Aggregator
DSA-6106-1 inetutils - security update
mingw-python-urllib3-2.6.3-1.fc43
FEDORA-2026-8b7270b473
Packages in this update:
- mingw-python-urllib3-2.6.3-1.fc43
Update to 2.6.3, fixes CVE-2025-66471, CVE-2025-21441, CVE-2025-66418.
mingw-python-urllib3-2.6.3-1.fc42
FEDORA-2026-2b6dfd7c83
Packages in this update:
- mingw-python-urllib3-2.6.3-1.fc42
Update to 2.6.3, fixes CVE-2025-66471, CVE-2025-21441, CVE-2025-66418.
USN-7972-1: OpenCC vulnerability
It was discovered that OpenCC incorrectly handled truncated UTF-8 input.
An attacker could possibly use this issue to cause OpenCC to crash,
resulting in a denial of service.
next-20260121: linux-next
Version:next-20260121 (linux-next)
Released:2026-01-21
USN-7971-1: GLib vulnerability
It was discovered that GLib incorrectly handled the buffered input stream
API. An attacker could use this issue to cause GLib to crash, resulting in
a denial of service, or possibly execute arbitrary code.
ghostscript-10.05.1-6.fc42
FEDORA-2026-d7cbd53e55
Packages in this update:
- ghostscript-10.05.1-6.fc42
security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546)
ghostscript-10.05.1-6.fc43
FEDORA-2026-c60e345359
Packages in this update:
- ghostscript-10.05.1-6.fc43
security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546)
USN-7970-1: iperf3 vulnerabilities
Jorge Sancho Larraz discovered that iperf3 did not properly manage certain
inputs, which could cause the server process to stop responding, waiting
for input on the control connection. A remote attacker could possibly use
this issue to cause a denial of service. This issue was only addressed in
Ubuntu 22.04 LTS. (CVE-2023-7250)
It was discovered that iperf3 had a timing side-channel when performing RSA
decryption. An attacker could possibly use this issue to recover sensitive
information. This issue was only addressed in Ubuntu 20.04 LTS and Ubuntu
22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-26306)
It was discovered that iperf3 incorrectly handled certain inputs. An
attacker could possibly use this issue to cause a denial of service. This
issue was only addressed in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu
24.04 LTS. (CVE-2024-53580)
Han Lee discovered that iperf3 had an off-by-one heap overflow. An attacker
could possibly use this issue to crash the program or execute arbitrary
code. This issue was only addressed in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-54349)
Han Lee discovered that iperf3 did not properly manage certain inputs. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2025-54350)
DSA-6105-1 modsecurity-crs - security update
next-20260120: linux-next
Version:next-20260120 (linux-next)
Released:2026-01-20
python-tinycss2-1.5.1-1.fc43 weasyprint-68.0-1.fc43
FEDORA-2026-f59e87ad88
Packages in this update:
- python-tinycss2-1.5.1-1.fc43
- weasyprint-68.0-1.fc43
update to new upstream version including a fix for CVE-2025-68616
freerdp-3.21.0-1.fc42
FEDORA-2026-943caf40d9
Packages in this update:
- freerdp-3.21.0-1.fc42
Update to 3.21.0
freerdp-3.21.0-1.fc43
FEDORA-2026-23d669bf94
Packages in this update:
- freerdp-3.21.0-1.fc43
Update to 3.21.0
curl-8.11.1-7.fc42
FEDORA-2026-3f0f0f85be
Packages in this update:
- curl-8.11.1-7.fc42
- fix broken TLS options for threaded LDAPS (CVE-2025-14017)
curl-8.15.0-5.fc43
FEDORA-2026-e27b23af78
Packages in this update:
- curl-8.15.0-5.fc43
- fix broken TLS options for threaded LDAPS (CVE-2025-14017)
perl-HarfBuzz-Shaper-0.033-1.fc42
FEDORA-2026-2a6cbb84d6
Packages in this update:
- perl-HarfBuzz-Shaper-0.033-1.fc42
Upgrade to upstream. Eliminates distributing harfbuzz sources.
Upgrade to upstream 0.032.
perl-HarfBuzz-Shaper-0.033-2.fc43
FEDORA-2026-2b5249b4b6
Packages in this update:
- perl-HarfBuzz-Shaper-0.033-2.fc43
Merge branch 'rawhide' into f43
Upgrade to upstream 0.032 to fix CVE-2026-22693.