3 days ago
Yechan Bae discovered that sized-chunks did not properly validate array
size when constructing Chunk. An attacker could possibly use these
issues to cause out-of-bounds access, leading to memory corruption or
undefined behavior. (CVE-2020-25791, CVE-2020-25792, CVE-2020-25793)
Yechan Bae discovered that sized-chunks had a memory safety issue in the
clone implementation when a panic occurs. An attacker could possibly use
this issue to cause improper memory handling, leading to memory
corruption or a denial of service. (CVE-2020-25794)
Yechan Bae discovered that sized-chunks could create unaligned
references in the InlineArray implementation for types with strict
alignment requirements. An attacker could possibly use this issue to
cause undefined behavior, leading to memory corruption or a denial of
service. (CVE-2020-25796)
3 days ago
FEDORA-2026-ae897eb928
Packages in this update:
- chromium-146.0.7680.153-1.fc43
Update description:
Update to 146.0.7680.153
* CVE-2026-4439: Out of bounds memory access in WebGL
* CVE-2026-4440: Out of bounds read and write in WebGL
* CVE-2026-4441: Use after free in Base
* CVE-2026-4442: Heap buffer overflow in CSS
* CVE-2026-4443: Heap buffer overflow in WebAudio
* CVE-2026-4444: Stack buffer overflow in WebRTC
* CVE-2026-4445: Use after free in WebRTC
* CVE-2026-4446: Use after free in WebRTC
* CVE-2026-4447: Inappropriate implementation in V8
* CVE-2026-4448: Heap buffer overflow in ANGLE
* CVE-2026-4449: Use after free in Blink
* CVE-2026-4450: Out of bounds write in V8
* CVE-2026-4451: Insufficient validation of untrusted input in Navigation
* CVE-2026-4452: Integer overflow in ANGLE
* CVE-2026-4453: Integer overflow in Dawn
* CVE-2026-4454: Use after free in Network
* CVE-2026-4455: Heap buffer overflow in PDFium
* CVE-2026-4456: Use after free in Digital Credentials API
* CVE-2026-4457: Type Confusion in V8
* CVE-2026-4458: Use after free in Extensions
* CVE-2026-4459: Out of bounds read and write in WebAudio
* CVE-2026-4460: Out of bounds read in Skia
* CVE-2026-4461: Inappropriate implementation in V8
* CVE-2026-4462: Out of bounds read in Blink
* CVE-2026-4463: Heap buffer overflow in WebRTC
* CVE-2026-4464: Integer overflow in ANGLE
3 days ago
FEDORA-2026-920df14fb5
Packages in this update:
- chromium-146.0.7680.153-1.fc44
Update description:
Update to 146.0.7680.153
* CVE-2026-4439: Out of bounds memory access in WebGL
* CVE-2026-4440: Out of bounds read and write in WebGL
* CVE-2026-4441: Use after free in Base
* CVE-2026-4442: Heap buffer overflow in CSS
* CVE-2026-4443: Heap buffer overflow in WebAudio
* CVE-2026-4444: Stack buffer overflow in WebRTC
* CVE-2026-4445: Use after free in WebRTC
* CVE-2026-4446: Use after free in WebRTC
* CVE-2026-4447: Inappropriate implementation in V8
* CVE-2026-4448: Heap buffer overflow in ANGLE
* CVE-2026-4449: Use after free in Blink
* CVE-2026-4450: Out of bounds write in V8
* CVE-2026-4451: Insufficient validation of untrusted input in Navigation
* CVE-2026-4452: Integer overflow in ANGLE
* CVE-2026-4453: Integer overflow in Dawn
* CVE-2026-4454: Use after free in Network
* CVE-2026-4455: Heap buffer overflow in PDFium
* CVE-2026-4456: Use after free in Digital Credentials API
* CVE-2026-4457: Type Confusion in V8
* CVE-2026-4458: Use after free in Extensions
* CVE-2026-4459: Out of bounds read and write in WebAudio
* CVE-2026-4460: Out of bounds read in Skia
* CVE-2026-4461: Inappropriate implementation in V8
* CVE-2026-4462: Out of bounds read in Blink
* CVE-2026-4463: Heap buffer overflow in WebRTC
* CVE-2026-4464: Integer overflow in ANGLE
3 days ago
FEDORA-2026-3bed78d162
Packages in this update:
- chromium-146.0.7680.153-1.fc42
Update description:
Update to 146.0.7680.153
* CVE-2026-4439: Out of bounds memory access in WebGL
* CVE-2026-4440: Out of bounds read and write in WebGL
* CVE-2026-4441: Use after free in Base
* CVE-2026-4442: Heap buffer overflow in CSS
* CVE-2026-4443: Heap buffer overflow in WebAudio
* CVE-2026-4444: Stack buffer overflow in WebRTC
* CVE-2026-4445: Use after free in WebRTC
* CVE-2026-4446: Use after free in WebRTC
* CVE-2026-4447: Inappropriate implementation in V8
* CVE-2026-4448: Heap buffer overflow in ANGLE
* CVE-2026-4449: Use after free in Blink
* CVE-2026-4450: Out of bounds write in V8
* CVE-2026-4451: Insufficient validation of untrusted input in Navigation
* CVE-2026-4452: Integer overflow in ANGLE
* CVE-2026-4453: Integer overflow in Dawn
* CVE-2026-4454: Use after free in Network
* CVE-2026-4455: Heap buffer overflow in PDFium
* CVE-2026-4456: Use after free in Digital Credentials API
* CVE-2026-4457: Type Confusion in V8
* CVE-2026-4458: Use after free in Extensions
* CVE-2026-4459: Out of bounds read and write in WebAudio
* CVE-2026-4460: Out of bounds read in Skia
* CVE-2026-4461: Inappropriate implementation in V8
* CVE-2026-4462: Out of bounds read in Blink
* CVE-2026-4463: Heap buffer overflow in WebRTC
* CVE-2026-4464: Integer overflow in ANGLE
3 days ago
FEDORA-EPEL-2026-6359c6d24a
Packages in this update:
- python-scitokens-1.9.7-1.el10_1
Update description:
3 days ago
FEDORA-EPEL-2026-d766064a6e
Packages in this update:
- python-scitokens-1.9.7-1.el10_2
Update description:
3 days 1 hour ago
3 days 2 hours ago
Kazuma Matsumoto discovered that strongSwan incorrectly handled EAP-TTLS
AVPs when using the eap-ttls plugin. An attacker could possibly use this
issue to cause strongSwan to consume resources and crash, resulting in a
denial of service.
3 days 2 hours ago
FEDORA-2026-1269948465
Packages in this update:
Update description:
Automatic update for chunkah-0.3.2-1.fc43.
Changelog for chunkah
* Mon Mar 23 2026 Packit <
hello@packit.dev> - 0.3.2-1
- Update to 0.3.2 upstream release
* Fri Mar 20 2026 Packit <
hello@packit.dev> - 0.3.1-1
- Update to 0.3.1 upstream release
Automatic update for chunkah-0.3.1-1.fc43.
Changelog for chunkah
* Fri Mar 20 2026 Packit <
hello@packit.dev> - 0.3.1-1
- Update to 0.3.1 upstream release
3 days 2 hours ago
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Block device driver;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- Device frequency scaling framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- EFI core;
- Intel Stratix 10 firmware drivers;
- GPU drivers;
- HID subsystem;
- CoreSight HW tracing drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- Input Device (Tablet) drivers;
- IOMMU subsystem;
- ISDN/mISDN subsystem;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Fastrpc Driver;
- MOST (Media Oriented Systems Transport) drivers;
- MTD block device drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- Texas Instruments network drivers;
- Ethernet team driver;
- NVME drivers;
- PCI subsystem;
- PCCARD (PCMCIA/CardBus) bus subsystem;
- Performance monitor drivers;
- Pin controllers subsystem;
- x86 platform drivers;
- ARM PM domains;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- PWM drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- Texas Instruments SoC drivers;
- TCM subsystem;
- Trusted Execution Environment drivers;
- TTY drivers;
- Userspace I/O drivers;
- Cadence USB3 driver;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Mass Storage drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- Xen hypervisor drivers;
- AFS file system;
- BTRFS file system;
- Ceph distributed file system;
- File systems infrastructure;
- EFI Variable file system;
- exFAT file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- GFS2 file system;
- HFS file system;
- HFS+ file system;
- HugeTLB file system;
- JFS file system;
- KERNFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- OrangeFS file system;
- Proc file system;
- Diskquota system;
- SMB network file system;
- SquashFS file system;
- UDF file system;
- XFS file system;
- Asynchronous Transfer Mode (ATM) subsystem;
- BPF subsystem;
- Mellanox drivers;
- NFS page cache wrapper;
- Memory management;
- Memory Management;
- Media input infrastructure;
- Bluetooth subsystem;
- IP tunnels definitions;
- Network traffic control;
- Rose network layer;
- Network sockets;
- io_uring subsystem;
- Control group (cgroup);
- Kernel crash support code;
- Kernel futex primitives;
- PID allocator;
- Scheduler infrastructure;
- Syscalls implementation;
- Timer subsystem;
- Tracing infrastructure;
- 9P file system network protocol;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- Ethernet bridge;
- Ceph Core library;
- Networking core;
- Devlink API;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NFC subsystem;
- Open vSwitch;
- RF switch subsystem;
- SCTP protocol;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- VMware vSockets driver;
- Wireless networking;
- eXpress Data Path;
- XFRM subsystem;
- Integrity Measurement Architecture(IMA) framework;
- Intel ASoC drivers;
- QCOM ASoC drivers;
- USB sound devices;
(CVE-2025-21833, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106,
CVE-2025-22107, CVE-2025-22113, CVE-2025-22121, CVE-2025-22124,
CVE-2025-22125, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133,
CVE-2025-23143, CVE-2025-37860, CVE-2025-38105, CVE-2025-38502,
CVE-2025-38556, CVE-2025-38627, CVE-2025-38643, CVE-2025-38709,
CVE-2025-39678, CVE-2025-39697, CVE-2025-39805, CVE-2025-39806,
CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811,
CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817,
CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825,
CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829,
CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838,
CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843,
CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847,
CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851,
CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857,
CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864,
CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870,
CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877,
CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885,
CVE-2025-39886, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895,
CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902,
CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913,
CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923,
CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932,
CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940,
CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945,
CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950,
CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955,
CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967,
CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971,
CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978,
CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985,
CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39991,
CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996,
CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006,
CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011,
CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021,
CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029,
CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033,
CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038,
CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047,
CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052,
CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057,
CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061,
CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070,
CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079,
CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084,
CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092,
CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096,
CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103,
CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107,
CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112,
CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120,
CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125,
CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134,
CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153,
CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159,
CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167,
CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173,
CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180,
CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192,
CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198,
CVE-2025-40200, CVE-2025-40201, CVE-2025-40204, CVE-2025-40205,
CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218,
CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223,
CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235,
CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242,
CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248,
CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253,
CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259,
CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264,
CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271,
CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277,
CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281,
CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285,
CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289,
CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40301,
CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306,
CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310,
CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314,
CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319,
CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323,
CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331,
CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341,
CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346,
CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351,
CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363,
CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173,
CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179,
CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185,
CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194,
CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204,
CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217,
CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222,
CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231,
CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238,
CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246,
CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284,
CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288,
CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297,
CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305,
CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311,
CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320,
CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328,
CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340,
CVE-2025-68342, CVE-2025-68343, CVE-2025-68734)
3 days 3 hours ago
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Counter interface drivers;
- CPU frequency scaling framework;
- Intel Stratix 10 firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Tablet) drivers;
- ISDN/mISDN subsystem;
- Macintosh device drivers;
- Media drivers;
- MOST (Media Oriented Systems Transport) drivers;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- Texas Instruments network drivers;
- Ethernet team driver;
- MediaTek network drivers;
- NVME drivers;
- PA-RISC drivers;
- PCI subsystem;
- Chrome hardware platform drivers;
- x86 platform drivers;
- ARM PM domains;
- Voltage and Current Regulator drivers;
- S/390 drivers;
- SCSI subsystem;
- Texas Instruments SoC drivers;
- SPI subsystem;
- Realtek RTL8723BS SDIO drivers;
- TCM subsystem;
- Cadence USB3 driver;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Mass Storage drivers;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Watchdog drivers;
- BFS file system;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- Journaling layer for block devices (JBD2);
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- OrangeFS file system;
- Proc file system;
- SMB network file system;
- XFS file system;
- BPF subsystem;
- Ethernet bridge;
- Memory management;
- Network traffic control;
- io_uring subsystem;
- Locking primitives;
- Scheduler infrastructure;
- Shadow Call Stack mechanism;
- Tracing infrastructure;
- Bluetooth subsystem;
- CAIF protocol;
- CAN network layer;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- SCTP protocol;
- Network sockets;
- Sun RPC protocol;
- TIPC protocol;
- VMware vSockets driver;
- Wireless networking;
- Rust bindings mechanism;
- Integrity Measurement Architecture(IMA) framework;
- Key management;
- Simplified Mandatory Access Control Kernel framework;
- FireWire sound drivers;
- Turtle Beach Wavefront ALSA driver;
- STMicroelectronics SoC drivers;
- USB sound devices;
(CVE-2022-49465, CVE-2024-36903, CVE-2024-36927, CVE-2024-37354,
CVE-2024-41014, CVE-2024-46830, CVE-2024-47666, CVE-2024-49968,
CVE-2025-22022, CVE-2025-22111, CVE-2025-22121, CVE-2025-38022,
CVE-2025-38129, CVE-2025-38556, CVE-2025-40040, CVE-2025-40083,
CVE-2025-40110, CVE-2025-40211, CVE-2025-40248, CVE-2025-40252,
CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258,
CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263,
CVE-2025-40264, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272,
CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278,
CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282,
CVE-2025-40283, CVE-2025-40304, CVE-2025-40306, CVE-2025-40308,
CVE-2025-40309, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314,
CVE-2025-40315, CVE-2025-40317, CVE-2025-40319, CVE-2025-40321,
CVE-2025-40322, CVE-2025-40324, CVE-2025-40331, CVE-2025-40342,
CVE-2025-40343, CVE-2025-40345, CVE-2025-40360, CVE-2025-40363,
CVE-2025-68168, CVE-2025-68176, CVE-2025-68177, CVE-2025-68185,
CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68200,
CVE-2025-68204, CVE-2025-68217, CVE-2025-68220, CVE-2025-68227,
CVE-2025-68229, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244,
CVE-2025-68245, CVE-2025-68254, CVE-2025-68255, CVE-2025-68257,
CVE-2025-68258, CVE-2025-68261, CVE-2025-68264, CVE-2025-68266,
CVE-2025-68282, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286,
CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290,
CVE-2025-68295, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303,
CVE-2025-68308, CVE-2025-68312, CVE-2025-68321, CVE-2025-68325,
CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331,
CVE-2025-68332, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337,
CVE-2025-68339, CVE-2025-68344, CVE-2025-68346, CVE-2025-68349,
CVE-2025-68354, CVE-2025-68362, CVE-2025-68364, CVE-2025-68366,
CVE-2025-68367, CVE-2025-68372, CVE-2025-68724, CVE-2025-68727,
CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68734,
CVE-2025-68740, CVE-2025-68746, CVE-2025-68757, CVE-2025-68758,
CVE-2025-68759, CVE-2025-68764, CVE-2025-68765, CVE-2025-68767,
CVE-2025-68769, CVE-2025-68771, CVE-2025-68774, CVE-2025-68776,
CVE-2025-68777, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783,
CVE-2025-68785, CVE-2025-68787, CVE-2025-68788, CVE-2025-68795,
CVE-2025-68796, CVE-2025-68797, CVE-2025-68799, CVE-2025-68800,
CVE-2025-68801, CVE-2025-68803, CVE-2025-68804, CVE-2025-68808,
CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816,
CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821,
CVE-2025-71064, CVE-2025-71066, CVE-2025-71068, CVE-2025-71069,
CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079,
CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084,
CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71091,
CVE-2025-71093, CVE-2025-71094, CVE-2025-71096, CVE-2025-71097,
CVE-2025-71098, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105,
CVE-2025-71108, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113,
CVE-2025-71114, CVE-2025-71116, CVE-2025-71118, CVE-2025-71120,
CVE-2025-71121, CVE-2025-71125, CVE-2025-71127, CVE-2025-71131,
CVE-2025-71132, CVE-2025-71133, CVE-2025-71136, CVE-2025-71137,
CVE-2025-71147, CVE-2025-71154, CVE-2025-71180, CVE-2025-71182,
CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23047)
3 days 3 hours ago
FEDORA-EPEL-2026-82eb23fb67
Packages in this update:
- cpp-httplib-0.38.0-1.el10_3
Update description:
Update to 0.38.0 (rhbz#2447261)
- Filename sanitization for path traversal prevention — Added sanitize_filename() to prevent path traversal attacks via malicious filenames in multipart uploads (83e98a2)
-
Symlink protection in static file server — Static file serving now detects and rejects symlinks that point outside the mount directory, preventing symlink-based directory traversal (f787f31)
-
Brotli compression support — Added Brotli (br) as a supported content encoding alongside gzip and deflate (ec1ffbc)
- Accept-Encoding quality parameter parsing — The server now parses q= quality values in the Accept-Encoding header and selects the best encoding accordingly (bb7c7ab)
- SSL proxy connection support — SSLClient can now establish connections through HTTPS proxies, with a new setup_proxy_connection method for cleaner proxy handling (f6ed5fc, b1bb2b7)
-
WebSocket ping interval runtime configuration — WebSocket ping interval can now be configured at runtime instead of only at compile time (257b266)
-
Benchmark test suite — Added benchmark tests and configurations for performance evaluation (ba0d0b8)
- Unicode path component decoding tests — Added test coverage for Unicode characters in decode_path_component (43a54a3)
-
Documentation updates — Enhanced TLS backend documentation with platform-specific certificate handling details; clarified progress callback usage and user data handling in examples (511e3ef, 2e61fd3)
-
Fix port conflict in test — Fixed port number in OpenStreamMalformedContentLength test to avoid conflicts (4978f26)
-
Removed large data tests for GzipDecompressor and SSLClientServerTest that caused memory issues (5ecba74, 69d468f)
- Enabled BindDualStack test (69d468f)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.38.0
- Fixes silent TLS certificate verification bypass on HTTPS Redirect via
proxy (CVE-2026-32627, rhbz#2448105)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.37.2
3 days 3 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Counter interface drivers;
- CPU frequency scaling framework;
- Intel Stratix 10 firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Tablet) drivers;
- ISDN/mISDN subsystem;
- Macintosh device drivers;
- Media drivers;
- MOST (Media Oriented Systems Transport) drivers;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- Texas Instruments network drivers;
- Ethernet team driver;
- MediaTek network drivers;
- NVME drivers;
- PA-RISC drivers;
- PCI subsystem;
- Chrome hardware platform drivers;
- x86 platform drivers;
- ARM PM domains;
- Voltage and Current Regulator drivers;
- S/390 drivers;
- SCSI subsystem;
- Texas Instruments SoC drivers;
- SPI subsystem;
- Realtek RTL8723BS SDIO drivers;
- TCM subsystem;
- Cadence USB3 driver;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- Renesas USBHS Controller drivers;
- USB Mass Storage drivers;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Watchdog drivers;
- BFS file system;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- Journaling layer for block devices (JBD2);
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- OrangeFS file system;
- Proc file system;
- SMB network file system;
- XFS file system;
- BPF subsystem;
- Ethernet bridge;
- Memory management;
- Network traffic control;
- io_uring subsystem;
- Locking primitives;
- Scheduler infrastructure;
- Shadow Call Stack mechanism;
- Tracing infrastructure;
- Bluetooth subsystem;
- CAIF protocol;
- CAN network layer;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- SCTP protocol;
- Network sockets;
- Sun RPC protocol;
- TIPC protocol;
- VMware vSockets driver;
- Wireless networking;
- Rust bindings mechanism;
- Integrity Measurement Architecture(IMA) framework;
- Key management;
- Simplified Mandatory Access Control Kernel framework;
- FireWire sound drivers;
- Turtle Beach Wavefront ALSA driver;
- STMicroelectronics SoC drivers;
- USB sound devices;
(CVE-2022-49465, CVE-2024-36903, CVE-2024-36927, CVE-2024-37354,
CVE-2024-41014, CVE-2024-46830, CVE-2024-47666, CVE-2024-49968,
CVE-2025-22022, CVE-2025-22111, CVE-2025-22121, CVE-2025-38022,
CVE-2025-38129, CVE-2025-38556, CVE-2025-40040, CVE-2025-40083,
CVE-2025-40110, CVE-2025-40211, CVE-2025-40248, CVE-2025-40252,
CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258,
CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263,
CVE-2025-40264, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272,
CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278,
CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282,
CVE-2025-40283, CVE-2025-40304, CVE-2025-40306, CVE-2025-40308,
CVE-2025-40309, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314,
CVE-2025-40315, CVE-2025-40317, CVE-2025-40319, CVE-2025-40321,
CVE-2025-40322, CVE-2025-40324, CVE-2025-40331, CVE-2025-40342,
CVE-2025-40343, CVE-2025-40345, CVE-2025-40360, CVE-2025-40363,
CVE-2025-68168, CVE-2025-68176, CVE-2025-68177, CVE-2025-68185,
CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68200,
CVE-2025-68204, CVE-2025-68217, CVE-2025-68220, CVE-2025-68227,
CVE-2025-68229, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244,
CVE-2025-68245, CVE-2025-68254, CVE-2025-68255, CVE-2025-68257,
CVE-2025-68258, CVE-2025-68261, CVE-2025-68264, CVE-2025-68266,
CVE-2025-68282, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286,
CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290,
CVE-2025-68295, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303,
CVE-2025-68308, CVE-2025-68312, CVE-2025-68321, CVE-2025-68325,
CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331,
CVE-2025-68332, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337,
CVE-2025-68339, CVE-2025-68344, CVE-2025-68346, CVE-2025-68349,
CVE-2025-68354, CVE-2025-68362, CVE-2025-68364, CVE-2025-68366,
CVE-2025-68367, CVE-2025-68372, CVE-2025-68724, CVE-2025-68727,
CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68734,
CVE-2025-68740, CVE-2025-68746, CVE-2025-68757, CVE-2025-68758,
CVE-2025-68759, CVE-2025-68764, CVE-2025-68765, CVE-2025-68767,
CVE-2025-68769, CVE-2025-68771, CVE-2025-68774, CVE-2025-68776,
CVE-2025-68777, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783,
CVE-2025-68785, CVE-2025-68787, CVE-2025-68788, CVE-2025-68795,
CVE-2025-68796, CVE-2025-68797, CVE-2025-68799, CVE-2025-68800,
CVE-2025-68801, CVE-2025-68803, CVE-2025-68804, CVE-2025-68808,
CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816,
CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821,
CVE-2025-71064, CVE-2025-71066, CVE-2025-71068, CVE-2025-71069,
CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079,
CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084,
CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71091,
CVE-2025-71093, CVE-2025-71094, CVE-2025-71096, CVE-2025-71097,
CVE-2025-71098, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105,
CVE-2025-71108, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113,
CVE-2025-71114, CVE-2025-71116, CVE-2025-71118, CVE-2025-71120,
CVE-2025-71121, CVE-2025-71125, CVE-2025-71127, CVE-2025-71131,
CVE-2025-71132, CVE-2025-71133, CVE-2025-71136, CVE-2025-71137,
CVE-2025-71147, CVE-2025-71154, CVE-2025-71180, CVE-2025-71182,
CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23047)
3 days 3 hours ago
3 days 3 hours ago
It was discovered that pyOpenSSL incorrectly handled exceptions in the
tlsext_servername callback. This could result in connections being
accepted after an exception, contrary to expectations. (CVE-2026-27448)
It was discovered that pyOpenSSL incorrectly handled the DTLS cookie
generation callback. If a callback provided cookie values greater than 256
bytes, an attacker could use this issue to cause pyOpenSSL to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-27459)
3 days 3 hours ago
It was discovered that the GVfs FTP backend incorrectly handled IP
addresses and ports returned by passive mode responses. A malicious remote
server could possibly use this issue to help scan for open ports.
(CVE-2026-28295)
It was discovered that the GVfs FTP backend incorrectly handled crafted
file paths. A remote attacker could use this issue to terminate or inject
arbitrary FTP commands, or possibly execute arbitrary code.
(CVE-2026-28296)
3 days 5 hours ago
FEDORA-2026-e76feaf213
Packages in this update:
- cpp-httplib-0.38.0-1.fc43
Update description:
Update to 0.38.0 (rhbz#2447261)
- Filename sanitization for path traversal prevention — Added sanitize_filename() to prevent path traversal attacks via malicious filenames in multipart uploads (83e98a2)
-
Symlink protection in static file server — Static file serving now detects and rejects symlinks that point outside the mount directory, preventing symlink-based directory traversal (f787f31)
-
Brotli compression support — Added Brotli (br) as a supported content encoding alongside gzip and deflate (ec1ffbc)
- Accept-Encoding quality parameter parsing — The server now parses q= quality values in the Accept-Encoding header and selects the best encoding accordingly (bb7c7ab)
- SSL proxy connection support — SSLClient can now establish connections through HTTPS proxies, with a new setup_proxy_connection method for cleaner proxy handling (f6ed5fc, b1bb2b7)
-
WebSocket ping interval runtime configuration — WebSocket ping interval can now be configured at runtime instead of only at compile time (257b266)
-
Benchmark test suite — Added benchmark tests and configurations for performance evaluation (ba0d0b8)
- Unicode path component decoding tests — Added test coverage for Unicode characters in decode_path_component (43a54a3)
-
Documentation updates — Enhanced TLS backend documentation with platform-specific certificate handling details; clarified progress callback usage and user data handling in examples (511e3ef, 2e61fd3)
-
Fix port conflict in test — Fixed port number in OpenStreamMalformedContentLength test to avoid conflicts (4978f26)
-
Removed large data tests for GzipDecompressor and SSLClientServerTest that caused memory issues (5ecba74, 69d468f)
- Enabled BindDualStack test (69d468f)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.38.0
- Fixes silent TLS certificate verification bypass on HTTPS Redirect via
proxy (CVE-2026-32627, rhbz#2448105)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.37.2
3 days 5 hours ago
It was discovered that LibTIFF did not properly handle memory when
processing certain images. An attacker could possibly use this issue to
cause LibTIFF to crash, resulting in a denial of service. (CVE-2025-61143)
It was discovered that LibTIFF did not properly handle memory when
processing malformed TIFF directories. An attacker could possibly use this
issue to cause LibTIFF to crash, resulting in a denial of service.
(CVE-2025-61144)
3 days 6 hours ago
FEDORA-2026-03599f0b32
Packages in this update:
- cpp-httplib-0.38.0-1.fc44
Update description:
Update to 0.38.0 (rhbz#2447261)
- Filename sanitization for path traversal prevention — Added sanitize_filename() to prevent path traversal attacks via malicious filenames in multipart uploads (83e98a2)
-
Symlink protection in static file server — Static file serving now detects and rejects symlinks that point outside the mount directory, preventing symlink-based directory traversal (f787f31)
-
Brotli compression support — Added Brotli (br) as a supported content encoding alongside gzip and deflate (ec1ffbc)
- Accept-Encoding quality parameter parsing — The server now parses q= quality values in the Accept-Encoding header and selects the best encoding accordingly (bb7c7ab)
- SSL proxy connection support — SSLClient can now establish connections through HTTPS proxies, with a new setup_proxy_connection method for cleaner proxy handling (f6ed5fc, b1bb2b7)
-
WebSocket ping interval runtime configuration — WebSocket ping interval can now be configured at runtime instead of only at compile time (257b266)
-
Benchmark test suite — Added benchmark tests and configurations for performance evaluation (ba0d0b8)
- Unicode path component decoding tests — Added test coverage for Unicode characters in decode_path_component (43a54a3)
-
Documentation updates — Enhanced TLS backend documentation with platform-specific certificate handling details; clarified progress callback usage and user data handling in examples (511e3ef, 2e61fd3)
-
Fix port conflict in test — Fixed port number in OpenStreamMalformedContentLength test to avoid conflicts (4978f26)
-
Removed large data tests for GzipDecompressor and SSLClientServerTest that caused memory issues (5ecba74, 69d468f)
- Enabled BindDualStack test (69d468f)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.38.0
- Fixes silent TLS certificate verification bypass on HTTPS Redirect via
proxy (CVE-2026-32627, rhbz#2448105)
Source: https://github.com/yhirose/cpp-httplib/releases/tag/v0.37.2
3 days 7 hours ago
FEDORA-2026-dbf8b26cfb
Packages in this update:
- perl-XML-Parser-2.51-1.fc42
Update description:
2.51 bump - Fix CVE-2006-10002, CVE-2006-10003
