vhs-0.10.0-4.fc43
FEDORA-2026-7646f2a691
Packages in this update:
- vhs-0.10.0-4.fc43
Rebuild with golang 1.25.9 to pick up multiple security fixes.
Aggregator
vhs-0.11.0-2.fc44
FEDORA-2026-94fbf80bec
Packages in this update:
- vhs-0.11.0-2.fc44
Update vendored goldmark to 1.7.17 to resolve CVE-2026-5160.
USN-8201-1: Linux kernel (Azure) vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403,
CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407,
CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Cryptographic API;
- GPIO subsystem;
- GPU drivers;
- I2C subsystem;
- BTRFS file system;
- XFRM subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Network traffic control;
- SMC sockets;
(CVE-2021-47599, CVE-2022-48875, CVE-2022-49046, CVE-2022-49072,
CVE-2024-46816, CVE-2024-49927, CVE-2024-56640, CVE-2025-21780,
CVE-2025-37849, CVE-2025-40215, CVE-2026-23060, CVE-2026-23074)
USN-8200-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Cryptographic API;
- GPU drivers;
- I2C subsystem;
- Network traffic control;
(CVE-2022-49046, CVE-2024-46816, CVE-2025-37849, CVE-2026-23060,
CVE-2026-23074)
USN-8200-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Cryptographic API;
- GPU drivers;
- I2C subsystem;
- Network traffic control;
(CVE-2022-49046, CVE-2024-46816, CVE-2025-37849, CVE-2026-23060,
CVE-2026-23074)
USN-8199-1: OpenStack Glance vulnerabilities
Martin Kaesberger discovered that OpenStack Glance's image processing could
return the contents of arbitrary files. An attacker could possibly use this
issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04
LTS and Ubuntu 18.04 LTS. (CVE-2024-32498)
Hyeongeun Ji and Abhishek Kekane discovered several server-side request
forgery vulnerabilities in OpenStack Glance's image import. An attacker
could possibly use this issue to bypass URL validation checks and redirect
to internal services. This issue only affected Ubuntu 18.04 LTS and Ubuntu
20.04 LTS. (CVE-2026-34881)
USN-8198-1: Tornado vulnerabilities
It was discovered that Tornado incorrectly handled parsing of large
multipart request bodies. An attacker could possibly use this issue to
cause a denial of service. (CVE-2026-31958)
It was discovered that Tornado did not properly validate characters in
cookie values. An attacker could possibly use this issue to inject
arbitrary cookie attributes. (CVE-2026-35536)
emacs-30.2-7.fc43
FEDORA-2026-290753da75
Packages in this update:
- emacs-30.2-7.fc43
Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS.
emacs-30.2-2.fc42
FEDORA-2026-52dad6273a
Packages in this update:
- emacs-30.2-2.fc42
Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS.
emacs-30.2-23.fc44
FEDORA-2026-49b8ca7981
Packages in this update:
- emacs-30.2-23.fc44
Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS.
python3.6-3.6.15-57.fc44
FEDORA-2026-a335d04675
Packages in this update:
- python3.6-3.6.15-57.fc44
- Security fixes for CVE-2026-4786, CVE-2026-6100
python3.6-3.6.15-57.fc42
FEDORA-2026-c1ca370c1a
Packages in this update:
- python3.6-3.6.15-57.fc42
- Security fixes for CVE-2026-4786, CVE-2026-6100
python3.6-3.6.15-57.fc43
FEDORA-2026-f08d5a8191
Packages in this update:
- python3.6-3.6.15-57.fc43
- Security fixes for CVE-2026-4786, CVE-2026-6100
python3.6-3.6.15-57.fc45
FEDORA-2026-5e7144a6af
Packages in this update:
- python3.6-3.6.15-57.fc45
Automatic update for python3.6-3.6.15-57.fc45.
Changelog * Fri Apr 17 2026 Charalampos Stratakis <cstratak@redhat.com> - 3.6.15-57 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: rhbz#2458018, rhbz#2458226 * Sat Apr 11 2026 Miro Hrončok <mhroncok@redhat.com> - 3.6.15-56 - Explicitly build with OpenSSL 3rust-rustls-webpki-0.103.13-1.fc44
FEDORA-2026-8f36b2341e
Packages in this update:
- rust-rustls-webpki-0.103.13-1.fc44
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.
Update to version 0.103.10. Addresses RUSTSEC-2026-0049.
Update to version 0.103.9.
rust-rustls-webpki-0.103.13-1.el9
FEDORA-EPEL-2026-50c4908f50
Packages in this update:
- rust-rustls-webpki-0.103.13-1.el9
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.
rust-rustls-webpki-0.103.13-1.fc43
FEDORA-2026-bea616fc84
Packages in this update:
- rust-rustls-webpki-0.103.13-1.fc43
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.
rust-rustls-webpki-0.103.13-1.el10_3
FEDORA-EPEL-2026-cd38d25ce0
Packages in this update:
- rust-rustls-webpki-0.103.13-1.el10_3
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.
rust-rustls-webpki-0.103.13-1.el10_2
FEDORA-EPEL-2026-229f2e4691
Packages in this update:
- rust-rustls-webpki-0.103.13-1.el10_2
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.
rust-rustls-webpki-0.103.13-1.fc42
FEDORA-2026-204499102d
Packages in this update:
- rust-rustls-webpki-0.103.13-1.fc42
Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104.