Fedora Security Advisories

log4cxx-1.7.0-3.el10_3

1 hour 11 minutes ago
FEDORA-EPEL-2026-ceb16b3114 Packages in this update:
  • log4cxx-1.7.0-3.el10_3
Update description:

Update to log4cxx 1.7.0.

Fixes CVE-2026-40023: XMLLayout did not escape characters forbidden by the XML 1.0 specification, which could cause conforming XML parsers to reject the produced document, silently dropping log records.

No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.

log4cxx-1.7.0-3.el9

1 hour 12 minutes ago
FEDORA-EPEL-2026-c8c6a5b628 Packages in this update:
  • log4cxx-1.7.0-3.el9
Update description:

Update to log4cxx 1.7.0.

Fixes CVE-2026-40023: XMLLayout did not escape characters forbidden by the XML 1.0 specification, which could cause conforming XML parsers to reject the produced document, silently dropping log records.

No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.

log4cxx-1.7.0-2.fc43

1 hour 25 minutes ago
FEDORA-2026-31a8569c4b Packages in this update:
  • log4cxx-1.7.0-2.fc43
Update description:

Update to log4cxx 1.7.0.

Fixes CVE-2026-40023: XMLLayout did not escape characters forbidden by the XML 1.0 specification, which could cause conforming XML parsers to reject the produced document, silently dropping log records.

No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.

hplip-3.26.4-7.fc43

2 hours 43 minutes ago
FEDORA-2026-7d23917d90 Packages in this update:
  • hplip-3.26.4-7.fc43
Update description:

fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773,

fedora#2496772)

hplip-3.26.4-7.fc44

2 hours 58 minutes ago
FEDORA-2026-d9b508b972 Packages in this update:
  • hplip-3.26.4-7.fc44
Update description:

fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773,

fedora#2496772)

hplip-3.26.4-7.fc45

3 hours 13 minutes ago
FEDORA-2026-c5b6bb47c5 Packages in this update:
  • hplip-3.26.4-7.fc45
Update description:

Automatic update for hplip-3.26.4-7.fc45.

Changelog * Fri Jul 3 2026 Zdenek Dohnal <zdohnal@redhat.com> - 3.26.4-7 - fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773, fedora#2496772)

log4cxx-1.7.0-2.fc44

4 hours 23 minutes ago
FEDORA-2026-43767b6007 Packages in this update:
  • log4cxx-1.7.0-2.fc44
Update description:

Update to log4cxx 1.7.0.

New features: fallback-ref appender attribute, Qt CMake find_package component, TelnetAppender NonBlocking option.

Bug fixes: non-ASCII JSON encoding, invalid XML 1.0 characters in XML output, crash on recursive XML config references, possible UB during configuration changes, message loss during recursive logging, ODBCAppender prepared-statement buffer lifetimes.

No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.

chromium-150.0.7871.46-1.el10_3

5 hours 26 minutes ago
FEDORA-EPEL-2026-81e775879e Packages in this update:
  • chromium-150.0.7871.46-1.el10_3
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.fc44

5 hours 26 minutes ago
FEDORA-2026-94bb57e96c Packages in this update:
  • chromium-150.0.7871.46-1.fc44
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.el9

5 hours 26 minutes ago
FEDORA-EPEL-2026-9c94d41849 Packages in this update:
  • chromium-150.0.7871.46-1.el9
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.fc43

5 hours 26 minutes ago
FEDORA-2026-88eee44bfb Packages in this update:
  • chromium-150.0.7871.46-1.fc43
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

chromium-150.0.7871.46-1.el10_2

5 hours 26 minutes ago
FEDORA-EPEL-2026-1b59d56428 Packages in this update:
  • chromium-150.0.7871.46-1.el10_2
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

opkssh-0.15.0-2.el10_2

14 hours 43 minutes ago
FEDORA-EPEL-2026-2dad2b9f74 Packages in this update:
  • opkssh-0.15.0-2.el10_2
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)
Checked
54 minutes ago