Aggregator

hplip-3.26.4-7.fc44

5 minutes 18 seconds ago
FEDORA-2026-d9b508b972 Packages in this update:
  • hplip-3.26.4-7.fc44
Update description:

fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773,

fedora#2496772)

hplip-3.26.4-7.fc45

20 minutes 9 seconds ago
FEDORA-2026-c5b6bb47c5 Packages in this update:
  • hplip-3.26.4-7.fc45
Update description:

Automatic update for hplip-3.26.4-7.fc45.

Changelog * Fri Jul 3 2026 Zdenek Dohnal <zdohnal@redhat.com> - 3.26.4-7 - fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773, fedora#2496772)

chromium-150.0.7871.46-1.el10_3

2 hours 33 minutes ago
FEDORA-EPEL-2026-81e775879e Packages in this update:
  • chromium-150.0.7871.46-1.el10_3
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.fc44

2 hours 33 minutes ago
FEDORA-2026-94bb57e96c Packages in this update:
  • chromium-150.0.7871.46-1.fc44
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.el9

2 hours 33 minutes ago
FEDORA-EPEL-2026-9c94d41849 Packages in this update:
  • chromium-150.0.7871.46-1.el9
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.fc43

2 hours 33 minutes ago
FEDORA-2026-88eee44bfb Packages in this update:
  • chromium-150.0.7871.46-1.fc43
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.el10_2

2 hours 33 minutes ago
FEDORA-EPEL-2026-1b59d56428 Packages in this update:
  • chromium-150.0.7871.46-1.el10_2
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

opkssh-0.15.0-2.el10_2

11 hours 50 minutes ago
FEDORA-EPEL-2026-2dad2b9f74 Packages in this update:
  • opkssh-0.15.0-2.el10_2
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.el10_3

11 hours 53 minutes ago
FEDORA-EPEL-2026-229e7ad5a2 Packages in this update:
  • opkssh-0.15.0-2.el10_3
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.fc44

11 hours 53 minutes ago
FEDORA-2026-a7570524a7 Packages in this update:
  • opkssh-0.15.0-2.fc44
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.fc43

12 hours ago
FEDORA-2026-387cf555e7 Packages in this update:
  • opkssh-0.15.0-2.fc43
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

perl-HTML-Gumbo-0.19-1.fc44

12 hours 2 minutes ago
FEDORA-2026-75010c7f44 Packages in this update:
  • perl-HTML-Gumbo-0.19-1.fc44
Update description:

This package provides the Perl module HTML::Gumbo. Versions before 0.19 disclose heap memory via type confusion.

Support for the <template> element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen() over-reads the heap block that the pointer addresses.</template>

perl-HTML-Gumbo-0.19-1.fc43

12 hours 2 minutes ago
FEDORA-2026-a457bf78b4 Packages in this update:
  • perl-HTML-Gumbo-0.19-1.fc43
Update description:

This package provides the Perl module HTML::Gumbo. Versions before 0.19 disclose heap memory via type confusion.

Support for the <template> element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen() over-reads the heap block that the pointer addresses.</template>