Aggregator

FEDORA-2026-1a199d8524 Packages in this update:

• opensips-3.5.9-2.fc42

Update description:

Fix CVE-2026-25554

FEDORA-2026-c6d7c9de1d Packages in this update:

• udisks2-2.11.1-1.fc43

Update description:

Rebase to latest upstream release

FEDORA-2026-b8847e1e2c Packages in this update:

• udisks2-2.11.1-1.fc44

Update description:

Rebase to latest upstream release

Version:next-20260225 (linux-next) Released:2026-02-25

Eliot Horowitz discovered that MongoDB may fail to validate some instances of malformed BSON. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-1609) It was discovered that MongoDB read raw permissions from .dbshell history files. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6494) Travis Brown discovered that MongoDB may be unable to parse specially crafted UTF-8 strings in BSON requests. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-20802)

FEDORA-2026-766e3a6ec8 Packages in this update:

• firefox-148.0-1.fc43

Update description:

• New upstream release (148.0)

USN-5376-1 fixed a vulnerability in Git. It was discovered that the safety checks introduced in the update were not able to be set using the command line, contrary to expectations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands.

It was discovered that Protocol Buffers incorrectly handled recursion when the Python google.protobuf.json_format.ParseDict() function is being used. An attacker could possibly use this issue to cause Protocol Buffers to consume resources, resulting in a denial of service.

FEDORA-2026-be60dd75d9 Packages in this update:

• freerdp-3.23.0-1.fc43

Update description:

Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271, CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953, CVE-2026-25952, CVE-2026-25942, CVE-2026-25941

FEDORA-2026-a160e550ec Packages in this update:

• freerdp-3.23.0-1.fc44

Update description:

Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271, CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953, CVE-2026-25952, CVE-2026-25942, CVE-2026-25941

FEDORA-2026-53fe996a57 Packages in this update:

• freerdp-3.23.0-1.fc42

Update description:

Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271, CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953, CVE-2026-25952, CVE-2026-25942, CVE-2026-25941

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - MMC subsystem; (CVE-2022-49267, CVE-2025-21780)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; (CVE-2025-22037, CVE-2025-37899)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; (CVE-2025-22037, CVE-2025-37899)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; (CVE-2025-22037, CVE-2025-37899)

FEDORA-2026-57cd5704e9 Packages in this update:

• libsixel-1.10.5-5.fc42

Update description:

Apply fix for CVE-2025-61146

FEDORA-2026-b227fad171 Packages in this update:

• libsixel-1.10.5-5.fc43

Update description:

Apply fix for CVE-2025-61146

FEDORA-2026-a800d3417b Packages in this update:

• libsixel-1.10.5-6.fc44

Update description:

Apply fix for CVE-2025-61146

FEDORA-2026-814a1deec8 Packages in this update:

• libmaxminddb-1.13.1-1.fc43

Update description: libmaxminddb 1.13.1

• Re-release for Ubuntu PPA, no code changes.

libmaxminddb 1.13.0

• MMDB_get_entry_data_list() now validates that the claimed array/map size is plausible given the remaining bytes in the data section. A crafted database could previously claim millions of array elements while only having a few bytes of data, causing disproportionate memory allocation (memory amplification DoS).
• Fixed integer overflow in MMDB_read_node() and find_ipv4_start_node() pointer arithmetic. The node_number * record_length multiplication was performed in uint32_t, which could overflow for very large databases. Now cast to uint64_t before multiplying, matching the pattern already used in find_address_in_search_tree().
• Fixed printf format specifier mismatches in mmdblookup's metadata dump. %i was used for unsigned types and %llu for uint64_t, which is technically undefined behavior. Now uses the portable PRIu32, PRIu16, and PRIu64 macros from <inttypes.h>.
• Fixed an integer overflow in the search tree bounds check in find_address_in_search_tree(). The addition of node_count and data_section_size was performed in uint32_t arithmetic, which could wrap on very large databases, causing valid lookups to be incorrectly rejected as corrupt.
• Fixed a NULL pointer dereference in mmdblookup when displaying metadata for a database with an out-of-range build_epoch. The gmtime() return value is now checked before passing to strftime().
• MMDB_close() now NULLs the file_content, data_section, and metadata_section pointers and zeroes file_size, data_section_size, and metadata_section_size after unmapping. Previously, calling MMDB_close() twice on the same struct (or calling it after a failed MMDB_open() that succeeded at mapping) would double-munmap the file content, which is undefined behavior.
• Fixed a stack buffer overflow in print_indentation() when MMDB_dump_entry_data_list() was called with a negative indent value. The negative integer was cast to size_t, producing a massive value passed to memset(). Negative indent values are now clamped to 0.
• MMDB_lookup_string() now sets *mmdb_error to MMDB_SUCCESS when getaddrinfo fails (non-zero *gai_error). Previously, *mmdb_error was left uninitialized in this case, which could cause callers to read an indeterminate value.
• Added a recursion depth limit to skip_map_or_array(), matching the existing MAXIMUM_DATA_STRUCTURE_DEPTH (512) limit already used by get_entry_data_list(). A crafted MMDB file with deeply nested maps or arrays could previously cause a stack overflow via unbounded recursion in the MMDB_aget_value / MMDB_get_value code path.
• Fixed an off-by-one error in MMDB_read_node() that allowed reading one node past the end of the search tree when called with node_number == node_count. This caused the function to read from the data section separator and return an invalid record with an underflowed data offset. The check now correctly rejects node_number >= node_count.
• The handling of float and double types was rewritten to fix compiler errors and to eliminate the use of volatile.
• Improved endian preprocessor check if MMDB_LITTLE_ENDIAN is not set.