python3.13-3.13.14-1.el10_3
FEDORA-EPEL-2026-625598ba74
Packages in this update:
- python3.13-3.13.14-1.el10_3
New Python release including bugfixes and security fixes.
Aggregator
python3.13-3.13.14-1.el9
FEDORA-EPEL-2026-29b6bdb776
Packages in this update:
- python3.13-3.13.14-1.el9
New Python release including bugfixes and security fixes.
python3-docs-3.14.6-1.fc44 python3.14-3.14.6-1.fc44
FEDORA-2026-a2c583a4ab
Packages in this update:
- python3.14-3.14.6-1.fc44
- python3-docs-3.14.6-1.fc44
New Python release including bugfixes and security fixes.
python3.13-3.13.14-1.fc43
FEDORA-2026-2deb979d80
Packages in this update:
- python3.13-3.13.14-1.fc43
New Python release including bugfixes and security fixes.
python3.13-3.13.14-1.fc44
FEDORA-2026-dfc9182263
Packages in this update:
- python3.13-3.13.14-1.fc44
New Python version including bugfixes and security fixes.
perl-Crypt-PBKDF2-0.261630-1.fc44
FEDORA-2026-5b12cc327e
Packages in this update:
- perl-Crypt-PBKDF2-0.261630-1.fc44
This update addresses a number of security issues:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)
perl-Crypt-PBKDF2-0.261630-1.el10_3
FEDORA-EPEL-2026-02984212ed
Packages in this update:
- perl-Crypt-PBKDF2-0.261630-1.el10_3
This update addresses a number of security issues:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)
perl-Crypt-PBKDF2-0.261630-1.el10_2
FEDORA-EPEL-2026-ee9885ce31
Packages in this update:
- perl-Crypt-PBKDF2-0.261630-1.el10_2
This update addresses a number of security issues:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)
perl-Crypt-PBKDF2-0.261630-1.el9
FEDORA-EPEL-2026-c5b8fc5fd2
Packages in this update:
- perl-Crypt-PBKDF2-0.261630-1.el9
This update addresses a number of security issues:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)
perl-Crypt-PBKDF2-0.261630-1.fc43
FEDORA-2026-e8231b773d
Packages in this update:
- perl-Crypt-PBKDF2-0.261630-1.fc43
This update addresses a number of security issues:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)
python3-docs-3.14.6-1.fc43 python3.14-3.14.6-1.fc43
FEDORA-2026-b17b2a984a
Packages in this update:
- python3.14-3.14.6-1.fc43
- python3-docs-3.14.6-1.fc43
New Python release including bugfixes and security fixes.
frr-10.6.1-1.fc45 grout-0.16.0-1.fc45
FEDORA-2026-cb34486b1a
Packages in this update:
- frr-10.6.1-1.fc45
- grout-0.16.0-1.fc45
New version of frr and grout. I am keeping libyang to version 3 at the moment due to recommendations from https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst. Once changes to build with libyang5 land, I will rebase libyang as well.
frr-10.6.1-1.fc44 grout-0.16.0-1.fc44
FEDORA-2026-28949d21e5
Packages in this update:
- frr-10.6.1-1.fc44
- grout-0.16.0-1.fc44
New version of frr and grout. I am keeping libyang to version 3 at the moment due to recommendations from https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst. Once changes to build with libyang5 land, I will rebase libyang as well.
DSA-6342-1 jpeg-xl - security update
DSA-6343-1 librabbitmq - security update
ansible-core-2.18.18~rc1-1.fc43
FEDORA-2026-f027f57724
Packages in this update:
- ansible-core-2.18.18~rc1-1.fc43
- Mitigates CVE-2026-11332 (rhbz#2485397)
ansible-core-2.20.7~rc1-1.fc44
FEDORA-2026-7f70f809f0
Packages in this update:
- ansible-core-2.20.7~rc1-1.fc44
- Mitigates CVE-2026-11332 (rhbz#2485397)
USN-8426-1: Linux kernel (Azure) vulnerabilities
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container. (CVE-2026-43284, CVE-2026-43500)
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503,
CVE-2026-46300)
Qualys discovered that a race condition existed in the ptrace subsystem of
the Linux kernel when privileged processes are exiting. An unprivileged
local attacker could use this issue to expose sensitive information.
(CVE-2026-46333)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- SMB network file system;
- Netfilter;
- io_uring subsystem;
- Packet sockets;
- RDS protocol;
- TLS protocol;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078, CVE-2026-43494, CVE-2026-46028)
atril-1.26.4-1.el8
FEDORA-EPEL-2026-c0bb6674c7
Packages in this update:
- atril-1.26.4-1.el8
- epub: use g_strndup for parsing document path
- epub: validate epub content before parsing
- epub: Avoid crash when index list has extraneous entry
- fix a incompatible pointer type warning for gcc14
- Fix build with libxml2 2.12
- fix memleak
- pdf: Always use poppler_document_save to avoid data loss
- ev-application: Quote user-supplied strings in ev_spawn command line
atril-1.26.4-1.el9
FEDORA-EPEL-2026-abc540be8b
Packages in this update:
- atril-1.26.4-1.el9
- epub: use g_strndup for parsing document path
- epub: validate epub content before parsing
- epub: Avoid crash when index list has extraneous entry
- fix a incompatible pointer type warning for gcc14
- Fix build with libxml2 2.12
- fix memleak
- pdf: Always use poppler_document_save to avoid data loss
- ev-application: Quote user-supplied strings in ev_spawn command line