4 days 9 hours ago
FEDORA-EPEL-2026-9ce82c1a41
Packages in this update:
- chromium-147.0.7727.101-1.el9
Update description:
Update to 147.0.7727.101
- Critical CVE-2026-6296: Heap buffer overflow in ANGLE
- Critical CVE-2026-6297: Use after free in Proxy
- Critical CVE-2026-6298: Heap buffer overflow in Skia
- Critical CVE-2026-6299: Use after free in Prerender
- Critical CVE-2026-6358: Use after free in XR
- High CVE-2026-6359: Use after free in Video
- High CVE-2026-6300: Use after free in CSS
- High CVE-2026-6301: Type Confusion in Turbofan
- High CVE-2026-6302: Use after free in Video
- High CVE-2026-6303: Use after free in Codecs
- High CVE-2026-6304: Use after free in Graphite
- High CVE-2026-6305: Heap buffer overflow in PDFium
- High CVE-2026-6306: Heap buffer overflow in PDFium
- High CVE-2026-6307: Type Confusion in Turbofan
- High CVE-2026-6308: Out of bounds read in Media
- High CVE-2026-6309: Use after free in Viz
- High CVE-2026-6360: Use after free in FileSystem
- High CVE-2026-6310: Use after free in Dawn
- High CVE-2026-6311: Uninitialized Use in Accessibility
- High CVE-2026-6312: Insufficient policy enforcement in Passwords
- High CVE-2026-6313: Insufficient policy enforcement in CORS
- High CVE-2026-6314: Out of bounds write in GPU
- High CVE-2026-6315: Use after free in Permissions
- High CVE-2026-6316: Use after free in Forms
- High CVE-2026-6361: Heap buffer overflow in PDFium
- High CVE-2026-6362: Use after free in Codecs
- High CVE-2026-6317: Use after free in Cast
- Medium CVE-2026-6363: Type Confusion in V8
- Medium CVE-2026-6318: Use after free in Codecs
- Medium CVE-2026-6319: Use after free in Payments
- Medium CVE-2026-6364: Out of bounds read in Skia
4 days 9 hours ago
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo
Rizzo discovered that some AMD Zen processors did not properly verify the
signature of CPU microcode. This flaw is known as EntrySign. A privileged
attacker could possibly use this issue to cause load malicious CPU
microcode causing loss of integrity and confidentiality.
(CVE-2024-36347)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- MIPS architecture;
- PowerPC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Ublk userspace block driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- GPU drivers;
- Hardware monitoring drivers;
- Intel Trace Hub HW tracing drivers;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Mouse) drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- Ethernet team driver;
- PA-RISC drivers;
- Chrome hardware platform drivers;
- x86 platform drivers;
- SCSI subsystem;
- SPI subsystem;
- TCM subsystem;
- Freescale USB OTG Transceiver Driver;
- USB Type-C Connector System Software Interface driver;
- Watchdog drivers;
- BTRFS file system;
- exFAT file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- File systems infrastructure;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- SMB network file system;
- XFS file system;
- User-space API (UAPI);
- io_uring subsystem;
- Scheduler infrastructure;
- Shadow Call Stack mechanism;
- Tracing infrastructure;
- Memory management;
- BPF subsystem;
- CAIF protocol;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- Handshake API;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- Key management;
- Landlock security;
- STMicroelectronics SoC drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368,
CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767,
CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771,
CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775,
CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780,
CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784,
CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788,
CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794,
CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798,
CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802,
CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806,
CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810,
CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815,
CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819,
CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823,
CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067,
CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071,
CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076,
CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71081,
CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085,
CVE-2025-71086, CVE-2025-71087, CVE-2025-71089, CVE-2025-71091,
CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096,
CVE-2025-71097, CVE-2025-71098, CVE-2025-71099, CVE-2025-71100,
CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105,
CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111,
CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71115,
CVE-2025-71116, CVE-2025-71117, CVE-2025-71118, CVE-2025-71119,
CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123,
CVE-2025-71124, CVE-2025-71125, CVE-2025-71126, CVE-2025-71130,
CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135,
CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140,
CVE-2025-71143, CVE-2025-71146, CVE-2025-71147, CVE-2025-71148,
CVE-2025-71149, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153,
CVE-2025-71154, CVE-2025-71156, CVE-2025-71157, CVE-2026-23091,
CVE-2026-23209)
4 days 10 hours ago
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo
Rizzo discovered that some AMD Zen processors did not properly verify the
signature of CPU microcode. This flaw is known as EntrySign. A privileged
attacker could possibly use this issue to cause load malicious CPU
microcode causing loss of integrity and confidentiality.
(CVE-2024-36347)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- MIPS architecture;
- PowerPC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Ublk userspace block driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- GPU drivers;
- Hardware monitoring drivers;
- Intel Trace Hub HW tracing drivers;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Mouse) drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- Ethernet team driver;
- PA-RISC drivers;
- Chrome hardware platform drivers;
- x86 platform drivers;
- SCSI subsystem;
- SPI subsystem;
- TCM subsystem;
- Freescale USB OTG Transceiver Driver;
- USB Type-C Connector System Software Interface driver;
- Watchdog drivers;
- BTRFS file system;
- exFAT file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- File systems infrastructure;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- SMB network file system;
- XFS file system;
- User-space API (UAPI);
- io_uring subsystem;
- Scheduler infrastructure;
- Shadow Call Stack mechanism;
- Tracing infrastructure;
- Memory management;
- BPF subsystem;
- CAIF protocol;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- Handshake API;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- Key management;
- Landlock security;
- STMicroelectronics SoC drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368,
CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767,
CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771,
CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775,
CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780,
CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784,
CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788,
CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794,
CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798,
CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802,
CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806,
CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810,
CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815,
CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819,
CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823,
CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067,
CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071,
CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076,
CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71080,
CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084,
CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71089,
CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095,
CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71099,
CVE-2025-71100, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104,
CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109,
CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114,
CVE-2025-71115, CVE-2025-71116, CVE-2025-71117, CVE-2025-71118,
CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122,
CVE-2025-71123, CVE-2025-71124, CVE-2025-71125, CVE-2025-71126,
CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133,
CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138,
CVE-2025-71140, CVE-2025-71143, CVE-2025-71146, CVE-2025-71147,
CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151,
CVE-2025-71153, CVE-2025-71154, CVE-2025-71156, CVE-2025-71157,
CVE-2026-23091, CVE-2026-23209)
4 days 10 hours ago
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo
Rizzo discovered that some AMD Zen processors did not properly verify the
signature of CPU microcode. This flaw is known as EntrySign. A privileged
attacker could possibly use this issue to cause load malicious CPU
microcode causing loss of integrity and confidentiality.
(CVE-2024-36347)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- MIPS architecture;
- PowerPC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Ublk userspace block driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- GPU drivers;
- Hardware monitoring drivers;
- Intel Trace Hub HW tracing drivers;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Mouse) drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- Ethernet team driver;
- PA-RISC drivers;
- Chrome hardware platform drivers;
- x86 platform drivers;
- SCSI subsystem;
- SPI subsystem;
- TCM subsystem;
- Freescale USB OTG Transceiver Driver;
- USB Type-C Connector System Software Interface driver;
- Watchdog drivers;
- BTRFS file system;
- exFAT file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- File systems infrastructure;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- SMB network file system;
- XFS file system;
- User-space API (UAPI);
- io_uring subsystem;
- Scheduler infrastructure;
- Shadow Call Stack mechanism;
- Tracing infrastructure;
- Memory management;
- BPF subsystem;
- CAIF protocol;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- Handshake API;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- Network traffic control;
- Sun RPC protocol;
- Key management;
- Landlock security;
- STMicroelectronics SoC drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2025-68351, CVE-2025-68353, CVE-2025-68365, CVE-2025-68368,
CVE-2025-68725, CVE-2025-68736, CVE-2025-68745, CVE-2025-68767,
CVE-2025-68768, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771,
CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775,
CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780,
CVE-2025-68781, CVE-2025-68782, CVE-2025-68783, CVE-2025-68784,
CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788,
CVE-2025-68791, CVE-2025-68792, CVE-2025-68793, CVE-2025-68794,
CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798,
CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68802,
CVE-2025-68803, CVE-2025-68804, CVE-2025-68805, CVE-2025-68806,
CVE-2025-68807, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810,
CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815,
CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819,
CVE-2025-68820, CVE-2025-68821, CVE-2025-68822, CVE-2025-68823,
CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067,
CVE-2025-71068, CVE-2025-71069, CVE-2025-71070, CVE-2025-71071,
CVE-2025-71072, CVE-2025-71073, CVE-2025-71075, CVE-2025-71076,
CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71080,
CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084,
CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71089,
CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095,
CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71099,
CVE-2025-71100, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104,
CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109,
CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114,
CVE-2025-71115, CVE-2025-71116, CVE-2025-71117, CVE-2025-71118,
CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122,
CVE-2025-71123, CVE-2025-71124, CVE-2025-71125, CVE-2025-71126,
CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133,
CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138,
CVE-2025-71140, CVE-2025-71143, CVE-2025-71146, CVE-2025-71147,
CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151,
CVE-2025-71153, CVE-2025-71154, CVE-2025-71156, CVE-2025-71157,
CVE-2026-23091, CVE-2026-23209)
4 days 15 hours ago
4 days 15 hours ago
4 days 15 hours ago
4 days 15 hours ago
4 days 16 hours ago
FEDORA-EPEL-2026-5f723f26cd
Packages in this update:
Update description:
Update from version 0.16.1 to version 0.17.0. This update also resolves CVE-2025-47906 and CVE-2026-5160.
4 days 17 hours ago
FEDORA-2026-10cf6ce616
Packages in this update:
Update description:
Update vendored goldmark to 1.7.17 to resolve CVE-2026-5160.
4 days 17 hours ago
FEDORA-2026-bebf3b0544
Packages in this update:
Update description:
Rebuild with latest golang to resolve CVE-2025-47906.
4 days 18 hours ago
Andrew Lacambra discovered that Rack did not properly parse certain regular
expressions. An attacker could possibly use this issue to bypass network
security filters. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04
LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-26961)
William T. Nelson discovered that Rack did not handle multipart headers
correctly. An attacker could possibly use this issue to cause downstream
parsing issues or a denial of service. This issue only affected Ubuntu
25.10. (CVE-2026-26962)
It was discovered that Rack did not handle the Forwarded header correctly.
An attacker could possibly use this issue to manipulate header values. This
issue only affected Ubuntu 25.10. (CVE-2026-32762)
It was discovered that Rack could consume excessive CPU when handling
certain Accept-Encoding values. An attacker could possibly use this issue
to cause a denial of service. (CVE-2026-34230)
Haruki Oyama discovered that certain configurations of Rack could
erroneously fail to derive the displayed directory path, and expose the
full filesystem path. An attacker could possibly use this issue to disclose
deployment details such as layout and usernames. (CVE-2026-34763)
It was discovered that Rack did not properly handle static file paths. An
attacker could possibly use this issue to exfiltrate unintentionally served
data. (CVE-2026-34785)
Haruki Oyama discovered that Rack did not apply header rules to certain
requests for URL-encoded static paths. An attacker could possibly use this
issue to bypass security-relevant response headers. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04
LTS, and Ubuntu 25.10. (CVE-2026-34786)
It was discovered that Rack did not limit the number of ranges requested in
the Range header. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04
LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu
25.10. (CVE-2026-34826)
It was discovered that Rack could consume excessive CPU when parsing
certain multipart parameters. An attacker could possibly use this to cause
a denial of service. This issue only affected Ubuntu 25.10.
(CVE-2026-34827)
It was discovered that Rack could consume unbounded disk space when
handling requests without a Content-Length header. An attacker could
possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu
25.10. (CVE-2026-34829)
Mehtab Zafar discovered that Rack directly interpreted the X-Accel-Mapping
header as a regular expression without escaping. An attacker could possibly
use this issue to exfiltrate arbitrary files from internal locations. This
issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. (CVE-2026-34830)
It was discovered that Rack did not properly handle messages with Unicode.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu
25.10. (CVE-2026-34831)
It was discovered that Rack did not properly parse the Host header. An
attacker could possibly use this issue to bypass security filters or poison
generated links. This issue only affected Ubuntu 25.10. (CVE-2026-34835)
4 days 19 hours ago
FEDORA-EPEL-2026-8022001aef
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-2026-e673311164
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-EPEL-2026-63737a3630
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-2026-1c11dc3e37
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-EPEL-2026-e0c1b77ba1
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-EPEL-2026-5e71b7731b
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-2026-1adc5f1ef8
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
4 days 19 hours ago
FEDORA-EPEL-2026-84fff0d811
Packages in this update:
Update description:
Coturn 4.10.0
Performance
- Add Linux-only recvmmsg client receive path for DTLS/UDP listener
- Skip response buffer allocation for STUN indications
- Remove mutex from per-thread super_memory allocator
- Eliminate mutex and reduce copies on auth message dispatch
- Replace mutex_bps with lock-free atomics for bandwidth tracking
- Remove unused mutex from ur_map structure
- WebRTC Auth optimization path
- Improve worst case scenario - avoid memory allocation
Memory issues
- Fix null pointer dereferences in post_parse()
- Fix stack buffer overflow in OAuth token decoding
- Fix uint16_t truncation overflow in stun_get_message_len_str()
- Initialize variables before use
Security
- CVE-2026-40613 Misaligned Memory Access STUN Attribute Parser
General Improvements
- Disable reason string in response messages to reduce amplification factor
- Keep only NEV_UDP_SOCKET_PER_THREAD network engine
- Replace perror with logging
- Extend seed corpus and add more fuzzing scenarios
- Update config and Readme files about deprecated TLSv1/1.1
- Restore RFC 3489 (old STUN) backward compatibility broken since 4.7.0
- Change port identifiers to use uint16_t
- Fixes: run_tests.sh and no db
- Improve PostgreSQL.md clarity
- Add session usage reporting callback to TURN database driver
- CLI interface is disabled by default
