5 days 1 hour ago
FEDORA-2026-5d9b0e2c17
Packages in this update:
Update description:
Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation
Backport fix for CVE-2026-41054: privilege escalation via command socket
5 days 1 hour ago
FEDORA-2026-8fa79f47e1
Packages in this update:
Update description:
Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation
Backport fix for CVE-2026-41054: privilege escalation via command socket
5 days 2 hours ago
Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API
TKEY negotiation. A remote attacker could possibly use this issue to cause
Bind to use excessive resources, leading to a denial of service.
(CVE-2026-3039)
Shuhan Zhang discovered that Bind incorrectly handled self-pointed glue
records. A remote attacker could possibly use this issue to use Bind in
denial of service amplification attacks against other systems.
(CVE-2026-3592)
Naresh Kandula Parmar discovered that Bind incorrectly handled memory in
the DNS-over-HTTPS implementation. A remote attacker could possibly use
this issue to cause Bind to crash, resulting in a denial of service, or
execute arbitrary code. This issue only affected Ubuntu 25.10 and Ubuntu
26.04 LTS. (CVE-2026-3593)
It was discovered that Bind incorrectly handled DNS messages whose class
was not IN. A remote attacker could possibly use this issue to cause Bind
to crash, resulting in a denial of service. (CVE-2026-5946)
Naoki Wakamatsu discovered that Bind incorrectly handled SIG(0) validation
during a query flood. A remote attacker could possibly use this issue to
cause Bind to crash, resulting in a denial of service. This issue only
affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-5947)
Billy Baraja discovered that Bind had an unbounded resend loop in the
resolver. A remote attacker could possibly use this issue to cause Bind to
use excessive resources, leading to a denial of service. (CVE-2026-5950)
5 days 3 hours ago
FEDORA-2026-66bba52149
Packages in this update:
Update description:
The 7.0.9-105/205 stable kernel updates contain a couple if important security fixes.
5 days 3 hours ago
FEDORA-2026-94731f4ace
Packages in this update:
Update description:
The 7.0.9-105/205 stable kernel updates contain a couple if important security fixes.
5 days 3 hours ago
FEDORA-2026-b626e83a45
Packages in this update:
- bind-9.18.49-1.fc43
- bind-dyndb-ldap-11.11-13.fc43
Update description:
Update to 9.18.49 (rhbz#2480121)
Security Fixes:
Feature Changes:
- Fix CPU spikes and slow queries when cache approaches memory limit.
Bug Fixes:
- Fix named crash when processing SIG records in dynamic updates.
- Fix rndc modzone behavior for a zone in named.conf.
- Fix zone verification of NSEC3 signed zones.
- Prevent a crash when using both dns64 and filter-aaaa.
- Fixed an assertion failure when processing catalog zones.
- Prevent malicious DNSSEC zones from exhausting validator CPU.
- Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits.
- Prevent crafted queries from degrading RRL performance.
- Fix a bug in allow-query/allow-transfer catalog zone custom properties.
- Fix a memory leak issue in catalog zones.
- Fix suppressed missing-glue check in named-checkzone.
- Reject record sets too large to serve in DNS.
Source: https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for-bind-9-18-49
5 days 3 hours ago
FEDORA-2026-411248c8d9
Packages in this update:
- bind-9.18.49-1.fc44
- bind-dyndb-ldap-11.11-15.fc44
Update description:
Update to 9.18.49 (rhbz#2480121)
Security Fixes:
Feature Changes:
- Fix CPU spikes and slow queries when cache approaches memory limit.
Bug Fixes:
- Fix named crash when processing SIG records in dynamic updates.
- Fix rndc modzone behavior for a zone in named.conf.
- Fix zone verification of NSEC3 signed zones.
- Prevent a crash when using both dns64 and filter-aaaa.
- Fixed an assertion failure when processing catalog zones.
- Prevent malicious DNSSEC zones from exhausting validator CPU.
- Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits.
- Prevent crafted queries from degrading RRL performance.
- Fix a bug in allow-query/allow-transfer catalog zone custom properties.
- Fix a memory leak issue in catalog zones.
- Fix suppressed missing-glue check in named-checkzone.
- Reject record sets too large to serve in DNS.
Source: https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for-bind-9-18-49
5 days 5 hours ago
5 days 5 hours ago
5 days 5 hours ago
5 days 5 hours ago
5 days 5 hours ago
FEDORA-EPEL-2026-78a69d7632
Packages in this update:
- perl-Sereal-Decoder-4.018-2.el9
Update description:
This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer.
5 days 5 hours ago
FEDORA-EPEL-2026-9c8dc0ea44
Packages in this update:
- perl-Sereal-Decoder-4.018-2.el8
Update description:
This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer.
5 days 6 hours ago
FEDORA-EPEL-2026-daf86178f8
Packages in this update:
- perl-Sereal-5.006-1.el10_3
- perl-Sereal-Decoder-5.006-1.el10_3
- perl-Sereal-Encoder-5.006-1.el10_3
Update description:
This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer.
5 days 6 hours ago
It was discovered that libarchive incorrectly handled certain RAR
archives. An attacker could possibly use this issue to cause an
out-of-bounds read via a crafted RAR archive, leading to sensitive
memory disclosure. (CVE-2026-4424)
It was discovered that libarchive incorrectly handled certain ISO files.
An attacker could possibly use this issue to cause incorrect memory
allocation via a crafted ISO file, leading to a denial of service.
(CVE-2026-4426)
It was discovered that libarchive incorrectly handled block pointer
allocation in zisofs on 32-bit systems. An attacker could possibly use
this issue to cause a heap buffer overflow via a crafted ISO9660 image,
possibly leading to arbitrary code execution. (CVE-2026-5121)
5 days 7 hours ago
FEDORA-2026-d275a6eaac
Packages in this update:
- docker-compose-5.1.4-1.fc42
Update description:
- Update to release v5.1.4
- Resolves: rhbz#2480186
- Upstream fixes
- Update to release v5.1.3
- Resolves rhbz#2458697
- Resolves CVE-2026-33747: rhbz#2452188, rhbz#2452199
- Resolves CVE-2026-33748: rhbz#2453089
- Upstream fixes
5 days 7 hours ago
FEDORA-2026-e3757dab23
Packages in this update:
Update description:
switch to GTK4 for GVim
Fix CVE-2026-46483
5 days 8 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
- Netfilter;
- io_uring subsystem;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351)
5 days 9 hours ago
Version:next-20260521 (linux-next)
Released:2026-05-21
5 days 9 hours ago
It was discovered that Path-to-Regexp incorrectly handled route patterns
containing multiple named parameters separated by non-delimiter characters
such as hyphens. An attacker could possibly use this issue to cause a denial
of service via catastrophic backtracking in the generated regular expressions.
