Fedora Security Advisories

glibc-2.42-9.fc43

Fedora Security Advisories
1 hour 44 minutes ago
FEDORA-2026-205d532069 Packages in this update:
  • glibc-2.42-9.fc43
Update description:

This update switches the currency symbol for Bulgaria to the Euro.

Furthermore, it addresses several security vulnerabilities:

  • A crash when wordexp is used with WRDE_REUSE (CVE-2025-15281)
  • Information leakage from the stack if getnetbyaddr is called for the zero address (CVE-2026-0915)
  • An integer overflow in memalign and related functions if they are called with out-of-bounds size/alignment combinations (CVE-2026-0861)
  • LD_PROFILE is now ignored with a warning if LD_PROFILE_OUTPUT is not specified, rather than using the insecure /var/tmp default.

tar-1.35-8.fc44

Fedora Security Advisories
15 hours 56 minutes ago
FEDORA-2026-0895af5ebe Packages in this update:
  • tar-1.35-8.fc44
Update description:

Automatic update for tar-1.35-8.fc44.

Changelog * Wed Jan 21 2026 Pavel Cahyna <pcahyna@redhat.com> - 2:1.35-8 - Backport upstream fix for savannah bug 65838, commit 1e6ce98e (fedora#2427654) - added "padding with zeros" info message (#2089298) - do not report disk error as file shrank (#2089316) - upstream fix for savannah bug 64581, commit 51142180 (crash with TAR_OPTIONS) (fedora#2389217) - Backport fix for regression in the --no-overwrite-dir option Upstream commit 4e742fc8674064a9fa00d4483d06aca48d5b0463, discussed in https://www.mail-archive.com/bug-tar@gnu.org/msg06445.html - Backport upstream changes to jailify extraction directory Includes related gnulib changes to add openat2 Fixes CVE-2025-45582 (fedora#2380007)

bind-9.18.44-1.fc42 bind-dyndb-ldap-11.11-9.fc42

Fedora Security Advisories
1 day 15 hours ago
FEDORA-2026-34c921d252 Packages in this update:
  • bind-9.18.44-1.fc42
  • bind-dyndb-ldap-11.11-9.fc42
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind-9.18.44-1.fc43 bind-dyndb-ldap-11.11-10.fc43

Fedora Security Advisories
1 day 15 hours ago
FEDORA-2026-567ff6c687 Packages in this update:
  • bind-9.18.44-1.fc43
  • bind-dyndb-ldap-11.11-10.fc43
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind9-next-9.21.17-1.fc43

Fedora Security Advisories
1 day 18 hours ago
FEDORA-2026-b31c8d8e83 Packages in this update:
  • bind9-next-9.21.17-1.fc43
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind9-next-9.21.17-2.fc42

Fedora Security Advisories
1 day 18 hours ago
FEDORA-2026-d8979b7a9c Packages in this update:
  • bind9-next-9.21.17-2.fc42
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind-9.18.44-1.fc44 bind-dyndb-ldap-11.11-12.fc44

Fedora Security Advisories
1 day 18 hours ago
FEDORA-2026-925e7cce85 Packages in this update:
  • bind-9.18.44-1.fc44
  • bind-dyndb-ldap-11.11-12.fc44
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

Checked
1 minute ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security