Fedora Security Advisories

ansible-collection-ansible-posix-2.2.1-1.fc45

4 days 21 hours ago
FEDORA-2026-4a0c61a43f Packages in this update:
  • ansible-collection-ansible-posix-2.2.1-1.fc45
Update description:

Automatic update for ansible-collection-ansible-posix-2.2.1-1.fc45.

Changelog * Wed Jul 8 2026 Maxwell G <maxwell@gtmx.me> - 2.2.1-1 - Update to 2.2.1. Fixes rhbz#2479556. - Mitigates CVE-2026-11837 (rhbz#2487430, rhbz#2487431, rhbz#2487432)

c-ares-1.34.7-1.fc43

5 days 6 hours ago
FEDORA-2026-727e84b289 Packages in this update:
  • c-ares-1.34.7-1.fc43
Update description:
  • update to 1.34.7
  • fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

c-ares-1.34.7-1.fc44

5 days 6 hours ago
FEDORA-2026-950a662010 Packages in this update:
  • c-ares-1.34.7-1.fc44
Update description:
  • update to 1.34.7
  • fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

openssh-10.2p1-12.fc44

5 days 8 hours ago
FEDORA-2026-a80275b42d Packages in this update:
  • openssh-10.2p1-12.fc44
Update description:

Improve GSS KEX algorithms documentation

  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

openssh-10.2p1-11.fc44

5 days 9 hours ago
FEDORA-2026-a2c682a975 Packages in this update:
  • openssh-10.2p1-11.fc44
Update description:
  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

openssh-10.0p1-10.fc43

5 days 9 hours ago
FEDORA-2026-95b955a09b Packages in this update:
  • openssh-10.0p1-10.fc43
Update description:
  • CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
  • CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
  • CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding

perl-Imager-1.033-1.fc43

5 days 10 hours ago
FEDORA-2026-38f958d25a Packages in this update:
  • perl-Imager-1.033-1.fc43
Update description:

1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex filters - TIFF: fix a leak from processing the TIFF warnings buffer (introduced in Imager 1.021)

perl-Imager-1.033-1.fc44

5 days 10 hours ago
FEDORA-2026-5f5efe281d Packages in this update:
  • perl-Imager-1.033-1.fc44
Update description:

1.033 - CVE-2026-14454: Fix mishandling of large EXIF IFD entry count values — treated as negative numbers, could lead to allocation failure and program exit - JPEG: depend on Imager 1.033 for the EXIF fix - Fix thread context object reference count leak in bumpmap and bumpmap_complex filters - TIFF: fix a leak from processing the TIFF warnings buffer (introduced in Imager 1.021)

xrdp-0.10.6.1-1.fc43

5 days 11 hours ago
FEDORA-2026-bd0a75766f Packages in this update:
  • xrdp-0.10.6.1-1.fc43
Update description: Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements

This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release.

If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome.

Security fixes
  • CVE-2026-41252
  • CVE-2026-41521
  • CVE-2026-44178
  • CVE-2026-42218
  • CVE-2026-44978
  • CVE-2026-54538
  • CVE-2026-55238
  • CVE-2026-55626
  • CVE-2026-55639
  • CVE-2026-55645
New features
  • None
Bug fixes
  • regression: Fix SEGV in xrdp when running over TLS (#3793)
Checked
42 minutes 29 seconds ago