcloud-33.0.3-1.el10_3
FEDORA-EPEL-2026-f7ea7872a6
Packages in this update:
- nextcloud-33.0.3-1.el10_3
33.0.3 Release
nextcloud-33.0.3-1.fc43
FEDORA-2026-6599e30e04
Packages in this update:
- nextcloud-33.0.3-1.fc43
33.0.3 Release
nextcloud-33.0.3-1.fc44
FEDORA-2026-cb5661d883
Packages in this update:
- nextcloud-33.0.3-1.fc44
33.0.3 Release