Aggregator

• mingw-SDL2_image-2.8.12-1.fc43

Update to SDL2_image 2.8.12, fixes CVE-2026-35444.

• mingw-SDL2_image-2.8.12-1.fc44

Update to SDL2_image 2.8.12, fixes CVE-2026-35444.

• ImageMagick-6.9.13.50-1.el8

Update to 6.9.13.50

This update fixes several security vulnerabilities, including multiple high-severity CVEs: Security fixes

• CVE-2026-33901 (High) — Heap buffer overflow in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.
• CVE-2026-33908 (High) — Recursive DestroyXMLTree() call with no depth limit causes stack exhaustion when processing deeply nested XML structures, resulting in a Denial of Service (DoS).
• CVE-2026-40310 (High) — Heap out-of-bounds write in the JP2 encoder triggered when a user specifies an invalid sampling index.

Additional security and bug fixes are included in the upstream releases between 6.9.13.25 and 6.9.13.49. See the upstream release history at: https://github.com/ImageMagick/ImageMagick6/releases

• ImageMagick-6.9.13.50-1.el9

Update to 6.9.13.50

This update fixes several security vulnerabilities, including multiple high-severity CVEs: Security fixes

• CVE-2026-33901 (High) — Heap buffer overflow in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.
• CVE-2026-33908 (High) — Recursive DestroyXMLTree() call with no depth limit causes stack exhaustion when processing deeply nested XML structures, resulting in a Denial of Service (DoS).
• CVE-2026-40310 (High) — Heap out-of-bounds write in the JP2 encoder triggered when a user specifies an invalid sampling index.

Additional security and bug fixes are included in the upstream releases between 6.9.13.25 and 6.9.13.49. See the upstream release history at: https://github.com/ImageMagick/ImageMagick6/releases

• erlang-cowboy-2.16.1-1.fc43
• erlang-cowlib-2.17.1-1.fc43
• erlang-gun-2.4.1-1.fc43

Gun ver. 2.4.1 and its dependencies

New erlang-gun

• erlang-cowboy-2.16.1-1.fc44
• erlang-cowlib-2.17.1-1.fc44
• erlang-gun-2.4.1-1.fc44

Gun ver. 2.4.1 and its dependencies

New erlang-gun

• python3.13-3.13.14-1.el10_2

New Python release including bugfixes and security fixes.

• python3.13-3.13.14-1.el10_3

New Python release including bugfixes and security fixes.

• python3.13-3.13.14-1.el9

New Python release including bugfixes and security fixes.

• python3.14-3.14.6-1.fc44
• python3-docs-3.14.6-1.fc44

New Python release including bugfixes and security fixes.

• python3.13-3.13.14-1.fc43

New Python release including bugfixes and security fixes.

• python3.13-3.13.14-1.fc44

New Python version including bugfixes and security fixes.

• perl-Crypt-PBKDF2-0.261630-1.fc44

This update addresses a number of security issues:

• Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
• Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
• Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)

• perl-Crypt-PBKDF2-0.261630-1.el10_3

This update addresses a number of security issues:

• Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
• Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
• Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)

• perl-Crypt-PBKDF2-0.261630-1.el10_2

This update addresses a number of security issues:

• Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
• Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
• Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)

• perl-Crypt-PBKDF2-0.261630-1.el9

This update addresses a number of security issues:

• Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
• Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
• Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)

• perl-Crypt-PBKDF2-0.261630-1.fc43

This update addresses a number of security issues:

• Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
• Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
• Use a constant-time comparison in validate to avoid timing attacks (CVE-2017-20240)

• python3.14-3.14.6-1.fc43
• python3-docs-3.14.6-1.fc43

New Python release including bugfixes and security fixes.

• frr-10.6.1-1.fc45
• grout-0.16.0-1.fc45

New version of frr and grout. I am keeping libyang to version 3 at the moment due to recommendations from https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst. Once changes to build with libyang5 land, I will rebase libyang as well.

• frr-10.6.1-1.fc44
• grout-0.16.0-1.fc44

New version of frr and grout. I am keeping libyang to version 3 at the moment due to recommendations from https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst. Once changes to build with libyang5 land, I will rebase libyang as well.