1 week 1 day ago
FEDORA-2026-b2fe14ec86
Packages in this update:
Update description:
Version 1.4.5
This release contains vulnerability fixes for the following security advisories:
- GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion via extra.pie-installed-binary metadata in UninstallUsingUnlink
- GHSA-pm6p-666q-hvj5 - Sudo-elevated root code execution via TOCTOU between self-update verify and write
- GHSA-f67f-c344-cqqr - PIE self-update accepts any historically-attested pie.phar (rollback gap)
- GHSA-vcv4-gmjc-mxvq - php-ext.build-path traversal escapes PIE's vendor extract directory
- GHSA-8xmh-xrvp-hwrf - WindowsInstall::copyExtraFile lacks destination containment check (Windows-only path traversal)
- GHSA-p4j8-36rr-gjfq - Self-update attestation verification is scoped to --owner=php, not --repo=php/pie
1 week 1 day ago
Version:next-20260526 (linux-next)
Released:2026-05-26
1 week 1 day ago
FEDORA-2026-1151ae6bdf
Packages in this update:
- libcaca-0.99-0.83.beta20.fc45
Update description:
Automatic update for libcaca-0.99-0.83.beta20.fc45.
Changelog
* Tue May 26 2026 Xavier Bachelot <
xavier@bachelot.org> - 0.99-0.83.beta20
- Fix CVE-2026-42046 (RHBZ#2475408)
1 week 1 day ago
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should have
been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly block
file overwrites. An attacker could possibly use this issue to overwrite
files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP without
verification. A machine-in-the-middle attacker could possibly use this
issue to install a malicious CA certificate. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)
Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that
Samba's Active Directory Domain Controller WINS server could be made to
crash under certain circumstances. A remote attacker could possibly use
this issue to cause a denial of service. (CVE-2026-3238)
Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly
handled a non-default password check script configuration. A remote
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-4408)
Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly
handled a non-default print command configuration. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2026-4480)
1 week 1 day ago
1 week 1 day ago
1 week 1 day ago
FEDORA-2026-28afc9a105
Packages in this update:
Update description:
Update to 3.26.4, fixes CVE-2026-8631, CVE-2026-8632
1 week 1 day ago
FEDORA-2026-a109a9ac2c
Packages in this update:
Update description:
- updated to 1.6.58
- 1.6.58 is released with a fix for a simple correctness bug (not a security issue) this time: png_get_PLTE() returns stale palette data when either gamma correction or alpha-compositing is the only transform applied. Like the issues addressed in the previous release, this bug was a regression introduced in the fix for CVE-2026-33416 in 1.6.56.
- 1.6.57 is released with fixes for the following security vulnerability:
- CVE-2026-34757 (medium severity): Use-after-free memory bug in the chunk setter API. The hIST variant has existed since version 1.0.9, but the PLTE and tRNS ones are regressions introduced in the fix for CVE-2026-33416 in 1.6.56 (oops).
1 week 1 day ago
FEDORA-2026-9a678a08c8
Packages in this update:
Update description:
- updated to 1.6.58
- 1.6.58 is released with a fix for a simple correctness bug (not a security issue) this time: png_get_PLTE() returns stale palette data when either gamma correction or alpha-compositing is the only transform applied. Like the issues addressed in the previous release, this bug was a regression introduced in the fix for CVE-2026-33416 in 1.6.56.
- 1.6.57 is released with fixes for the following security vulnerability:
- CVE-2026-34757 (medium severity): Use-after-free memory bug in the chunk setter API. The hIST variant has existed since version 1.0.9, but the PLTE and tRNS ones are regressions introduced in the fix for CVE-2026-33416 in 1.6.56 (oops).
1 week 1 day ago
FEDORA-2026-67c1138ed2
Packages in this update:
Update description:
- updated to 1.6.58
- 1.6.58 is released with a fix for a simple correctness bug (not a security issue) this time: png_get_PLTE() returns stale palette data when either gamma correction or alpha-compositing is the only transform applied. Like the issues addressed in the previous release, this bug was a regression introduced in the fix for CVE-2026-33416 in 1.6.56.
- 1.6.57 is released with fixes for the following security vulnerability:
- CVE-2026-34757 (medium severity): Use-after-free memory bug in the chunk setter API. The hIST variant has existed since version 1.0.9, but the PLTE and tRNS ones are regressions introduced in the fix for CVE-2026-33416 in 1.6.56 (oops).
1 week 1 day ago
FEDORA-EPEL-2026-05f02b89ad
Packages in this update:
- roundcubemail-1.6.16-1.el10_3
Update description:
Release 1.6.16
- Fix potential too long value in IMAP ID command (#10136)
- Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog
- Security: Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">
- Security: Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass
- Security: Fix SSRF bypass via specific local address URLs
- Security: Fix bypass of remote image blocking via CSS var()
- Security: Fix local/private URL fetch bypass when remote resources were not allowed
- Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass
- Security: Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option
1 week 1 day ago
FEDORA-2026-07ee097ffe
Packages in this update:
- roundcubemail-1.6.16-1.fc43
Update description:
Release 1.6.16
- Fix potential too long value in IMAP ID command (#10136)
- Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog
- Security: Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">
- Security: Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass
- Security: Fix SSRF bypass via specific local address URLs
- Security: Fix bypass of remote image blocking via CSS var()
- Security: Fix local/private URL fetch bypass when remote resources were not allowed
- Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass
- Security: Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option
1 week 1 day ago
FEDORA-EPEL-2026-aa33047e8e
Packages in this update:
- roundcubemail-1.6.16-1.el10_2
Update description:
Release 1.6.16
- Fix potential too long value in IMAP ID command (#10136)
- Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog
- Security: Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">
- Security: Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass
- Security: Fix SSRF bypass via specific local address URLs
- Security: Fix bypass of remote image blocking via CSS var()
- Security: Fix local/private URL fetch bypass when remote resources were not allowed
- Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass
- Security: Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option
1 week 1 day ago
1 week 1 day ago
1 week 1 day ago
1 week 1 day ago
1 week 1 day ago
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- Packet sockets;
- TLS protocol;
(CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)
1 week 1 day ago
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- SMB network file system;
- Netfilter;
- io_uring subsystem;
- Packet sockets;
- TLS protocol;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078)
1 week 2 days ago
Joshua Rogers discovered that Vim incorrectly handled certain URL schemes
in the netrw plugin. An attacker could possibly use this issue to execute
arbitrary commands. (CVE-2026-42307)
It was discovered that Vim incorrectly handled command-line completion for
the :find command. An attacker could possibly use this issue to execute
arbitrary commands. (CVE-2026-44656)
Daniel Cervera discovered that Vim incorrectly handled loading spell files.
An attacker could possibly use this issue to cause a denial of service, or
to execute arbitrary code. (CVE-2026-45130)
