Fedora Security Advisories

FEDORA-2026-a8100094df Packages in this update:

• python-uv-build-0.11.9-1.fc43
• rust-astral-tokio-tar-0.6.1-1.fc43
• uv-0.11.9-1.fc43

Update description:

Update uv and python-uv-build to 0.11.9. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA-fp55-jw48-c537.

FEDORA-2026-7aacc8ea7d Packages in this update:

• python-uv-build-0.11.9-1.fc44
• rust-astral-tokio-tar-0.6.1-1.fc44
• uv-0.11.9-1.fc44

Update description:

Update uv and python-uv-build to 0.11.9. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA-fp55-jw48-c537.

FEDORA-2026-145c8d1a93 Packages in this update:

• python-uv-build-0.11.9-1.fc45
• rust-astral-tokio-tar-0.6.1-1.fc45
• uv-0.11.9-1.fc45

Update description:

Update uv and python-uv-build to 0.11.9. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA-fp55-jw48-c537.

FEDORA-2026-1273c7855d Packages in this update:

• opencryptoki-3.26.0-3.fc44

Update description:

Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following

FEDORA-2026-6c3b6ec624 Packages in this update:

• opencryptoki-3.26.0-3.fc43

Update description:

Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following

FEDORA-2026-13e696d26f Packages in this update:

• opencryptoki-3.26.0-3.fc42

Update description:

Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following

FEDORA-2026-3cfb30c1fb Packages in this update:

• nix-2.31.5-1.fc42

Update description:

• update to 2.31.5: fixes high GHSA-vh5x-56v6-4368 and moderate GHSA-gr92-w2r5-qw5p
• https://discourse.nixos.org/t/security-advisory-local-privilege-escalation-in-lix-and-nix/77407
• https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368

FEDORA-2026-d63e3968e8 Packages in this update:

• opencryptoki-3.26.0-3.fc45

Update description:

Automatic update for opencryptoki-3.26.0-3.fc45.

Changelog * Tue May 5 2026 Than Ngo <than@redhat.com> - 3.26.0-3 - Fix rhbz#2432016: CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following

FEDORA-2026-5dfbb9ed69 Packages in this update:

• nix-2.31.5-1.fc43

Update description:

• update to 2.31.5: fixes high GHSA-vh5x-56v6-4368 and moderate GHSA-gr92-w2r5-qw5p
• https://discourse.nixos.org/t/security-advisory-local-privilege-escalation-in-lix-and-nix/77407
• https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368

FEDORA-2026-d5f140eb90 Packages in this update:

• gnutls-3.8.13-1.fc43

Update description:

Update to 3.8.13, fixes, like 13 CVEs.

FEDORA-2026-668d2793e8 Packages in this update:

• gnutls-3.8.13-1.fc44

Update description:

Update to 3.8.13, fixes, like 13 CVEs.

FEDORA-2026-0f43f09cd9 Packages in this update:

• nodejs20-20.20.2-4.fc42

Update description:

Update for nodejs20

FEDORA-EPEL-2026-a9ba2c8be0 Packages in this update:

• gnuplot-6.0.4-2.el10_3

Update description:

Bump on EPEL10, fixes a security issue (rhbz#2357751)

FEDORA-2026-0f01e844c3 Packages in this update:

• SDL3_image-3.4.4-1.fc43

Update description:

Update to 3.4.4.

FEDORA-2026-992a75bea6 Packages in this update:

• SDL3_image-3.4.4-1.fc44

Update description:

Update to 3.4.4.

FEDORA-2026-2fed8dd674 Packages in this update:

• nextcloud-33.0.3-1.fc42

Update description:

33.0.3 Release

FEDORA-EPEL-2026-5039e33738 Packages in this update:

• nextcloud-33.0.3-1.el10_1

Update description:

33.0.3 Release

FEDORA-EPEL-2026-6610e2eca4 Packages in this update:

• nextcloud-33.0.3-1.el10_2

Update description:

33.0.3 Release

FEDORA-EPEL-2026-f7ea7872a6 Packages in this update:

• nextcloud-33.0.3-1.el10_3

Update description:

33.0.3 Release

FEDORA-2026-6599e30e04 Packages in this update:

• nextcloud-33.0.3-1.fc43

Update description:

33.0.3 Release