Fedora Security Advisories

nginx-1.30.3-1.fc45 nginx-mod-brotli-1.0.0~rc-11.fc45 nginx-mod-fancyindex-0.6.0-6.fc45 nginx-mod-headers-more-0.39-11.fc45 nginx-mod-js-challenge-0^20230517.gitda6852d-9.fc45 nginx-mod-modsecurity-1.0.4-12.fc45 nginx-mod-naxsi-1.6-19.fc45 nginx-mod-vts…

1 hour 1 minute ago
FEDORA-2026-e212182e6e Packages in this update:
  • nginx-1.30.3-1.fc45
  • nginx-mod-brotli-1.0.0~rc-11.fc45
  • nginx-mod-fancyindex-0.6.0-6.fc45
  • nginx-mod-headers-more-0.39-11.fc45
  • nginx-mod-js-challenge-0^20230517.gitda6852d-9.fc45
  • nginx-mod-modsecurity-1.0.4-12.fc45
  • nginx-mod-naxsi-1.6-19.fc45
  • nginx-mod-vts-0.2.4-11.fc45
Update description:

nginx-mod-brotli:

  • Rebuild for 1.30.3

nginx-mod-fancyindex:

  • Rebuild for 1.30.3

nginx-mod-modsecurity:

  • Rebuild for 1.30.3

nginx-mod-headers-more:

  • Rebuild for 1.30.3

nginx-mod-naxsi:

  • Rebuild for 1.30.3

nginx-mod-js-challenge:

  • Rebuild for 1.30.3

nginx-mod-vts:

  • Rebuild for 1.30.3

nginx:

  • update to 1.30.3
  • fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142

openbao-2.5.5-1.el10_2

5 hours 42 minutes ago
FEDORA-EPEL-2026-a80cc1ccf4 Packages in this update:
  • openbao-2.5.5-1.el10_2
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

openbao-2.5.5-1.el10_3

5 hours 42 minutes ago
FEDORA-EPEL-2026-33e6f5bc0f Packages in this update:
  • openbao-2.5.5-1.el10_3
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

openbao-2.5.5-1.fc43

5 hours 42 minutes ago
FEDORA-2026-da7e499416 Packages in this update:
  • openbao-2.5.5-1.fc43
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

openbao-2.5.5-1.el9

5 hours 42 minutes ago
FEDORA-EPEL-2026-68c29512d7 Packages in this update:
  • openbao-2.5.5-1.el9
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

openbao-2.5.5-1.el8

5 hours 42 minutes ago
FEDORA-EPEL-2026-c797cdf471 Packages in this update:
  • openbao-2.5.5-1.el8
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

openbao-2.5.5-1.fc44

5 hours 42 minutes ago
FEDORA-2026-84ff0044db Packages in this update:
  • openbao-2.5.5-1.fc44
Update description:

Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776.

python-postorius-1.3.13-1.fc44

6 hours 52 minutes ago
FEDORA-2026-ef34f94241 Packages in this update:
  • python-postorius-1.3.13-1.fc44
Update description:

Update to 1.3.13 (minor packaging changes); backport unreleased fix for cross-side scripting via unescaped HTML

python-postorius-1.3.13-1.fc43

6 hours 52 minutes ago
FEDORA-2026-c2b475c5f1 Packages in this update:
  • python-postorius-1.3.13-1.fc43
Update description:

Update to 1.3.13 (minor packaging changes); backport unreleased fix for cross-side scripting via unescaped HTML

krita-6.0.2.1-1.fc45

13 hours 31 minutes ago
FEDORA-2026-4084e20f7e Packages in this update:
  • krita-6.0.2.1-1.fc45
Update description:

Automatic update for krita-6.0.2.1-1.fc45.

Changelog * Wed Jun 17 2026 Than Ngo <than@redhat.com> - 6.0.2.1-1 - Fix rhbz#2481429, Update to 6.0.2.1 - Fix rhbz#2476570, CVE-2026-42144: integer overflow in PNM size check bypasses memory guard

coturn-4.13.1-1.el10_2

1 day 3 hours ago
FEDORA-EPEL-2026-f33139a01c Packages in this update:
  • coturn-4.13.1-1.el10_2
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.el8

1 day 3 hours ago
FEDORA-EPEL-2026-5fb0ce4f22 Packages in this update:
  • coturn-4.13.1-1.el8
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.fc43

1 day 3 hours ago
FEDORA-2026-c42d951aad Packages in this update:
  • coturn-4.13.1-1.fc43
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.fc44

1 day 3 hours ago
FEDORA-2026-dda1360c18 Packages in this update:
  • coturn-4.13.1-1.fc44
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership

coturn-4.13.1-1.el10_3

1 day 3 hours ago
FEDORA-EPEL-2026-69da7ab3e5 Packages in this update:
  • coturn-4.13.1-1.el10_3
Update description: Coturn 4.13.1 What's in this release
  • Security fixes
What's Changed
  • Null-terminate server_name in stun_is_challenge_response_str
  • Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
  • Auto-deny coturn's own database backend endpoints as relay peers
  • Deny link-local / ULA / site-local relay peers by default
Coturn 4.13.0 What's in this release
  • More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
  • Security fixes
What's Changed
  • Wrap atomic everywhere
  • Fix sendmmsg stride bug in multiplex-peer UDP batch flush
  • Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
  • Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
  • Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
  • Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
  • Enable --udp-recvmmsg by default on Linux
  • Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
  • Add continuous latency mode to stunclient
  • Fix test_redis_format link failure
  • Fix configure MANPREFIX typo
  • Fix missing sqlite3 dependendcy
  • Fix UDP receive buffer ownership
Checked
36 minutes 16 seconds ago