Aggregator

ansible-collection-ansible-posix-2.2.1-1.fc45

1 hour 23 minutes ago
FEDORA-2026-4a0c61a43f Packages in this update:
  • ansible-collection-ansible-posix-2.2.1-1.fc45
Update description:

Automatic update for ansible-collection-ansible-posix-2.2.1-1.fc45.

Changelog * Wed Jul 8 2026 Maxwell G <maxwell@gtmx.me> - 2.2.1-1 - Update to 2.2.1. Fixes rhbz#2479556. - Mitigates CVE-2026-11837 (rhbz#2487430, rhbz#2487431, rhbz#2487432)

c-ares-1.34.7-1.fc43

10 hours 36 minutes ago
FEDORA-2026-727e84b289 Packages in this update:
  • c-ares-1.34.7-1.fc43
Update description:
  • update to 1.34.7
  • fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

c-ares-1.34.7-1.fc44

10 hours 36 minutes ago
FEDORA-2026-950a662010 Packages in this update:
  • c-ares-1.34.7-1.fc44
Update description:
  • update to 1.34.7
  • fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

openssh-10.2p1-12.fc44

11 hours 52 minutes ago
FEDORA-2026-a80275b42d Packages in this update:
  • openssh-10.2p1-12.fc44
Update description:

Improve GSS KEX algorithms documentation

  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

openssh-10.2p1-11.fc44

13 hours 15 minutes ago
FEDORA-2026-a2c682a975 Packages in this update:
  • openssh-10.2p1-11.fc44
Update description:
  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

openssh-10.0p1-10.fc43

13 hours 15 minutes ago
FEDORA-2026-95b955a09b Packages in this update:
  • openssh-10.0p1-10.fc43
Update description:
  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

perl-Imager-1.033-1.fc43

13 hours 53 minutes ago
FEDORA-2026-38f958d25a Packages in this update:
  • perl-Imager-1.033-1.fc43
Update description:

1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex filters - TIFF: fix a leak from processing the TIFF warnings buffer (introduced in Imager 1.021)

perl-Imager-1.033-1.fc44

13 hours 53 minutes ago
FEDORA-2026-5f5efe281d Packages in this update:
  • perl-Imager-1.033-1.fc44
Update description:

1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex filters - TIFF: fix a leak from processing the TIFF warnings buffer (introduced in Imager 1.021)

USN-8515-1: Addressable vulnerability

15 hours 5 minutes ago
It was discovered that Addressable incorrectly handled certain URI templates, generating regular expressions vulnerable to catastrophic backtracking. An attacker could use this issue to craft a URI that, when matched against a vulnerable template, causes excessive resource consumption, leading to a denial of service.

xrdp-0.10.6.1-1.fc43

15 hours 35 minutes ago
FEDORA-2026-bd0a75766f Packages in this update:
  • xrdp-0.10.6.1-1.fc43
Update description: Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements

This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release.

If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome.

Security fixes
  • CVE-2026-41252
  • CVE-2026-41521
  • CVE-2026-44178
  • CVE-2026-42218
  • CVE-2026-44978
  • CVE-2026-54538
  • CVE-2026-55238
  • CVE-2026-55626
  • CVE-2026-55639
  • CVE-2026-55645
New features
  • None
Bug fixes
  • regression: Fix SEGV in xrdp when running over TLS (#3793)