This update contains an updated mod_wrap2_sql that addresses a potential SQL injection issue when connected to from a client with a maliciously-constructed reverse DNS record (CVE-2026-44331). Note that mod_wrap2_sql is not enabled by default and the issue can only happen if UseReverseDNS is enabled, which is also off by default.
Update to 1.2.2, security fix for CVE-2026-28684.
Update to 1.2.2, security fix for CVE-2026-28684.
Update to expat-2.8.1.
Update to expat-2.8.1.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
Update to version 22.22.2
Automatic update for proftpd-1.3.9a-2.fc45.
Changelog * Mon May 11 2026 Paul Howarth <paul@city-fan.org> - 1.3.9a-2 - Additional escaping for avoidance of SQL injection issues with %{note:...} and %{env:...}; these are on top of the existing fix for CVE-2026-42167 in 1.3.9a - Fix for SQL Injection in mod_wrap2_sql via reverse DNS hostname (CVE-2026-44331, rhbz#2466899, https://github.com/proftpd/proftpd/issues/2057)Automatic update for dnsmasq-2.92rel2-9.fc45.
Changelog * Tue May 12 2026 Petr Menšík <pemensik@redhat.com> - 2.92rel2-9 - Update to 2.92rel2 (rhbz#2469245) * Mon Apr 20 2026 Petr Menšík <pemensik@redhat.com> - 2.92-8 - Fix 1 byte extra write byte in DHCP reply (rhbz#2459196) * Mon Feb 16 2026 Petr Menšík <pemensik@redhat.com> - 2.92-7 - Add optional build support for libasan * Wed Feb 11 2026 Petr Menšík <<pemensik@redhat.com>> - 2.92-6 - Do not fail hard on inotify socket or watch failure * Thu Jan 22 2026 Petr Menšík <<pemensik@redhat.com>> - 2.92-5 - Do not fail validation if signature owner name does not match (rbhz#2421820)Rebase to version 2.8.1
Rebase to version 2.8.1
MySQL 8.4.9
Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.MySQL 8.4.9
Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.MySQL 8.4.9
Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:
Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues:
Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: