Aggregator

It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code.

It was discovered that libvirt parsed user-provided XML files before performing ACL checks. An attacker could possibly use this issue to cause libvirt to consume memory, resulting in a denial of service. (CVE-2025-12748) It was discovered that libvirt incorrectly handled permissions on external inactive snapshots. A local attacker could possibly use this issue to obtain sensitive guest contents. (CVE-2025-13193)

Version:6.18.4 (stable) Released:2026-01-08 Source:linux-6.18.4.tar.xz PGP Signature:linux-6.18.4.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.4

Version:6.12.64 (longterm) Released:2026-01-08 Source:linux-6.12.64.tar.xz PGP Signature:linux-6.12.64.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.64

FEDORA-EPEL-2026-2f73131e02 Packages in this update:

• chromium-143.0.7499.192-1.el10_1

Update description:

Update to 143.0.7499.192

* High CVE-2026-0628: Insufficient policy enforcement in WebView tag * Enable control flow integrity support for x86_64/aarch64 * Enable build for epel10.1

FEDORA-2026-540f5a89d1 Packages in this update:

• chromium-143.0.7499.192-1.fc42

Update description:

Update to 143.0.7499.192

* High CVE-2026-0628: Insufficient policy enforcement in WebView tag * Enable control flow integrity support for x86_64/aarch64 * Enable build for epel10.1

FEDORA-EPEL-2026-7101d35773 Packages in this update:

• chromium-143.0.7499.192-1.el10_2

Update description:

Update to 143.0.7499.192

* High CVE-2026-0628: Insufficient policy enforcement in WebView tag * Enable control flow integrity support for x86_64/aarch64 * Enable build for epel10.1

FEDORA-EPEL-2026-1e6d3d4287 Packages in this update:

• chromium-143.0.7499.192-1.el9

Update description:

Update to 143.0.7499.192

* High CVE-2026-0628: Insufficient policy enforcement in WebView tag * Enable control flow integrity support for x86_64/aarch64 * Enable build for epel10.1

FEDORA-2026-66162d01ae Packages in this update:

• chromium-143.0.7499.192-1.fc43

Update description:

Update to 143.0.7499.192

* High CVE-2026-0628: Insufficient policy enforcement in WebView tag * Enable control flow integrity support for x86_64/aarch64 * Enable build for epel10.1

Version:next-20260108 (linux-next) Released:2026-01-08

FEDORA-2026-724d1b1044 Packages in this update:

• python-urllib3-2.6.3-1.fc43

Update description: 2.6.3 (2026-01-07)

• Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. GHSA-38jv-5279-wg99, CVE-2026-21441
• Started treating Retry-After times greater than 6 hours as 6 hours by default.

FEDORA-2026-2c35952b90 Packages in this update:

• python3.12-3.12.12-2.fc43

Update description:

• Security fix for CVE-2025-12084
• Require at least the same expat version as used during the build time

FEDORA-2026-8e0e785a72 Packages in this update:

• python3.12-3.12.12-2.fc42

Update description:

• Security fix for CVE-2025-12084
• Require at least the same expat version as used during the build time

Ivan Fratric discovered that Libxslt was vulnerable to type confusion when performing XML transformations. An attacker could possibly use this issue to cause Libxslt to crash or corrupt memory, causing a denial of service or undefined behavior.

FEDORA-EPEL-2026-aff50f711b Packages in this update:

• foomuuri-0.31-1.el10_1

Update description:

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858.

• CVE-2025-67603: Add PolicyKit authorization to D-Bus methods.
• CVE-2025-67858: Verify interface input parameter on D-Bus methods.
• Security hardening:
• Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook.
• Change umask to 022 when using --fork to fork as a background daemon process.
• More strict IP address verify for iplist entries.

FEDORA-EPEL-2026-b90feb26b8 Packages in this update:

• foomuuri-0.31-1.el10_2

Update description:

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858.

• CVE-2025-67603: Add PolicyKit authorization to D-Bus methods.
• CVE-2025-67858: Verify interface input parameter on D-Bus methods.
• Security hardening:
• Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook.
• Change umask to 022 when using --fork to fork as a background daemon process.
• More strict IP address verify for iplist entries.

FEDORA-2026-429edf2dcf Packages in this update:

• foomuuri-0.31-1.fc43

Update description:

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858.

• CVE-2025-67603: Add PolicyKit authorization to D-Bus methods.
• CVE-2025-67858: Verify interface input parameter on D-Bus methods.
• Security hardening:
• Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook.
• Change umask to 022 when using --fork to fork as a background daemon process.
• More strict IP address verify for iplist entries.

FEDORA-EPEL-2026-8919df6bce Packages in this update:

• foomuuri-0.31-1.el9

Update description:

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858.

• CVE-2025-67603: Add PolicyKit authorization to D-Bus methods.
• CVE-2025-67858: Verify interface input parameter on D-Bus methods.
• Security hardening:
• Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook.
• Change umask to 022 when using --fork to fork as a background daemon process.
• More strict IP address verify for iplist entries.

FEDORA-2026-63f333201f Packages in this update:

• foomuuri-0.31-1.fc42

Update description:

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858.

• CVE-2025-67603: Add PolicyKit authorization to D-Bus methods.
• CVE-2025-67858: Verify interface input parameter on D-Bus methods.
• Security hardening:
• Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook.
• Change umask to 022 when using --fork to fork as a background daemon process.
• More strict IP address verify for iplist entries.