Fedora Security Advisories

7zip-26.01-1.el10_3

17 hours 18 minutes ago
FEDORA-EPEL-2026-52d18d8d5a Packages in this update:
  • 7zip-26.01-1.el10_3
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.el10_2

17 hours 18 minutes ago
FEDORA-EPEL-2026-8d909527ba Packages in this update:
  • 7zip-26.01-1.el10_2
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc43

17 hours 34 minutes ago
FEDORA-2026-f36864b408 Packages in this update:
  • 7zip-26.01-1.fc43
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc44

17 hours 34 minutes ago
FEDORA-2026-4be7569210 Packages in this update:
  • 7zip-26.01-1.fc44
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

buildah-1.44.0-1.fc45 containers-common-0.68.0-1.fc45 podman-6.0.0~rc1-1.fc45 skopeo-1.23.0-1.fc45

20 hours 24 minutes ago
FEDORA-2026-2419096432 Packages in this update:
  • buildah-1.44.0-1.fc45
  • containers-common-0.68.0-1.fc45
  • podman-6.0.0~rc1-1.fc45
  • skopeo-1.23.0-1.fc45
Update description:

Automatic update for buildah-1.44.0-1.fc45, podman-6.0.0~rc1-1.fc45, skopeo-1.23.0-1.fc45, containers-common-0.68.0-1.fc45.

Changelog for buildah * Wed May 27 2026 Packit <hello@packit.dev> - 2:1.44.0-1 - Update to 1.44.0 upstream release Changelog for podman * Mon Jun 15 2026 Packit <hello@packit.dev> - 5:6.0.0~rc1-1 - Update to 6.0.0-rc1 upstream release * Fri Jun 12 2026 Yaakov Selkowitz <yselkowi@redhat.com> - 5:5.8.2-2 - Rebuilt for openssl 4.0 Changelog for skopeo * Tue May 26 2026 Packit <hello@packit.dev> - 1:1.23.0-1 - Update to 1.23.0 upstream release Changelog for containers-common * Thu May 21 2026 Packit <hello@packit.dev> - 5:0.68.0-1 - Update to 0.68.0 upstream release

sudo-1.9.17-13.p2.fc45

20 hours 36 minutes ago
FEDORA-2026-41453e7fa4 Packages in this update:
  • sudo-1.9.17-13.p2.fc45
Update description:

Automatic update for sudo-1.9.17-13.p2.fc45.

Changelog * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-12.p2 - Removed some unneeded build-time dependencies * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-11.p2 - Resolves: rhbz#2379016 - don't recommend sudo-python-plugins

perl-Crypt-DSA-1.17-30.el9

1 day ago
FEDORA-EPEL-2026-abb2a8237d Packages in this update:
  • perl-Crypt-DSA-1.17-30.el9
Update description:

This update prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).

perl-Crypt-DSA-1.17-30.el8

1 day ago
FEDORA-EPEL-2026-18f1bb66c7 Packages in this update:
  • perl-Crypt-DSA-1.17-30.el8
Update description:

This update prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).

perl-Crypt-DSA-1.21-1.fc44

1 day ago
FEDORA-2026-f4a6b0c635 Packages in this update:
  • perl-Crypt-DSA-1.21-1.fc44
Update description:

This update, to the current upstream release, prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).

perl-Crypt-DSA-1.21-1.el10_3

1 day ago
FEDORA-EPEL-2026-954ec464c6 Packages in this update:
  • perl-Crypt-DSA-1.21-1.el10_3
Update description:

This update, to the current upstream release, prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).

perl-Crypt-DSA-1.21-1.el10_2

1 day ago
FEDORA-EPEL-2026-027ffba596 Packages in this update:
  • perl-Crypt-DSA-1.21-1.el10_2
Update description:

This update, to the current upstream release, prevents key material reuse for multiple signing events (CVE-2026-12205, CWE-323).

Checked
7 minutes 13 seconds ago