Aggregator

gimp-3.0.8-4.fc43

Fedora Security Advisories
7 hours 38 minutes ago
FEDORA-2026-ebabb127fb Packages in this update:
  • gimp-3.0.8-4.fc43
Update description:

This is an upstream bugfix and security update. Please refer to the upstream release notes for details about the changes in this version.

gimp-3.0.8-4.fc42

Fedora Security Advisories
7 hours 38 minutes ago
FEDORA-2026-bda4a20a3c Packages in this update:
  • gimp-3.0.8-4.fc42
Update description:

This is an upstream bugfix and security update. Please refer to the upstream release notes for details about the changes in this version.

openttd-15.1-1.fc42

Fedora Security Advisories
1 day ago
FEDORA-2026-216041a3e7 Packages in this update:
  • openttd-15.1-1.fc42
Update description: 15.x 15.1 (2026-01-24)
  • Fix #15088: When building a new train, the refit button state may be incorrect (#15162)
  • Fix #15160: Incorrect company names displayed in load game window (#15161)
  • Fix #15153: Wrong tile used to get bridge reservation overlay (#15154)
  • Fix #15116: Old cargo/industry sets without cargo translation table broken (#15150)
  • Fix: Possible crash converting company liveries in older savegames/scenarios (#15148)
  • Fix: Allow infinite water to be (de)selected when loading heightmap (#15146)
  • Fix: Tile suitability test for farm field no longer handled snow tiles (#15134)
  • Fix #15131: Trees no longer spread on partially snowy tiles (#15133)
  • Fix: Change tooltips to match change from checkboxes to switches (#15123)
  • Fix: [Script] Potential out of bounds array/string slice indexes (#15106)
  • Fix: [Script] Potential out of bounds indexed string access (#15106)
  • Fix: [Script] Check if array sort function modified array (#15106)
  • Fix #15069: World generation map edges GUI starts in an invalid state (#15082)
  • Fix #15079: Incorrect dates shown on town cargo history graph (#15080)
  • Fix #15067: Mark NewGRF settings as modified after moving by drag & drop (#15068)
  • Fix: Incorrect error message for aqueducts reaching northern map borders (#14974)
  • Fix: Standardize wording of GRF/NewGRF (#15059)
  • Fix #15046: Crash on loading game due to invalid group parents (#15049)
  • Fix: Disable_elrails handling with engines that use both RAIL and ELRL (#15045)
  • Fix: [Fluidsynth] Read settings from system and user config files if available (#15044)
  • Fix #15039: Name and version can disappear from content list (#15040)
  • Fix #15026: Remove incorrect info from base sounds tooltip (#15029)
  • Fix: [Script] Improve reporting of invalid GetAPIVersion return (#15015)
  • Fix: [Script] Undefined behaviour after calling SwapList during iteration (#14805)

openttd-15.1-1.fc43

Fedora Security Advisories
1 day ago
FEDORA-2026-dd8314c4f3 Packages in this update:
  • openttd-15.1-1.fc43
Update description: 15.x 15.1 (2026-01-24)
  • Fix #15088: When building a new train, the refit button state may be incorrect (#15162)
  • Fix #15160: Incorrect company names displayed in load game window (#15161)
  • Fix #15153: Wrong tile used to get bridge reservation overlay (#15154)
  • Fix #15116: Old cargo/industry sets without cargo translation table broken (#15150)
  • Fix: Possible crash converting company liveries in older savegames/scenarios (#15148)
  • Fix: Allow infinite water to be (de)selected when loading heightmap (#15146)
  • Fix: Tile suitability test for farm field no longer handled snow tiles (#15134)
  • Fix #15131: Trees no longer spread on partially snowy tiles (#15133)
  • Fix: Change tooltips to match change from checkboxes to switches (#15123)
  • Fix: [Script] Potential out of bounds array/string slice indexes (#15106)
  • Fix: [Script] Potential out of bounds indexed string access (#15106)
  • Fix: [Script] Check if array sort function modified array (#15106)
  • Fix #15069: World generation map edges GUI starts in an invalid state (#15082)
  • Fix #15079: Incorrect dates shown on town cargo history graph (#15080)
  • Fix #15067: Mark NewGRF settings as modified after moving by drag & drop (#15068)
  • Fix: Incorrect error message for aqueducts reaching northern map borders (#14974)
  • Fix: Standardize wording of GRF/NewGRF (#15059)
  • Fix #15046: Crash on loading game due to invalid group parents (#15049)
  • Fix: Disable_elrails handling with engines that use both RAIL and ELRL (#15045)
  • Fix: [Fluidsynth] Read settings from system and user config files if available (#15044)
  • Fix #15039: Name and version can disappear from content list (#15040)
  • Fix #15026: Remove incorrect info from base sounds tooltip (#15029)
  • Fix: [Script] Improve reporting of invalid GetAPIVersion return (#15015)
  • Fix: [Script] Undefined behaviour after calling SwapList during iteration (#14805)

cef-144.0.11^chromium144.0.7559.96-1.fc43

Fedora Security Advisories
1 day 17 hours ago
FEDORA-2026-c5295ae3b9 Packages in this update:
  • cef-144.0.11^chromium144.0.7559.96-1.fc43
Update description:

Update to cef-144.0.11+ge135be2 + chromium 144.0.7559.96 (rhbz#2432335)

  • CVE-2026-1220: Race in V8
  • CVE-2026-0899: Out of bounds memory access in V8
  • CVE-2026-0900: Inappropriate implementation in V8
  • CVE-2026-0901: Inappropriate implementation in Blink
  • CVE-2026-0902: Inappropriate implementation in V8
  • CVE-2026-0903: Insufficient validation of untrusted input in Downloads
  • CVE-2026-0904: Incorrect security UI in Digital Credentials
  • CVE-2026-0905: Insufficient policy enforcement in Network
  • CVE-2026-0906: Incorrect security UI
  • CVE-2026-0907: Incorrect security UI in Split View
  • CVE-2026-0908: Use after free in ANGLE

cef-144.0.11^chromium144.0.7559.96-1.fc42

Fedora Security Advisories
1 day 17 hours ago
FEDORA-2026-68ca733984 Packages in this update:
  • cef-144.0.11^chromium144.0.7559.96-1.fc42
Update description:

Update to cef-144.0.11+ge135be2 + chromium 144.0.7559.96 (rhbz#2432335)

  • CVE-2026-1220: Race in V8
  • CVE-2026-0899: Out of bounds memory access in V8
  • CVE-2026-0900: Inappropriate implementation in V8
  • CVE-2026-0901: Inappropriate implementation in Blink
  • CVE-2026-0902: Inappropriate implementation in V8
  • CVE-2026-0903: Insufficient validation of untrusted input in Downloads
  • CVE-2026-0904: Incorrect security UI in Digital Credentials
  • CVE-2026-0905: Insufficient policy enforcement in Network
  • CVE-2026-0906: Incorrect security UI
  • CVE-2026-0907: Incorrect security UI in Split View
  • CVE-2026-0908: Use after free in ANGLE

glibc-2.42-9.fc43

Fedora Security Advisories
1 day 21 hours ago
FEDORA-2026-205d532069 Packages in this update:
  • glibc-2.42-9.fc43
Update description:

This update switches the currency symbol for Bulgaria to the Euro.

Furthermore, it addresses several security vulnerabilities:

  • A crash when wordexp is used with WRDE_REUSE (CVE-2025-15281)
  • Information leakage from the stack if getnetbyaddr is called for the zero address (CVE-2026-0915)
  • An integer overflow in memalign and related functions if they are called with out-of-bounds size/alignment combinations (CVE-2026-0861)
  • LD_PROFILE is now ignored with a warning if LD_PROFILE_OUTPUT is not specified, rather than using the insecure /var/tmp default.

tar-1.35-8.fc44

Fedora Security Advisories
2 days 11 hours ago
FEDORA-2026-0895af5ebe Packages in this update:
  • tar-1.35-8.fc44
Update description:

Automatic update for tar-1.35-8.fc44.

Changelog * Wed Jan 21 2026 Pavel Cahyna <pcahyna@redhat.com> - 2:1.35-8 - Backport upstream fix for savannah bug 65838, commit 1e6ce98e (fedora#2427654) - added "padding with zeros" info message (#2089298) - do not report disk error as file shrank (#2089316) - upstream fix for savannah bug 64581, commit 51142180 (crash with TAR_OPTIONS) (fedora#2389217) - Backport fix for regression in the --no-overwrite-dir option Upstream commit 4e742fc8674064a9fa00d4483d06aca48d5b0463, discussed in https://www.mail-archive.com/bug-tar@gnu.org/msg06445.html - Backport upstream changes to jailify extraction directory Includes related gnulib changes to add openat2 Fixes CVE-2025-45582 (fedora#2380007)