Aggregator

fido-device-onboard-0.5.5-8.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-9e223ca14f Packages in this update:
  • fido-device-onboard-0.5.5-8.fc44
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc44.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31

fido-device-onboard-0.5.5-8.fc43

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-e6237c2efe Packages in this update:
  • fido-device-onboard-0.5.5-8.fc43
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc43.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31 * Mon Feb 02 2026 Maxwell G <maxwell@gtmx.me> - 0.5.5-6 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Maxwell G <maxwell@gtmx.me> - 0.5.5-4 - Rebuild for golang 1.25.2

libpng12-1.2.57-25.fc45

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-e1669a5881 Packages in this update:
  • libpng12-1.2.57-25.fc45
Update description:

Automatic update for libpng12-1.2.57-25.fc45.

Changelog * Wed Apr 1 2026 Michal Hlavinka <mhlavink@redhat.com> - 1.2.57-25 - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (rhbz#2438670)

libpng15-1.5.30-25.fc45

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-dfa60d30bc Packages in this update:
  • libpng15-1.5.30-25.fc45
Update description:

Automatic update for libpng15-1.5.30-25.fc45.

Changelog * Wed Apr 1 2026 Michal Hlavinka <mhlavink@redhat.com> - 1.5.30-25 - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (rhbz#2438683)

libcgif-0.5.3-1.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-7fd284c688 Packages in this update:
  • libcgif-0.5.3-1.fc44
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcgif-0.5.3-1.fc43

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-1a9f019f60 Packages in this update:
  • libcgif-0.5.3-1.fc43
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcgif-0.5.3-1.fc42

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-7716e480cb Packages in this update:
  • libcgif-0.5.3-1.fc42
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcap-2.77-3.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-8de97987a6 Packages in this update:
  • libcap-2.77-3.fc44
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow

USN-8089-2: Go Networking vulnerabilities

Ubuntu Security Advisories
2 weeks ago
USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in golang-golang-x-net-dev. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go Networking could hang during shutdown if preempted by a fatal error. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27664) Arpad Ryszka and Jakob Ackermann discovered that a maliciously crafted stream could cause excessive CPU usage in Go Networking's HPACK decoder. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-41723) Mohammad Thoriq Aziz discovered that Go Networking did not properly sanitize some text nodes. An attacker could possibly use this to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-3978) Sean Ng discovered an error in Go Networking's HTML tag handling. An attacker could possibly use this to cause a denial of service. (CVE-2025-22872) Guido Vranken and Jakub Ciolek discovered that a maliciously crafted HTML document could exhaust system resources on servers using Go Networking. An attacker could possibly use this to cause a denial of service. (CVE-2025-47911) Guido Vranken discovered that a maliciously crafted HTML document could put servers using Go Networking into an infinite loop. An attacker could possibly use this to cause a denial of service. (CVE-2025-58190)