Aggregator

tar-1.35-8.fc44

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-0895af5ebe Packages in this update:
  • tar-1.35-8.fc44
Update description:

Automatic update for tar-1.35-8.fc44.

Changelog * Wed Jan 21 2026 Pavel Cahyna <pcahyna@redhat.com> - 2:1.35-8 - Backport upstream fix for savannah bug 65838, commit 1e6ce98e (fedora#2427654) - added "padding with zeros" info message (#2089298) - do not report disk error as file shrank (#2089316) - upstream fix for savannah bug 64581, commit 51142180 (crash with TAR_OPTIONS) (fedora#2389217) - Backport fix for regression in the --no-overwrite-dir option Upstream commit 4e742fc8674064a9fa00d4483d06aca48d5b0463, discussed in https://www.mail-archive.com/bug-tar@gnu.org/msg06445.html - Backport upstream changes to jailify extraction directory Includes related gnulib changes to add openat2 Fixes CVE-2025-45582 (fedora#2380007)

USN-7973-1: cJSON vulnerabilities

Ubuntu Security Advisories
1 week 4 days ago
It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26819) It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parse_object. An attacker could possibly use this issue to expose sensitive information or crash the program. (CVE-2023-53154) It was discovered that cJSON incorrectly validated array indices in JSON pointers, which could result in an out-of-bounds memory access. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-57052)

bind-9.18.44-1.fc42 bind-dyndb-ldap-11.11-9.fc42

Fedora Security Advisories
1 week 4 days ago
FEDORA-2026-34c921d252 Packages in this update:
  • bind-9.18.44-1.fc42
  • bind-dyndb-ldap-11.11-9.fc42
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind-9.18.44-1.fc43 bind-dyndb-ldap-11.11-10.fc43

Fedora Security Advisories
1 week 4 days ago
FEDORA-2026-567ff6c687 Packages in this update:
  • bind-9.18.44-1.fc43
  • bind-dyndb-ldap-11.11-10.fc43
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind9-next-9.21.17-1.fc43

Fedora Security Advisories
1 week 4 days ago
FEDORA-2026-b31c8d8e83 Packages in this update:
  • bind9-next-9.21.17-1.fc43
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17