Aggregator

It was discovered that the libpng simplified API incorrectly processed palette PNG images with partial transparency and gamma correction. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2025-66293) Petr Simecek, Stanislav Fort and Pavel Kohout discovered that the libpng simplified API incorrectly processed interlaced 16-bit PNGs with 8-bit output format and non-minimal row strides. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2026-22695) Cosmin Truta discovered that the libpng simplified API incorrectly handled invalid row strides. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service. (CVE-2026-22801)

FEDORA-2026-f6fadfed32 Packages in this update:

• vsftpd-3.0.5-14.fc42

Update description:

Resolve CVE-2025-14242

FEDORA-2026-67442bdd84 Packages in this update:

• vsftpd-3.0.5-14.fc43

Update description:

Resolve CVE-2025-14242

It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this issue to bypass SSL key usage restrictions.

FEDORA-2026-bac983cf83 Packages in this update:

• harfbuzz-10.4.0-2.fc42

Update description:

Backport security fix for CVE-2026-22693 (fix RHBZ#2429278)

FEDORA-2026-b38fe572ef Packages in this update:

• harfbuzz-11.5.1-2.fc43

Update description:

Backport security fix for CVE-2026-22693 (fix RHBZ#2429288)

FEDORA-2026-9af71a53ce Packages in this update:

• hcloud-1.59.0-1.fc42

Update description:

Update to 1.59.0

FEDORA-EPEL-2026-cf3b9d64bd Packages in this update:

• rclone-1.72.1-1.el9

Update description:

Update to 1.72.1

FEDORA-2026-a193f1698f Packages in this update:

• freerdp-3.20.2-1.fc42

Update description:

Update to 3.20.2

FEDORA-2026-79f923d917 Packages in this update:

• freerdp-3.20.2-1.fc43

Update description:

Update to 3.20.2

FEDORA-2026-7069f6c1c8 Packages in this update:

• assimp-5.3.1-6.fc42

Update description:

Backport fix for CVE-2025-11277.

FEDORA-2026-b4a6ca0bd0 Packages in this update:

• rclone-1.72.1-1.fc42

Update description:

Update to 1.72.1

FEDORA-2026-3de3ece93a Packages in this update:

• rclone-1.72.1-1.fc43

Update description:

Update to 1.72.1

FEDORA-EPEL-2026-6523bfceaf Packages in this update:

• rclone-1.72.1-1.el10_2

Update description:

Update to 1.72.1

FEDORA-EPEL-2026-082c111817 Packages in this update:

• rclone-1.72.1-1.el10_1

Update description:

Update to 1.72.1

FEDORA-EPEL-2026-e04f9da1af Packages in this update:

• rust-rkyv0.7-0.7.46-1.el9
• rust-rkyv_derive0.7-0.7.46-1.el9

Update description:

https://rustsec.org/advisories/RUSTSEC-2026-0001

FEDORA-EPEL-2026-b967c7e19e Packages in this update:

• rust-rkyv0.7-0.7.46-1.el10_1
• rust-rkyv_derive0.7-0.7.46-1.el10_1

Update description:

https://rustsec.org/advisories/RUSTSEC-2026-0001

FEDORA-EPEL-2026-80d7c1ec10 Packages in this update:

• rust-rkyv0.7-0.7.46-1.el10_2
• rust-rkyv_derive0.7-0.7.46-1.el10_2

Update description:

https://rustsec.org/advisories/RUSTSEC-2026-0001

FEDORA-2026-801214adba Packages in this update:

• rust-rkyv0.7-0.7.46-1.fc42
• rust-rkyv_derive0.7-0.7.46-1.fc42

Update description:

https://rustsec.org/advisories/RUSTSEC-2026-0001

FEDORA-2026-35d1dee2ab Packages in this update:

• rust-rkyv0.7-0.7.46-1.fc43
• rust-rkyv_derive0.7-0.7.46-1.fc43

Update description:

https://rustsec.org/advisories/RUSTSEC-2026-0001