Aggregator

• valkey-8.0.9-1.el8

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow
• (CVE-2026-25243) Invalid Memory Access in RESTORE command
• (CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

• valkey-8.0.9-1.fc42

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow
• (CVE-2026-25243) Invalid Memory Access in RESTORE command
• (CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

• valkey-8.1.7-1.fc43

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow
• (CVE-2026-25243) Invalid Memory Access in RESTORE command
• (CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

• valkey-9.0.4-1.fc44

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow
• (CVE-2026-25243) Invalid Memory Access in RESTORE command
• (CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

• apptainer-1.5.0-1.fc44

Update to upstream 1.5.0, fix CVE-2026-32285 and CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.el9

Update to upstream 1.5.0, fix CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.fc42

Update to upstream 1.5.0, fix CVE-2026-32285 and CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.fc43

Update to upstream 1.5.0, fix CVE-2026-32285 and CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.el10_3

Update to upstream 1.5.0, fix CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.el10_2

Update to upstream 1.5.0, fix CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.el10_1

Update to upstream 1.5.0, fix CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• apptainer-1.5.0-1.el8

Update to upstream 1.5.0, fix CVE-2026-34986

Update to upstream 1.5.0-rc.2

Update to upstream 1.5.0-rc.1

• pypy-7.3.22-2.fc43

Security fix for CVE-2026-3219 in the bundled pip wheel

• pypy-7.3.22-2.fc44

Security fix for CVE-2026-3219 in the bundled pip wheel

• libgit2_1.8-1.8.5-1.fc43

Update to version 1.8.5.

Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.8.5

• libgit2_1.8-1.8.5-1.fc44

Update to version 1.8.5.

Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.8.5

• libgit2_1.8-1.8.5-1.fc42

Update to version 1.8.5.

Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.8.5

• yelp-49.1-1.fc44

Yelp 49.1, fixing: Flatpak applications are able to exfiltrate host files due to yelp's CSP being too permissive

• yelp-49.1-1.fc43

Yelp 49.1, fixing: Flatpak applications are able to exfiltrate host files due to yelp's CSP being too permissive

• kernel-7.0.4-200.fc44

The 7.0.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. It also contains a fix for the dirtyfrag vulnerability. This covers CVE-2026-43284 and CVE-2026-43500. For users who experience a problem with the 7.0.4 rebase, a build of 6.19.14 with just the dirtyfrag fixes should be available in koji shortly.