Fedora Security Advisories

rsync-3.4.1-7.fc44

Fedora Security Advisories
6 hours 26 minutes ago
FEDORA-2026-75599531db Packages in this update:
  • rsync-3.4.1-7.fc44
Update description:

Fixing various bugs from Upstream.

I did not do a rebase since the Upstream stopped supporting the rsync-patches repo. I accepted this change in Rawhide but it changes the usage of one option that is no longer available in rsync. This is why I avoided the rebase in older stable branches.

rsync-3.4.1-6.fc43

Fedora Security Advisories
6 hours 26 minutes ago
FEDORA-2026-d4d8ae2bdc Packages in this update:
  • rsync-3.4.1-6.fc43
Update description:

Fixing various bugs from Upstream.

I did not do a rebase since the Upstream stopped supporting the rsync-patches repo. I accepted this change in Rawhide but it changes the usage of one option that is no longer available in rsync. This is why I avoided the rebase in older stable branches.

composer-2.9.8-1.el10_1

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-EPEL-2026-f239ba40fc Packages in this update:
  • composer-2.9.8-1.el10_1
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

composer-2.9.8-1.el9

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-EPEL-2026-ef81a8e1b5 Packages in this update:
  • composer-2.9.8-1.el9
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

composer-2.9.8-1.el10_2

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-EPEL-2026-5a6471f6df Packages in this update:
  • composer-2.9.8-1.el10_2
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

composer-2.9.8-1.fc44

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-2026-bd05cb6c4d Packages in this update:
  • composer-2.9.8-1.fc44
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

composer-2.9.8-1.el10_3

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-EPEL-2026-644aa1991e Packages in this update:
  • composer-2.9.8-1.el10_3
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

composer-2.9.8-1.fc43

Fedora Security Advisories
8 hours 52 minutes ago
FEDORA-2026-3e8172bbdb Packages in this update:
  • composer-2.9.8-1.fc43
Update description: Version 2.9.8 - 2026-05-13
  • Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)

python-django5-5.2.14-1.fc42

Fedora Security Advisories
20 hours 7 minutes ago
FEDORA-2026-b9548393aa Packages in this update:
  • python-django5-5.2.14-1.fc42
Update description:
  • Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass
  • Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST
  • Fixes CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware
  • Fixes CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation
  • Fixes CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin
  • Fixes CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable
  • Fixes CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload
  • Fixes CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass
  • Fixes CVE-2026-25674: Potential incorrect permissions on newly created file system objects
Checked
20 minutes 43 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security