Fedora Security Advisories

util-linux-2.41.4-7.fc43

Fedora Security Advisories
5 days 19 hours ago
FEDORA-2026-840b40ef4c Packages in this update:
  • util-linux-2.41.4-7.fc43
Update description:

upstream update, fixes security-related bugs

CVE-2026-27456 - mount(8) TOCTOU symlink attack via loop device. The SUID mount follows symlinks when resolving loop backing file paths. On systems where non-root users are permitted to mount loop devices (via 'user' option in fstab), this allows access to arbitrary files.

CWE-190 - Integer overflow in libblkid parse_dos_extended(). A crafted MBR disk image can cause uint32_t wraparound in EBR chain processing, causing reported partitions to not match the on-disk layout. Tools like udisks may then register a partition at logical sector 0.

fido-device-onboard-0.5.5-8.fc44

Fedora Security Advisories
5 days 22 hours ago
FEDORA-2026-9e223ca14f Packages in this update:
  • fido-device-onboard-0.5.5-8.fc44
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc44.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31

fido-device-onboard-0.5.5-8.fc43

Fedora Security Advisories
5 days 22 hours ago
FEDORA-2026-e6237c2efe Packages in this update:
  • fido-device-onboard-0.5.5-8.fc43
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc43.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31 * Mon Feb 02 2026 Maxwell G <maxwell@gtmx.me> - 0.5.5-6 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Maxwell G <maxwell@gtmx.me> - 0.5.5-4 - Rebuild for golang 1.25.2

libpng12-1.2.57-25.fc45

Fedora Security Advisories
6 days ago
FEDORA-2026-e1669a5881 Packages in this update:
  • libpng12-1.2.57-25.fc45
Update description:

Automatic update for libpng12-1.2.57-25.fc45.

Changelog * Wed Apr 1 2026 Michal Hlavinka <mhlavink@redhat.com> - 1.2.57-25 - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (rhbz#2438670)

libpng15-1.5.30-25.fc45

Fedora Security Advisories
6 days ago
FEDORA-2026-dfa60d30bc Packages in this update:
  • libpng15-1.5.30-25.fc45
Update description:

Automatic update for libpng15-1.5.30-25.fc45.

Changelog * Wed Apr 1 2026 Michal Hlavinka <mhlavink@redhat.com> - 1.5.30-25 - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (rhbz#2438683)

libcgif-0.5.3-1.fc44

Fedora Security Advisories
6 days 2 hours ago
FEDORA-2026-7fd284c688 Packages in this update:
  • libcgif-0.5.3-1.fc44
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcgif-0.5.3-1.fc43

Fedora Security Advisories
6 days 3 hours ago
FEDORA-2026-1a9f019f60 Packages in this update:
  • libcgif-0.5.3-1.fc43
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcgif-0.5.3-1.fc42

Fedora Security Advisories
6 days 3 hours ago
FEDORA-2026-7716e480cb Packages in this update:
  • libcgif-0.5.3-1.fc42
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

libcap-2.77-3.fc44

Fedora Security Advisories
6 days 3 hours ago
FEDORA-2026-8de97987a6 Packages in this update:
  • libcap-2.77-3.fc44
Update description:

Version 0.5.3

  • Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow
Checked
33 minutes 17 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security