Aggregator

hplip-3.26.4-7.fc45

1 day 22 hours ago
FEDORA-2026-c5b6bb47c5 Packages in this update:
  • hplip-3.26.4-7.fc45
Update description:

Automatic update for hplip-3.26.4-7.fc45.

Changelog * Fri Jul 3 2026 Zdenek Dohnal <zdohnal@redhat.com> - 3.26.4-7 - fix CVE-2026-14544 - incomplete fix after CVE-2026-8631 (fedora#2496773, fedora#2496772)

log4cxx-1.7.0-2.fc44

1 day 23 hours ago
FEDORA-2026-43767b6007 Packages in this update:
  • log4cxx-1.7.0-2.fc44
Update description:

Update to log4cxx 1.7.0.

New features: fallback-ref appender attribute, Qt CMake find_package component, TelnetAppender NonBlocking option.

Bug fixes: non-ASCII JSON encoding, invalid XML 1.0 characters in XML output, crash on recursive XML config references, possible UB during configuration changes, message loss during recursive logging, ODBCAppender prepared-statement buffer lifetimes.

No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.

chromium-150.0.7871.46-1.el9

2 days ago
FEDORA-EPEL-2026-9c94d41849 Packages in this update:
  • chromium-150.0.7871.46-1.el9
Update description:

chromium-150.0.7871.46 security release includes 433 security fixes, CVE-2026-13774 - CVE-2026-14432

USN-8503-1: ncurses vulnerability

2 days 9 hours ago
It was discovered that ncurses incorrectly handled certain terminfo entries in the infocmp tool. An attacker could possibly use this issue to cause a denial of service via a crafted terminfo file. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

opkssh-0.15.0-2.el10_2

2 days 10 hours ago
FEDORA-EPEL-2026-2dad2b9f74 Packages in this update:
  • opkssh-0.15.0-2.el10_2
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.el10_3

2 days 10 hours ago
FEDORA-EPEL-2026-229e7ad5a2 Packages in this update:
  • opkssh-0.15.0-2.el10_3
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.fc44

2 days 10 hours ago
FEDORA-2026-a7570524a7 Packages in this update:
  • opkssh-0.15.0-2.fc44
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)

opkssh-0.15.0-2.fc43

2 days 10 hours ago
FEDORA-2026-387cf555e7 Packages in this update:
  • opkssh-0.15.0-2.fc43
Update description:

Update to opkssh 0.15.0.

This release fixes several CVEs in bundled/vendored dependencies:

  • CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
  • CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
  • CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
  • CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package)