python-django-allauth-65.18.0-1.fc44
FEDORA-2026-2c5cde060d
Packages in this update:
- python-django-allauth-65.18.0-1.fc44
Update to the latest django-allauth
Fixes CVE-2026-27982
Fedora Security Advisories
strongswan-6.0.7-2.fc43
FEDORA-2026-67a9805962
Packages in this update:
- strongswan-6.0.7-2.fc43
Addresses CVE-2026-47895 which is a theoretical RCE
Fixes CVE-2026-25075, CVE-2026-35328, CVE-2026-35329, CVE-2026-35330, CVE-2026-35331, CVE-2026-35332, CVE-2026-35333, CVE-2026-35334
Update to address CVE-2025-9615 and CVE-2025-62291
util-linux-2.41.5-1.fc43
FEDORA-2026-a7ff7017ee
Packages in this update:
- util-linux-2.41.5-1.fc43
upstream upgrade with security fixes:
- CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount
- CVE-2026-53613 - libmount: SUID bypass via LIBMOUNT_FORCE_MOUNT2 and legacy mount path
- CVE-2026-53614 - libmount: fd_target TOCTOU prevention
util-linux-2.41.5-1.fc44
FEDORA-2026-c70cb96ff1
Packages in this update:
- util-linux-2.41.5-1.fc44
upstream upgrade with security fixes:
- CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount
- CVE-2026-53613 - libmount: SUID bypass via LIBMOUNT_FORCE_MOUNT2 and legacy mount path
- CVE-2026-53614 - libmount: fd_target TOCTOU prevention
materialx-1.39.5-1.fc44
FEDORA-2026-d2806ddffc
Packages in this update:
- materialx-1.39.5-1.fc44
New release version 1.39.5.
See the change log.
materialx-1.39.5-1.fc43
FEDORA-2026-85d5d5f493
Packages in this update:
- materialx-1.39.5-1.fc43
New release version 1.39.5.
See the change log.
strongswan-6.0.7-1.fc44
FEDORA-2026-284c049f7f
Packages in this update:
- strongswan-6.0.7-1.fc44
Addresses CVE-2026-47895 which is a theoretical RCE
lighttpd-1.4.83-1.fc44
FEDORA-2026-e5118f1777
Packages in this update:
- lighttpd-1.4.83-1.fc44
1.4.83
lighttpd-1.4.83-1.fc43
FEDORA-2026-265fb84974
Packages in this update:
- lighttpd-1.4.83-1.fc43
1.4.83
firefox-152.0-1.fc44 nss-3.124.0-1.fc44
FEDORA-2026-5eeadd9b1b
Packages in this update:
- firefox-152.0-1.fc44
- nss-3.124.0-1.fc44
Update NSS to 3.124.0 Update Firefox to 152.0
7zip-26.01-1.el10_3
FEDORA-EPEL-2026-52d18d8d5a
Packages in this update:
- 7zip-26.01-1.el10_3
- Fixes CVE-2026-48092: Information disclosure in 32-bit builds
- Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
- Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
- Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
- Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
- Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
- Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
- Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser
7zip-26.01-1.el10_2
FEDORA-EPEL-2026-8d909527ba
Packages in this update:
- 7zip-26.01-1.el10_2
- Fixes CVE-2026-48092: Information disclosure in 32-bit builds
- Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
- Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
- Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
- Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
- Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
- Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
- Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser
7zip-26.01-1.fc43
FEDORA-2026-f36864b408
Packages in this update:
- 7zip-26.01-1.fc43
- Fixes CVE-2026-48092: Information disclosure in 32-bit builds
- Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
- Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
- Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
- Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
- Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
- Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
- Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser
7zip-26.01-1.fc44
FEDORA-2026-4be7569210
Packages in this update:
- 7zip-26.01-1.fc44
- Fixes CVE-2026-48092: Information disclosure in 32-bit builds
- Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
- Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
- Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
- Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
- Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
- Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
- Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser
firefox-152.0-1.fc43 nss-3.124.0-1.fc43
FEDORA-2026-1c873954fa
Packages in this update:
- firefox-152.0-1.fc43
- nss-3.124.0-1.fc43
Update NSS to 3.124.0 Update to Firefox 152.0
buildah-1.44.0-1.fc45 containers-common-0.68.0-1.fc45 podman-6.0.0~rc1-1.fc45 skopeo-1.23.0-1.fc45
FEDORA-2026-2419096432
Packages in this update:
- buildah-1.44.0-1.fc45
- containers-common-0.68.0-1.fc45
- podman-6.0.0~rc1-1.fc45
- skopeo-1.23.0-1.fc45
Automatic update for buildah-1.44.0-1.fc45, podman-6.0.0~rc1-1.fc45, skopeo-1.23.0-1.fc45, containers-common-0.68.0-1.fc45.
Changelog for buildah * Wed May 27 2026 Packit <hello@packit.dev> - 2:1.44.0-1 - Update to 1.44.0 upstream release Changelog for podman * Mon Jun 15 2026 Packit <hello@packit.dev> - 5:6.0.0~rc1-1 - Update to 6.0.0-rc1 upstream release * Fri Jun 12 2026 Yaakov Selkowitz <yselkowi@redhat.com> - 5:5.8.2-2 - Rebuilt for openssl 4.0 Changelog for skopeo * Tue May 26 2026 Packit <hello@packit.dev> - 1:1.23.0-1 - Update to 1.23.0 upstream release Changelog for containers-common * Thu May 21 2026 Packit <hello@packit.dev> - 5:0.68.0-1 - Update to 0.68.0 upstream releasesudo-1.9.17-13.p2.fc45
FEDORA-2026-41453e7fa4
Packages in this update:
- sudo-1.9.17-13.p2.fc45
Automatic update for sudo-1.9.17-13.p2.fc45.
Changelog * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-12.p2 - Removed some unneeded build-time dependencies * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-11.p2 - Resolves: rhbz#2379016 - don't recommend sudo-python-pluginstig-2.6.1-1.fc43
FEDORA-2026-28df92c223
Packages in this update:
- tig-2.6.1-1.fc43
- Fix editor command injection vulnerability (only affectsversion 2.6.0). (#1432)
- https://github.com/jonas/tig/issues/1432
tig-2.6.1-1.fc44
FEDORA-2026-5cb64cc909
Packages in this update:
- tig-2.6.1-1.fc44
- Fix editor command injection vulnerability (only affectsversion 2.6.0). (#1432)
- https://github.com/jonas/tig/issues/1432
perl-Crypt-DSA-1.17-30.el9
FEDORA-EPEL-2026-abb2a8237d
Packages in this update:
- perl-Crypt-DSA-1.17-30.el9
This update prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).