Fedora Security Advisories

bird-3.3.1-1.fc44

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-2026-8f225adf49 Packages in this update:
  • bird-3.3.1-1.fc44
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

bird-3.3.1-1.el9

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-EPEL-2026-af4408a35e Packages in this update:
  • bird-3.3.1-1.el9
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

bird-3.3.1-1.el10_2

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-EPEL-2026-3dfbc6a1df Packages in this update:
  • bird-3.3.1-1.el10_2
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

bird-3.3.1-1.fc43

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-2026-564680920c Packages in this update:
  • bird-3.3.1-1.fc43
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

bird-3.3.1-1.el10_3

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-EPEL-2026-50135c9a61 Packages in this update:
  • bird-3.3.1-1.el10_3
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

bird-3.3.1-1.el8

Fedora Security Advisories
3 hours 38 minutes ago
FEDORA-EPEL-2026-80fc55f890 Packages in this update:
  • bird-3.3.1-1.el8
Update description: BIRD 3.3.1 (2026-06-09)
  • BGP: Fix crash when incoming connection for disabled protocol arrives
  • BGP: Fix parsing labelled NLRIs with no next hop
  • BGP: Fix cork behavior in collision with graceful restart
  • BGP: Fix crash on dumping pending export statistics
  • BGP: Fix several issues in Flowspec handling
  • BMP/Nest: No refeed after listener or protocol restart
  • MPLS: Fix crash on reconfiguring CS_DOWN channel
  • OSPF: Fix handling of LLS data length field
  • OSPF: Fix OOB read in authentication check
  • OSPF: Fix OOB read in Router-LSA validation
  • Proto: Fix regression in protocol enabling
  • Channel: Fix refeeds and reloads during graceful restart
  • Export: Mitigate duplicate withdrawals
  • Filters: Fix crash when setting gateway on recursive nexthops
  • Filters: Fix path matching when AS path is too long
  • Table: Fix RCU double-anchor
  • Table: Propagate thread group config into aux
  • RCU: Catch leaks sooner

See also: https://trubka.network.cz/pipermail/bird-users/2026-June/018790.html

perl-HTTP-Daemon-6.17-1.fc43

Fedora Security Advisories
7 hours 12 minutes ago
FEDORA-2026-f276b2154e Packages in this update:
  • perl-HTTP-Daemon-6.17-1.fc43
Update description:

Changes:

6.17 2026-05-19 23:11:06Z

  • Fix CVE-2026-8450 (affects 6.15 and earlier): 2-arg open() in send_file() enabled RCE / arbitrary file write / response-body exfiltration when a string argument was derived from attacker- influenced input. send_file() now uses 3-arg open() with an explicit '<' read mode, so the path is always treated as a literal filename and 2-arg open() shell-magic shapes ('| cmd', 'cmd |', '> path', etc.) are no longer interpreted. send_file() now also returns '0E0' (true zero) on a successful zero-byte transfer so callers can distinguish empty file from open failure (undef). See https://www.cve.org/CVERecord?id=CVE-2026-8450 for the advisory. Reported and patched by Stig Palmquist (stigtsp). (Stig Palmquist, Olaf Alders)

perl-HTTP-Daemon-6.17-1.fc44

Fedora Security Advisories
7 hours 12 minutes ago
FEDORA-2026-8982379b5c Packages in this update:
  • perl-HTTP-Daemon-6.17-1.fc44
Update description:

Changes:

6.17 2026-05-19 23:11:06Z

  • Fix CVE-2026-8450 (affects 6.15 and earlier): 2-arg open() in send_file() enabled RCE / arbitrary file write / response-body exfiltration when a string argument was derived from attacker- influenced input. send_file() now uses 3-arg open() with an explicit '<' read mode, so the path is always treated as a literal filename and 2-arg open() shell-magic shapes ('| cmd', 'cmd |', '> path', etc.) are no longer interpreted. send_file() now also returns '0E0' (true zero) on a successful zero-byte transfer so callers can distinguish empty file from open failure (undef). See https://www.cve.org/CVERecord?id=CVE-2026-8450 for the advisory. Reported and patched by Stig Palmquist (stigtsp). (Stig Palmquist, Olaf Alders)

perl-Net-Statsd-0.13-1.fc44

Fedora Security Advisories
10 hours 6 minutes ago
FEDORA-2026-9c71664439 Packages in this update:
  • perl-Net-Statsd-0.13-1.fc44
Update description:

Metric names and values are now validated to ensure they do not contain characters below ASCII 32 (including newlines), colon (":") or pipe ("|") characters that might allow metric injection. Offending calls now croak.

perl-Net-Statsd-0.13-1.fc43

Fedora Security Advisories
10 hours 6 minutes ago
FEDORA-2026-9a8f233b8f Packages in this update:
  • perl-Net-Statsd-0.13-1.fc43
Update description:

Metric names and values are now validated to ensure they do not contain characters below ASCII 32 (including newlines), colon (":") or pipe ("|") characters that might allow metric injection. Offending calls now croak.

ImageMagick-6.9.13.49-1.el9

Fedora Security Advisories
10 hours 49 minutes ago
FEDORA-EPEL-2026-2d971fc3b0 Packages in this update:
  • ImageMagick-6.9.13.49-1.el9
Update description: Summary

This update fixes several security vulnerabilities, including multiple high-severity CVEs: Security fixes

  • CVE-2026-33901 (High) — Heap buffer overflow in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.
  • CVE-2026-33908 (High) — Recursive DestroyXMLTree() call with no depth limit causes stack exhaustion when processing deeply nested XML structures, resulting in a Denial of Service (DoS).
  • CVE-2026-40310 (High) — Heap out-of-bounds write in the JP2 encoder triggered when a user specifies an invalid sampling index.

Additional security and bug fixes are included in the upstream releases between 6.9.13.25 and 6.9.13.49. See the upstream release history at: https://github.com/ImageMagick/ImageMagick6/releases

ImageMagick-6.9.13.49-1.el8

Fedora Security Advisories
10 hours 49 minutes ago
FEDORA-EPEL-2026-fb9a9ab1e9 Packages in this update:
  • ImageMagick-6.9.13.49-1.el8
Update description: Summary

This update fixes several security vulnerabilities, including multiple high-severity CVEs: Security fixes

  • CVE-2026-33901 (High) — Heap buffer overflow in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.
  • CVE-2026-33908 (High) — Recursive DestroyXMLTree() call with no depth limit causes stack exhaustion when processing deeply nested XML structures, resulting in a Denial of Service (DoS).
  • CVE-2026-40310 (High) — Heap out-of-bounds write in the JP2 encoder triggered when a user specifies an invalid sampling index.

Additional security and bug fixes are included in the upstream releases between 6.9.13.25 and 6.9.13.49. See the upstream release history at: https://github.com/ImageMagick/ImageMagick6/releases

vorbis-tools-1.4.3-5.fc45

Fedora Security Advisories
17 hours 45 minutes ago
FEDORA-2026-9c00940406 Packages in this update:
  • vorbis-tools-1.4.3-5.fc45
Update description:

Automatic update for vorbis-tools-1.4.3-5.fc45.

Changelog * Tue Jun 9 2026 Lukáš Zaoral <lzaoral@redhat.com> - 1:1.4.3-5 - CVE-2026-34253 - fix arbitrary code execution via buffer underflow (rhbz#2479549)
Checked
44 minutes 1 second ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security