7 hours 31 minutes ago
FEDORA-2026-d6b061ad69
Packages in this update:
Update description:
Update to .NET SDK 9.0.119 and Runtime 9.0.18
Fixes: CVE-2026-47300,CVE-2026-47302,CVE-2026-47303,CVE-2026-47304,CVE-2026-50524,CVE-2026-50525,CVE-2026-50526,CVE-2026-50527,CVE-2026-50528,CVE-2026-50646,CVE-2026-50648,CVE-2026-50649,CVE-2026-50650,CVE-2026-50651,CVE-2026-50659,CVE-2026-56158,CVE-2026-57108
Release Notes:
7 hours 31 minutes ago
FEDORA-2026-3afd9d89f4
Packages in this update:
Update description:
Update to .NET SDK 9.0.119 and Runtime 9.0.18
Fixes: CVE-2026-47300,CVE-2026-47302,CVE-2026-47303,CVE-2026-47304,CVE-2026-50524,CVE-2026-50525,CVE-2026-50526,CVE-2026-50527,CVE-2026-50528,CVE-2026-50646,CVE-2026-50648,CVE-2026-50649,CVE-2026-50650,CVE-2026-50651,CVE-2026-50659,CVE-2026-56158,CVE-2026-57108
Release Notes:
13 hours 1 minute ago
FEDORA-2026-81ed0bb2bb
Packages in this update:
- node-exporter-1.12.1-1.fc44
Update description:
Update to 1.12.1
Update to 1.12.0
13 hours 1 minute ago
FEDORA-EPEL-2026-73c6251f78
Packages in this update:
- node-exporter-1.12.1-1.el9
Update description:
Update to 1.12.1
Update to 1.12.0
13 hours 1 minute ago
FEDORA-2026-5924722657
Packages in this update:
- node-exporter-1.12.1-1.fc43
Update description:
Update to 1.12.1
Update to 1.12.0
13 hours 1 minute ago
FEDORA-EPEL-2026-0f871c49cd
Packages in this update:
- node-exporter-1.12.1-1.el10_2
Update description:
Update to 1.12.1
Update to 1.12.0
13 hours 1 minute ago
Artur Stetsko discovered that the .NET did not properly validate
authentication data. An attacker could possibly use this issue to elevate
privileges. (CVE-2026-47300)
Levi Broderick discovered that .NET did not properly handle XML encryption
during parsing. An attacker could possibly use this issue to consume
excessive resources, resulting in a denial of service. (CVE-2026-47302)
Pham Quang Minh discovered that .NET did not properly parse
authentication data. An attacker could possibly use this issue to bypass
authentication and elevate privileges. (CVE-2026-47303)
Levi Broderick discovered that .NET did not properly verify cryptographic
signatures during XML encryption. An attacker could possibly use this issue
to bypass security features over a network and access encrypted data.
(CVE-2026-47304)
It was discovered that .NET did not properly validate input during TLS
handshakes. An attacker could possibly use this issue to cause .NET to
crash, resulting in a denial of service. (CVE-2026-50524)
Levi Broderick discovered that .NET did not properly handle resource
allocation during XML encryption. An attacker could possibly use this issue
to consume excessive resources, resulting in a denial of service.
(CVE-2026-50525)
Siwei Li discovered that .NET did not properly handle link resolution
before file access during the container image build process. A local
attacker could possibly use this issue to inject resources that could be
incorporated into container images built by other users on the same
machine. (CVE-2026-50526)
Levi Broderick discovered that .NET did not properly handle memory while
performing XML encryption. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-50527)
Henrique Pereira discovered that .NET did not properly handle
authorization checks during TLS/SSL connections. An attacker could
possibly use this issue to bypass authorization checks during secure
communications. (CVE-2026-50528)
It was discovered that .NET did not properly handle resource allocation
during XML encryption. An attacker could possibly use this issue to
consume excessive resources, resulting in a denial of service.
(CVE-2026-50648)
Miha Zupan discovered that .NET did not properly limit resource
allocation when handling HTTP/2 requests. An attacker could possibly use
this issue to consume excessive resources, resulting in a denial of
service. (CVE-2026-50651)
It was discovered that the .NET SMTP client did not properly handle the
encoding or escaping of output. An attacker could possibly use this issue
to spoof messages during message routing. (CVE-2026-50659)
It was discovered that .NET did not properly validate resource types when
parsing X.509 certificates. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-57108)
13 hours 19 minutes ago
FEDORA-2026-47575c76a5
Packages in this update:
Update description:
A third update after 3.4.9 to prepare for deprecation of obsolete algorithms and attributes in the upcoming 3.5 release.
13 hours 19 minutes ago
FEDORA-2026-e4349a03b1
Packages in this update:
Update description:
A third update after 3.4.9 to prepare for deprecation of obsolete algorithms and attributes in the upcoming 3.5 release.
14 hours 37 minutes ago
Version:next-20260715 (linux-next)
Released:2026-07-15
15 hours 25 minutes ago
It was discovered that Sympa did not properly validate input on the
generic SSO login. A remote attacker could possibly use this issue to
perform a path traversal attack and gain unintended access.
16 hours ago
It was discovered that Tomcat incorrectly handled authorization when
multiple method constraints defined the same HTTP method. A remote
attacker could possibly use this issue to bypass authorization
restrictions. (CVE-2026-43515)
It was discovered that the Tomcat number guess example application did
not properly sanitize user-supplied input. An attacker could possibly
use this issue to inject malicious scripts, resulting in cross-site
scripting. (CVE-2026-50229)
It was discovered that Tomcat incorrectly evaluated rewrite valve
conditions in certain configurations. An attacker could possibly use
this issue to bypass rewrite rules, resulting in unauthorized access.
(CVE-2026-53404)
It was discovered that Tomcat incorrectly omitted certain authorization
information when logging the effective web.xml configuration. An
attacker could possibly use this issue to hide authorization
constraints, resulting in reduced auditability. (CVE-2026-55276)
16 hours 16 minutes ago
It was discovered that libslirp incorrectly handled TCP urgent data. A
privileged attacker inside a guest VM could possibly use this issue to
obtain sensitive information from the host process memory.
16 hours 29 minutes ago
It was discovered that idna did not properly reject oversized inputs before
performing expensive processing. An attacker could possibly use this issue
to cause idna to consume significant resources, leading to a denial of
service.
16 hours 32 minutes ago
FEDORA-2026-3805ba3721
Packages in this update:
- python-black-26.5.1-1.fc44
- python-lsp-black-2.0.0-17.fc44
- python-pytokens-0.4.1-4.fc44
Update description:
Upgrade to 26.5.1, solves serious vulnerabilities such as:
- CVE-2026-31900
- CVE-2026-32274
17 hours 44 minutes ago
FEDORA-2026-32d5a3d450
Packages in this update:
Update description:
Ruby 4.0.6 is released. This new ruby contains several security fixes in net-snmp.
17 hours 47 minutes ago
FEDORA-2026-7f499e0362
Packages in this update:
Update description:
Ruby 4.0.6 is released.
18 hours 8 minutes ago
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Thermal drivers;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Tracing infrastructure;
- B.A.T.M.A.N. meshing protocol;
- Ceph Core library;
- DCCP (Datagram Congestion Control Protocol);
- IPv4 networking;
- IPv6 networking;
- Netfilter;
- RxRPC session sockets;
- X.25 network layer;
(CVE-2021-47117, CVE-2021-47202, CVE-2023-52646, CVE-2024-56643,
CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637,
CVE-2026-31659, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037,
CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43414,
CVE-2026-45988, CVE-2026-46119, CVE-2026-46243)
18 hours 34 minutes ago
FEDORA-2026-1133c0078b
Packages in this update:
Update description:
Update to 3.29.0
18 hours 35 minutes ago
FEDORA-2026-a9bfa4361b
Packages in this update:
Update description:
Update to 3.29.0