Fedora Security Advisories

fasterxml-oss-parent-75-1.fc45 jackson-annotations-2.21-6.fc45 jackson-bom-2.21.5-1.fc45 jackson-core-2.21.5-1.fc45 jackson-databind-2.21.5-1.fc45 jackson-jaxrs-providers-2.21.5-1.fc45 jackson-modules-base-2.21.5-1.fc45 jackson-parent-2.21-1.fc45

2 hours 6 minutes ago
FEDORA-2026-ddde3cf003 Packages in this update:
  • fasterxml-oss-parent-75-1.fc45
  • jackson-annotations-2.21-6.fc45
  • jackson-bom-2.21.5-1.fc45
  • jackson-core-2.21.5-1.fc45
  • jackson-databind-2.21.5-1.fc45
  • jackson-jaxrs-providers-2.21.5-1.fc45
  • jackson-modules-base-2.21.5-1.fc45
  • jackson-parent-2.21-1.fc45
Update description:

Rebase to 2.21.5 to solve the CVE-2026-54518, CVE-2026-54517, CVE-2026-54516, CVE-2026-54515, CVE-2026-54513, CVE-2026-54512

spoofdpi-1.5.3-1.fc45

8 hours 13 minutes ago
FEDORA-2026-b382f3a576 Packages in this update:
  • spoofdpi-1.5.3-1.fc45
Update description:

Automatic update for spoofdpi-1.5.3-1.fc45.

Changelog * Tue Jul 14 2026 Emir Akdag <infraw.linux@proton.me> - 1.5.3-1 - Update spoofdpi to 1.5.3 - Update to 1.5.3 to fix CVE-2026-27145 - Add missing license for go-localereader - Fix build directory case sensitivity issue - Resolves: rhbz#2494220, rhbz#2494389

perl-YAML-Syck-1.47-1.el9

12 hours 17 minutes ago
FEDORA-EPEL-2026-57e759c14c Packages in this update:
  • perl-YAML-Syck-1.47-1.el9
Update description:

This update addresses four libsyck memory-safety CVEs reachable from the default YAML::Syck::Load() path on untrusted input with no special flags:

  • CVE-2026-57075 (CWE-125): Out-of-bounds read in the base64 decoder caused by signed-char indexing of the decode table on !!binary input
  • CVE-2026-57076 (CWE-416): Use-after-free of an anchor key string shared between the node and the anchors table
  • CVE-2026-57077 (CWE-125): One-byte out-of-bounds read in the lexer newline scan during block-scalar parsing (incomplete-fix follow-on to CVE-2025-11683)
  • CVE-2026-13713 (CWE-416/CWE-415): Use-after-free / double-free of an anchor node on anchor redefinition, a remote-crash DoS from a 7-byte input

There are also a few other bug-fixes included.

perl-YAML-Syck-1.47-1.el10_3

12 hours 17 minutes ago
FEDORA-EPEL-2026-22c2f092d6 Packages in this update:
  • perl-YAML-Syck-1.47-1.el10_3
Update description:

This update addresses four libsyck memory-safety CVEs reachable from the default YAML::Syck::Load() path on untrusted input with no special flags:

  • CVE-2026-57075 (CWE-125): Out-of-bounds read in the base64 decoder caused by signed-char indexing of the decode table on !!binary input
  • CVE-2026-57076 (CWE-416): Use-after-free of an anchor key string shared between the node and the anchors table
  • CVE-2026-57077 (CWE-125): One-byte out-of-bounds read in the lexer newline scan during block-scalar parsing (incomplete-fix follow-on to CVE-2025-11683)
  • CVE-2026-13713 (CWE-416/CWE-415): Use-after-free / double-free of an anchor node on anchor redefinition, a remote-crash DoS from a 7-byte input

There are also a few other bug-fixes included.

perl-YAML-Syck-1.47-1.fc44

12 hours 17 minutes ago
FEDORA-2026-2139aa7dce Packages in this update:
  • perl-YAML-Syck-1.47-1.fc44
Update description:

This update addresses four libsyck memory-safety CVEs reachable from the default YAML::Syck::Load() path on untrusted input with no special flags:

  • CVE-2026-57075 (CWE-125): Out-of-bounds read in the base64 decoder caused by signed-char indexing of the decode table on !!binary input
  • CVE-2026-57076 (CWE-416): Use-after-free of an anchor key string shared between the node and the anchors table
  • CVE-2026-57077 (CWE-125): One-byte out-of-bounds read in the lexer newline scan during block-scalar parsing (incomplete-fix follow-on to CVE-2025-11683)
  • CVE-2026-13713 (CWE-416/CWE-415): Use-after-free / double-free of an anchor node on anchor redefinition, a remote-crash DoS from a 7-byte input

There are also a few other bug-fixes included.

perl-YAML-Syck-1.47-1.fc43

12 hours 17 minutes ago
FEDORA-2026-c8484f1afb Packages in this update:
  • perl-YAML-Syck-1.47-1.fc43
Update description:

This update addresses four libsyck memory-safety CVEs reachable from the default YAML::Syck::Load() path on untrusted input with no special flags:

  • CVE-2026-57075 (CWE-125): Out-of-bounds read in the base64 decoder caused by signed-char indexing of the decode table on !!binary input
  • CVE-2026-57076 (CWE-416): Use-after-free of an anchor key string shared between the node and the anchors table
  • CVE-2026-57077 (CWE-125): One-byte out-of-bounds read in the lexer newline scan during block-scalar parsing (incomplete-fix follow-on to CVE-2025-11683)
  • CVE-2026-13713 (CWE-416/CWE-415): Use-after-free / double-free of an anchor node on anchor redefinition, a remote-crash DoS from a 7-byte input

There are also a few other bug-fixes included.

perl-YAML-Syck-1.47-1.el10_2

12 hours 17 minutes ago
FEDORA-EPEL-2026-8b5b8778ee Packages in this update:
  • perl-YAML-Syck-1.47-1.el10_2
Update description:

This update addresses four libsyck memory-safety CVEs reachable from the default YAML::Syck::Load() path on untrusted input with no special flags:

  • CVE-2026-57075 (CWE-125): Out-of-bounds read in the base64 decoder caused by signed-char indexing of the decode table on !!binary input
  • CVE-2026-57076 (CWE-416): Use-after-free of an anchor key string shared between the node and the anchors table
  • CVE-2026-57077 (CWE-125): One-byte out-of-bounds read in the lexer newline scan during block-scalar parsing (incomplete-fix follow-on to CVE-2025-11683)
  • CVE-2026-13713 (CWE-416/CWE-415): Use-after-free / double-free of an anchor node on anchor redefinition, a remote-crash DoS from a 7-byte input

There are also a few other bug-fixes included.

kernel-7.1.3-201.fc44

14 hours 30 minutes ago
FEDORA-2026-e8e294a7fa Packages in this update:
  • kernel-7.1.3-201.fc44
Update description:

The 7.1.3-101/201 builds contain an important fix for XFS filesystem users.

kernel-7.1.3-101.fc43

14 hours 30 minutes ago
FEDORA-2026-085c9e92a4 Packages in this update:
  • kernel-7.1.3-101.fc43
Update description:

The 7.1.3-101/201 builds contain an important fix for XFS filesystem users.

Checked
4 minutes 31 seconds ago