Fedora Security Advisories

mbedtls-3.6.7-1.el10_3

3 hours 54 minutes ago
FEDORA-EPEL-2026-c02be502f7 Packages in this update:
  • mbedtls-3.6.7-1.el10_3
Update description:
  • Update to 3.6.7
  • Fixes CVE-2026-25832, CVE-2026-35336, CVE-2026-49300, CVE-2026-50579, CVE-2026-50580, CVE-2026-50581, CVE-2026-50583, CVE-2026-50584, CVE-2026-50585, CVE-2026-50586, CVE-2026-50587, CVE-2026-50588, CVE-2026-50640, CVE-2026-50713, CVE-2026-54435, CVE-2026-54441

Release notes: https://github.com/Mbed-TLS/mbedtls/releases#release-mbedtls-3.6.7

mbedtls-3.6.7-1.el10_2

3 hours 54 minutes ago
FEDORA-EPEL-2026-590e30b5b5 Packages in this update:
  • mbedtls-3.6.7-1.el10_2
Update description:
  • Update to 3.6.7
  • Fixes CVE-2026-25832, CVE-2026-35336, CVE-2026-49300, CVE-2026-50579, CVE-2026-50580, CVE-2026-50581, CVE-2026-50583, CVE-2026-50584, CVE-2026-50585, CVE-2026-50586, CVE-2026-50587, CVE-2026-50588, CVE-2026-50640, CVE-2026-50713, CVE-2026-54435, CVE-2026-54441

Release notes: https://github.com/Mbed-TLS/mbedtls/releases#release-mbedtls-3.6.7

mbedtls-3.6.7-1.fc44

3 hours 54 minutes ago
FEDORA-2026-8d954936a5 Packages in this update:
  • mbedtls-3.6.7-1.fc44
Update description:
  • Update to 3.6.7
  • Fixes CVE-2026-25832, CVE-2026-35336, CVE-2026-49300, CVE-2026-50579, CVE-2026-50580, CVE-2026-50581, CVE-2026-50583, CVE-2026-50584, CVE-2026-50585, CVE-2026-50586, CVE-2026-50587, CVE-2026-50588, CVE-2026-50640, CVE-2026-50713, CVE-2026-54435, CVE-2026-54441

Release notes: https://github.com/Mbed-TLS/mbedtls/releases#release-mbedtls-3.6.7

mbedtls-3.6.7-1.fc43

3 hours 55 minutes ago
FEDORA-2026-0bb141710c Packages in this update:
  • mbedtls-3.6.7-1.fc43
Update description:
  • Update to 3.6.7
  • Fixes CVE-2026-25832, CVE-2026-35336, CVE-2026-49300, CVE-2026-50579, CVE-2026-50580, CVE-2026-50581, CVE-2026-50583, CVE-2026-50584, CVE-2026-50585, CVE-2026-50586, CVE-2026-50587, CVE-2026-50588, CVE-2026-50640, CVE-2026-50713, CVE-2026-54435, CVE-2026-54441

Release notes: https://github.com/Mbed-TLS/mbedtls/releases#release-mbedtls-3.6.7

erlang-26.2.5.21-4.fc43

18 hours 57 minutes ago
FEDORA-2026-965be97ac0 Packages in this update:
  • erlang-26.2.5.21-4.fc43
Update description:

Backport fixes for CVE-2026-48858 (ftp SSRF), CVE-2026-49759 (SCTP DoS), CVE-2026-48860 (dist-over-TLS auth bypass), CVE-2026-54886 (ssh SFTP DoS), CVE-2026-54891 (TLS handshake data injection), and CVE-2026-55952 (TLS 1.3 session ticket DoS). These are fixed upstream in OTP 27.x (rawhide/f45); backported here to the OTP 26.x line.

erlang-26.2.5.21-4.fc44

18 hours 57 minutes ago
FEDORA-2026-dcf80dc1ff Packages in this update:
  • erlang-26.2.5.21-4.fc44
Update description:

Backport fixes for CVE-2026-48858 (ftp SSRF), CVE-2026-49759 (SCTP DoS), CVE-2026-48860 (dist-over-TLS auth bypass), CVE-2026-54886 (ssh SFTP DoS), CVE-2026-54891 (TLS handshake data injection), and CVE-2026-55952 (TLS 1.3 session ticket DoS). These are fixed upstream in OTP 27.x (rawhide/f45); backported here to the OTP 26.x line.

c-ares-1.34.8-1.fc43

20 hours 49 minutes ago
FEDORA-2026-d70d93fcd7 Packages in this update:
  • c-ares-1.34.8-1.fc43
Update description:

1.34.7 accidentally broke the API compatibility, this is fixed in 1.34.8.

  • update to 1.34.7
  • fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

p11-kit-0.26.4-1.fc43

22 hours 18 minutes ago
FEDORA-2026-566791181a Packages in this update:
  • p11-kit-0.26.4-1.fc43
Update description:
  • server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757)
  • fixed confusing error message when trying to store an existing cert with trust anchor
  • fixed assert when parsing p11-kit files with value (")
  • fixed numerous memory management issues
  • Build and test fixes
  • Updated translations

p11-kit-0.26.4-1.fc44

22 hours 19 minutes ago
FEDORA-2026-695fd36daa Packages in this update:
  • p11-kit-0.26.4-1.fc44
Update description:
  • server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757)
  • fixed confusing error message when trying to store an existing cert with trust anchor
  • fixed assert when parsing p11-kit files with value (")
  • fixed numerous memory management issues
  • Build and test fixes
  • Updated translations

webkitgtk-2.52.5-1.fc44

23 hours 12 minutes ago
FEDORA-2026-3bc4b3ccb3 Packages in this update:
  • webkitgtk-2.52.5-1.fc44
Update description:
  • Fire scrollend event for instant programmatic scrolls.
  • Increase network idle connection timeout to 115 seconds.
  • Fix several crashes and rendering issues.
  • Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712, CVE-2026-43713, CVE-2026-43715, CVE-2026-43716, CVE-2026-43720, CVE-2026-43721, CVE-2026-43725, CVE-2026-43726, CVE-2026-43727, CVE-2026-43731, CVE-2026-43732, CVE-2026-43734, CVE-2026-43740, CVE-2026-43742, CVE-2026-43745

webkitgtk-2.52.5-1.fc43

23 hours 12 minutes ago
FEDORA-2026-ec8e535c6e Packages in this update:
  • webkitgtk-2.52.5-1.fc43
Update description:
  • Fire scrollend event for instant programmatic scrolls.
  • Increase network idle connection timeout to 115 seconds.
  • Fix several crashes and rendering issues.
  • Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712, CVE-2026-43713, CVE-2026-43715, CVE-2026-43716, CVE-2026-43720, CVE-2026-43721, CVE-2026-43725, CVE-2026-43726, CVE-2026-43727, CVE-2026-43731, CVE-2026-43732, CVE-2026-43734, CVE-2026-43740, CVE-2026-43742, CVE-2026-43745
Checked
30 seconds ago