Aggregator
USN-8389-1: Linux kernel vulnerabilities
USN-8388-1: Linux kernel vulnerabilities
apptainer-1.5.1-1.el8
- apptainer-1.5.1-1.el8
Update to upstream 1.5.1. Fixes CVE-2026-48785
apptainer-1.5.1-1.fc44
- apptainer-1.5.1-1.fc44
Update to upstream 1.5.1. Fixes CVE-2026-48785
apptainer-1.5.1-1.el9
- apptainer-1.5.1-1.el9
Update to upstream 1.5.1. Fixes CVE-2026-48785
apptainer-1.5.1-1.el10_2
- apptainer-1.5.1-1.el10_2
Update to upstream 1.5.1. Fixes CVE-2026-48785
apptainer-1.5.1-1.el10_3
- apptainer-1.5.1-1.el10_3
Update to upstream 1.5.1. Fixes CVE-2026-48785
apptainer-1.5.1-1.fc43
- apptainer-1.5.1-1.fc43
Update to upstream 1.5.1. Fixes CVE-2026-48785
USN-8386-1: Nano vulnerabilities
systemd-261~rc3-1.fc45
- systemd-261~rc3-1.fc45
Automatic update for systemd-261~rc3-1.fc45.
Changelog * Thu Jun 4 2026 Zbigniew Jędrzejewski-Szmek <zbyszek@amutable.com> - 261~rc3-1 - Version 261~rc3 - Various smaller and larger fixes - A hint is emitted if init is called with the legacy telinit args (rhbz#2479961) - Various messages for missing dlopened libraries have been downgraded (rhbz#2463540)next-20260604: linux-next
USN-8385-1: Robocode vulnerabilities
python-python-multipart-0.0.31-1.el10_2
- python-python-multipart-0.0.31-1.el10_2
- Speed up multipart header parsing and callback dispatch.
- Bound header field name size before validating.
- Validate Content-Length is non-negative in parse_form.
Fixes security issues GHSA-v9pg-7xvm-68hf, GHSA-5rvq-cxj2-64vf, GHSA-6jv3-5f52-599m, and GHSA-vffw-93wf-4j4q.
0.0.30 (2026-05-31)- Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator.
- Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2.
python-python-multipart-0.0.31-1.el10_3
- python-python-multipart-0.0.31-1.el10_3
- Speed up multipart header parsing and callback dispatch.
- Bound header field name size before validating.
-
Validate Content-Length is non-negative in parse_form.
- GHSA-5rvq-cxj2-64vf
- GHSA-6jv3-5f52-599m
- GHSA-vffw-93wf-4j4q
- Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator.
- Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2.
python-python-multipart-0.0.31-1.fc43
- python-python-multipart-0.0.31-1.fc43
- Speed up multipart header parsing and callback dispatch.
- Bound header field name size before validating.
- Validate Content-Length is non-negative in parse_form.
Fixes security issues GHSA-v9pg-7xvm-68hf, GHSA-5rvq-cxj2-64vf, GHSA-6jv3-5f52-599m, and GHSA-vffw-93wf-4j4q.
0.0.30 (2026-05-31)- Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator.
- Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2.
python-python-multipart-0.0.31-1.fc44
- python-python-multipart-0.0.31-1.fc44
- Speed up multipart header parsing and callback dispatch.
- Bound header field name size before validating.
- Validate Content-Length is non-negative in parse_form.
Fixes security issues GHSA-v9pg-7xvm-68hf, GHSA-5rvq-cxj2-64vf, GHSA-6jv3-5f52-599m, and GHSA-vffw-93wf-4j4q.
0.0.30 (2026-05-31)- Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator.
- Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2.
webkitgtk-2.52.4-1.fc44
- webkitgtk-2.52.4-1.fc44
- Add support for half-width fonts.
- Improve content filter compilation by avoiding file copies.
- Improve handling of out of disk space conditions when the NetworkProcess tried to write data in caches.
- Fix painting scrollbars when their width changes.
- Fix playback of certain YouTube videos with low frame rates.
- Fix webkit://gpu not working in systems where neither libGL.so.1 nor libOpenGL.so.0 are available.
- Fix several crashes and rendering issues.
- Security fixes: CVE-2026-28847, CVE-2026-28883, CVE-2026-28901, CVE-2026-28902, CVE-2026-28903, CVE-2026-28904, CVE-2026-28905, CVE-2026-28907, CVE-2026-28942, CVE-2026-28946, CVE-2026-28947, CVE-2026-28953, CVE-2026-28955, CVE-2026-28958, CVE-2026-43658, CVE-2026-43660
webkitgtk-2.52.4-1.fc43
- webkitgtk-2.52.4-1.fc43
- Add support for half-width fonts.
- Improve content filter compilation by avoiding file copies.
- Improve handling of out of disk space conditions when the NetworkProcess tried to write data in caches.
- Fix painting scrollbars when their width changes.
- Fix playback of certain YouTube videos with low frame rates.
- Fix webkit://gpu not working in systems where neither libGL.so.1 nor libOpenGL.so.0 are available.
- Fix several crashes and rendering issues.
- Security fixes: CVE-2026-28847, CVE-2026-28883, CVE-2026-28901, CVE-2026-28902, CVE-2026-28903, CVE-2026-28904, CVE-2026-28905, CVE-2026-28907, CVE-2026-28942, CVE-2026-28946, CVE-2026-28947, CVE-2026-28953, CVE-2026-28955, CVE-2026-28958, CVE-2026-43658, CVE-2026-43660