4 days 4 hours ago
It was discovered that libssh2 incorrectly handled the sftp_symlink()
function. A malicious SSH server or machine-in-the-middle attacker could
possibly use this issue to obtain sensitive information or cause a denial
of service. (CVE-2025-15661)
It was discovered that libssh2 had a pre-authentication denial of service
vulnerability in the SSH_MSG_EXT_INFO handler. A malicious SSH server could
possibly use this issue to cause a client CPU exhaustion loop, resulting in
a denial of service. (CVE-2026-55199)
It was discovered that libssh2 incorrectly handled packet length fields. A
remote attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-55200)
4 days 5 hours ago
It was discovered that libyang incorrectly handled certain metadata list
pointers. An attacker could use this issue to cause libyang to crash,
resulting in a denial of service, or possibly execute arbitrary code.
4 days 5 hours ago
It was discovered that GD.pm incorrectly handled filename arguments. An
attacker could possibly use this issue to execute arbitrary commands or
overwrite files.
4 days 5 hours ago
It was discovered that HPLIP incorrectly handled certain print data. An
attacker could possibly use this issue to cause HPLIP to execute arbitrary
code. (CVE-2026-8631)
It was discovered that HPLIP incorrectly handled certain inputs. A local
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-8632)
4 days 6 hours ago
FEDORA-2026-5ebb12f543
Packages in this update:
Update description:
Update to 0.3.6; this includes an update to PyO3 0.29, which fixes RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
4 days 8 hours ago
It was discovered that Roundcube Webmail was prone to a Cross-Site-Scripting
(XSS) vulnerability via the animate tag in an SVG document. An attacker
could use this issue to execute arbitrary web script in the context of an
affected user's session.
4 days 9 hours ago
FEDORA-2026-d7dfd8e9ba
Packages in this update:
- golang-github-openprinting-ipp-usb-0.9.34-1.fc43
Update description:
0.9.34 - security fixes for CVE-2026-27145
4 days 10 hours ago
FEDORA-2026-93da8dcc2c
Packages in this update:
- python-rpds-py-0.29.0-4.fc44
Update description:
Update to PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
4 days 12 hours ago
4 days 20 hours ago
FEDORA-2026-5b642da12e
Packages in this update:
Update description:
Update to 4.2.2
4 days 21 hours ago
FEDORA-EPEL-2026-a087e5a86b
Packages in this update:
- python-cramjam-2.11.0-8.el10_3
Update description:
Update to PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
4 days 21 hours ago
FEDORA-2026-75b3256794
Packages in this update:
- python-pillow-jxl-plugin-1.3.7-2.fc43
Update description:
Update to 1.3.7, and update PyO3 to 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
4 days 22 hours ago
FEDORA-2026-97d351d54e
Packages in this update:
Update description:
Update to 1.6.0
4 days 22 hours ago
FEDORA-2026-6f573784e6
Packages in this update:
Update description:
Update to 1.6.0
4 days 22 hours ago
FEDORA-EPEL-2026-6e8fb57b18
Packages in this update:
- betterleaks-1.6.0-1.el10_3
Update description:
Update to 1.6.0
4 days 22 hours ago
FEDORA-EPEL-2026-85e4f2d067
Packages in this update:
- betterleaks-1.6.0-1.el10_2
Update description:
Update to 1.6.0
4 days 22 hours ago
FEDORA-EPEL-2026-1719298063
Packages in this update:
Update description:
Update to 1.6.0
4 days 22 hours ago
FEDORA-2026-23d0f010f8
Packages in this update:
- transmission-4.1.2-3.fc44
Update description:
Fix qt icon
4 days 22 hours ago
Haruto Kimura discovered that NSS had incorrecty handled parsing PKCS#11
URI escape sequences. An attacker could possibly use this issue to cause
NSS to crash, resulting in a denial of service, or obtain sensitive
information.
4 days 23 hours ago
It was discovered that SQLite incorrectly handled certain memory operations
in the FTS5 full-text search extension. An attacker could use this issue to
cause SQLite to crash, resulting in a denial of service, or possibly
execute arbitrary code.