Fedora Security Advisories

coturn-4.13.1-1.el10_2

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-EPEL-2026-f33139a01c Packages in this update:
  • coturn-4.13.1-1.el10_2
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.el8

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-EPEL-2026-5fb0ce4f22 Packages in this update:
  • coturn-4.13.1-1.el8
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.fc43

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-2026-c42d951aad Packages in this update:
  • coturn-4.13.1-1.fc43
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.fc44

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-2026-dda1360c18 Packages in this update:
  • coturn-4.13.1-1.fc44
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.el10_3

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-EPEL-2026-69da7ab3e5 Packages in this update:
  • coturn-4.13.1-1.el10_3
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.el9

Fedora Security Advisories
6 hours 10 minutes ago
FEDORA-EPEL-2026-48a6ee99c9 Packages in this update:
  • coturn-4.13.1-1.el9
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

strongswan-6.0.7-2.fc43

Fedora Security Advisories
11 hours 23 minutes ago
FEDORA-2026-67a9805962 Packages in this update:
  • strongswan-6.0.7-2.fc43
Update description:

Addresses CVE-2026-47895 which is a theoretical RCE

Fixes CVE-2026-25075, CVE-2026-35328, CVE-2026-35329, CVE-2026-35330, CVE-2026-35331, CVE-2026-35332, CVE-2026-35333, CVE-2026-35334

Update to address CVE-2025-9615 and CVE-2025-62291

util-linux-2.41.5-1.fc43

Fedora Security Advisories
12 hours 9 minutes ago
FEDORA-2026-a7ff7017ee Packages in this update:
  • util-linux-2.41.5-1.fc43
Update description:

upstream upgrade with security fixes:

  • CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount
  • CVE-2026-53613 - libmount: SUID bypass via LIBMOUNT_FORCE_MOUNT2 and legacy mount path
  • CVE-2026-53614 - libmount: fd_target TOCTOU prevention

util-linux-2.41.5-1.fc44

Fedora Security Advisories
12 hours 10 minutes ago
FEDORA-2026-c70cb96ff1 Packages in this update:
  • util-linux-2.41.5-1.fc44
Update description:

upstream upgrade with security fixes:

  • CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount
  • CVE-2026-53613 - libmount: SUID bypass via LIBMOUNT_FORCE_MOUNT2 and legacy mount path
  • CVE-2026-53614 - libmount: fd_target TOCTOU prevention

7zip-26.01-1.el10_3

Fedora Security Advisories
1 day 6 hours ago
FEDORA-EPEL-2026-52d18d8d5a Packages in this update:
  • 7zip-26.01-1.el10_3
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.el10_2

Fedora Security Advisories
1 day 6 hours ago
FEDORA-EPEL-2026-8d909527ba Packages in this update:
  • 7zip-26.01-1.el10_2
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc43

Fedora Security Advisories
1 day 7 hours ago
FEDORA-2026-f36864b408 Packages in this update:
  • 7zip-26.01-1.fc43
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc44

Fedora Security Advisories
1 day 7 hours ago
FEDORA-2026-4be7569210 Packages in this update:
  • 7zip-26.01-1.fc44
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser
Checked
37 minutes 49 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security