Aggregator

kernel-7.0.4-200.fc44

Fedora Security Advisories
7 hours 12 minutes ago
FEDORA-2026-8cffa03dad Packages in this update:
  • kernel-7.0.4-200.fc44
Update description:

The 7.0.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. It also contains a fix for the dirtyfrag vulnerability. This covers CVE-2026-43284 and CVE-2026-43500. For users who experience a problem with the 7.0.4 rebase, a build of 6.19.14 with just the dirtyfrag fixes should be available in koji shortly.

kernel-7.0.4-100.fc43

Fedora Security Advisories
8 hours 14 minutes ago
FEDORA-2026-abc00fb4e8 Packages in this update:
  • kernel-7.0.4-100.fc43
Update description:

The 7.0.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. It also contains a fix for the dirtyfrag vulnerability. This covers CVE-2026-43284 and CVE-2026-43500. For users who experience a problem with the 7.0.4 rebase, a build of 6.19.14 with just the dirtyfrag fixes should be available in koji shortly.

pypy-7.3.22-2.fc45

Fedora Security Advisories
8 hours 15 minutes ago
FEDORA-2026-b58cd376d6 Packages in this update:
  • pypy-7.3.22-2.fc45
Update description:

Automatic update for pypy-7.3.22-2.fc45.

Changelog * Tue May 5 2026 Charalampos Stratakis <cstratak@redhat.com> - 7.3.22-2 - Security fix for CVE-2026-3219 in the bundled pip wheel - Fixes: rhbz#2461288 * Tue May 5 2026 Charalampos Stratakis <cstratak@redhat.com> - 7.3.22-1 - Update to 7.3.22 - Fixes: rhbz#2463475

kernel-6.19.14-101.fc42

Fedora Security Advisories
8 hours 18 minutes ago
FEDORA-2026-87dc12705e Packages in this update:
  • kernel-6.19.14-101.fc42
Update description:

The 6.19.14-101 stable update contains a fix for the dirtyfrag vulnerability. This covers CVE-2026-43284 and CVE-2026-43500

USN-8248-2: NASM regression

Ubuntu Security Advisories
10 hours 14 minutes ago
USN-8248-1 fixed vulnerabilities in NASM. Unfortunately the update introduced a regression which could cause NASM to crash. This update fixes the problem by reverting the fix for CVE-2021-33450 and CVE-2021-33452 in Ubuntu 24.04 LTS. We apologize for the inconvenience. Original advisory details: Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this issue to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31722) It was discovered that NASM incorrectly handled memory allocation. An attacker could possibly use this issue to cause NASM to use excessive resources, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2021-33452, CVE-2021-33450)

python-pulp-glue-0.37.0-5.fc43 python-requests-2.33.1-1.fc43

Fedora Security Advisories
10 hours 49 minutes ago
FEDORA-2026-8ad863685a Packages in this update:
  • python-pulp-glue-0.37.0-5.fc43
  • python-requests-2.33.1-1.fc43
Update description: 2.33.1 (2026-03-30)

Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed Content-Type header parsing for malformed values. - Improved error consistency for malformed header values.

2.33.0 (2026-03-25)

Announcements - 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security - CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements - Migrated to a PEP 517 build system using setuptools.

Bugfixes - Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+.

Deprecations - Dropped support for Python 3.9 following its end of support.

Documentation - Various typo fixes and doc improvements.

python-pulp-glue-0.37.0-5.fc44 python-requests-2.33.1-1.fc44

Fedora Security Advisories
10 hours 49 minutes ago
FEDORA-2026-44919b3d9f Packages in this update:
  • python-pulp-glue-0.37.0-5.fc44
  • python-requests-2.33.1-1.fc44
Update description: 2.33.1 (2026-03-30)

Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed Content-Type header parsing for malformed values. - Improved error consistency for malformed header values.

2.33.0 (2026-03-25)

Announcements - 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security - CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements - Migrated to a PEP 517 build system using setuptools.

Bugfixes - Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+.

Deprecations - Dropped support for Python 3.9 following its end of support.

Documentation - Various typo fixes and doc improvements.