Aggregator

Version:7.0-rc2 (mainline) Released:2026-03-01 Source:linux-7.0-rc2.tar.gz Patch:full (incremental)

FEDORA-2026-151bfcc2af Packages in this update:

• matrix-synapse-1.147.1-1.fc43
• rust-pythonize-0.27.0-1.fc43

Update description:

Update matrix-synapse to v1.147.1

FEDORA-EPEL-2026-19279ff82c Packages in this update:

• perl-Net-CIDR-0.27-1.el9

Update description:

This update fixes handling of leading zeroes.

The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses.

FEDORA-EPEL-2026-c2d409a4ce Packages in this update:

• perl-Net-CIDR-0.27-1.el10_1

Update description:

This update fixes handling of leading zeroes.

The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses.

FEDORA-EPEL-2026-39c5d63f42 Packages in this update:

• perl-Net-CIDR-0.27-1.el8

Update description:

This update fixes handling of leading zeroes.

The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses.

FEDORA-EPEL-2026-32a3851c80 Packages in this update:

• perl-Net-CIDR-0.27-1.el10_3

Update description:

This update fixes handling of leading zeroes.

The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses.

FEDORA-EPEL-2026-36a72373e7 Packages in this update:

• perl-Net-CIDR-0.27-1.el10_2

Update description:

This update fixes handling of leading zeroes.

The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses.

FEDORA-2026-0aee6ab474 Packages in this update:

• mingw-zlib-1.3.2-1.fc43

Update description:

Update to 1.3.2.

FEDORA-2026-ca44fe35a9 Packages in this update:

• mingw-zlib-1.3.2-1.fc42

Update description:

Update to 1.3.2.

FEDORA-2026-baf8782c7a Packages in this update:

• perl-Net-CIDR-0.27-1.fc42

Update description:

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users.

Current versions of the module strip leading zeros from octets.

FEDORA-2026-a74aa25180 Packages in this update:

• k9s-0.50.18-1.fc42

Update description:

Update to 0.50.18

FEDORA-EPEL-2026-d6de408e6a Packages in this update:

• chromium-145.0.7632.116-1.el10_3

Update description:

Update to 145.0.7632.116

• CVE-2026-3061: Out of bounds read in Media
• CVE-2026-3062: Out of bounds read and write in Tint
• CVE-2026-3063: Inappropriate implementation in DevTools

Version:6.19.5 (stable) Released:2026-02-27 Source:linux-6.19.5.tar.xz PGP Signature:linux-6.19.5.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.19.5

Version:6.18.15 (longterm) Released:2026-02-27 Source:linux-6.18.15.tar.xz PGP Signature:linux-6.18.15.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.15

Version:next-20260227 (linux-next) Released:2026-02-27

USN-5376-4 fixed a regression in Git. The update introduced a regression when specifying configuration includes due to additional restrictions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands.

FEDORA-2026-de52e7caa1 Packages in this update:

• gh-2.87.3-1.fc42

Update description:

Update to 2.87.3

FEDORA-2026-cf96901e5c Packages in this update:

• chromium-145.0.7632.116-1.fc42

Update description:

Update to 145.0.7632.116

* CVE-2026-3061: Out of bounds read in Media * CVE-2026-3062: Out of bounds read and write in Tint * CVE-2026-3063: Inappropriate implementation in DevTools