Aggregator

FEDORA-2026-d8b527c6c7 Packages in this update:

• moby-engine-29.6.0-1.fc45

Update description:

Automatic update for moby-engine-29.6.0-1.fc45.

Changelog * Fri Jun 19 2026 Bradley G Smith <bradley.g.smith@gmail.com> - 29.6.0-1 - Update to release v29.6.0 - Resolves: rhbz#2490590 - Resolves CVE-2026-39828: rhbz#2489945 - Resolves CVE-2026-39829: rhbz#2490099 - Resolves CVE-2026-39830: rhbz#2490466 - Upstream fixes and enhancements

FEDORA-2026-041785a779 Packages in this update:

• dotnet8.0-8.0.128-1.fc44

Update description:

Update to .NET SDK 8.0.128 and Runtime 8.0.28

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.28/8.0.128.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.28/8.0.28.md

FEDORA-2026-2f80369c73 Packages in this update:

• dotnet8.0-8.0.128-1.fc43

Update description:

Update to .NET SDK 8.0.128 and Runtime 8.0.28

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.28/8.0.128.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.28/8.0.28.md

FEDORA-2026-45b342f7c1 Packages in this update:

• krita-5.2.16-2.fc43

Update description:

Fix CVE-2026-42144: integer overflow

FEDORA-EPEL-2026-292c6a1293 Packages in this update:

• krita-6.0.2.1-1.el10_2

Update description:

• Update to 6.0.2.1
• Fix CVE-2026-42144

FEDORA-EPEL-2026-d9623fd1ca Packages in this update:

• krita-6.0.2.1-1.el10_3

Update description:

• Update to 6.0.2.1
• Fix CVE-2026-42144

FEDORA-2026-3bb1c72ffd Packages in this update:

• krita-6.0.2.1-1.fc44

Update description:

• Update to 6.0.2.1
• Fix CVE-2026-42144

FEDORA-2026-0dce096c13 Packages in this update:

• dotnet9.0-9.0.118-1.fc44

Update description:

Update to .NET SDK 9.0.118 and Runtime 9.0.17

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.17/9.0.118.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.17/9.0.17.md

FEDORA-2026-2954cd11bd Packages in this update:

• dotnet9.0-9.0.118-1.fc43

Update description:

Update to .NET SDK 9.0.118 and Runtime 9.0.17

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.17/9.0.118.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.17/9.0.17.md

FEDORA-2026-dec081126f Packages in this update:

• dotnet10.0-10.0.109-1.fc44

Update description:

Update to .NET SDK 10.0.109 and Runtime 10.0.9

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/10.0/10.0.9/10.0.109.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/10.0/10.0.9/10.0.9.md

FEDORA-2026-a424c1061e Packages in this update:

• dotnet10.0-10.0.109-1.fc43

Update description:

Update to .NET SDK 10.0.109 and Runtime 10.0.9

Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/10.0/10.0.9/10.0.109.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/10.0/10.0.9/10.0.9.md

Version:next-20260619 (linux-next) Released:2026-06-19

FEDORA-EPEL-2026-0c2688537b Packages in this update:

• chromium-149.0.7827.155-1.el9

Update description:

Update to 149.0.7827.155

• CVE-2026-12437: Use after free in WebShare
• CVE-2026-12438: Inappropriate implementation in WebView
• CVE-2026-12439: Use after free in Digital Credentials
• CVE-2026-12440: Use after free in DigitalCredentials
• CVE-2026-12441: Use after free in File Input
• CVE-2026-12442: Use after free in Passwords
• CVE-2026-12443: Use after free in Web Authentication
• CVE-2026-12444: Out of bounds read in Chromoting
• CVE-2026-12445: Use after free in Extensions
• CVE-2026-12446: Insufficient data validation in Passwords
• CVE-2026-12447: Heap buffer overflow in WebRTC
• CVE-2026-12448: Inappropriate implementation in WebView
• CVE-2026-12449: Use after free in Chromoting
• CVE-2026-12450: Inappropriate implementation in Media
• CVE-2026-12451: Use after free in DigitalCredentials
• CVE-2026-12452: Use after free in Downloads
• CVE-2026-12453: Insufficient validation of untrusted input in Input
• CVE-2026-12454: Race in Safe Browsing
• CVE-2026-12455: Use after free in Tab Strip
• CVE-2026-12456: Insufficient validation of untrusted input in Extensions
• CVE-2026-12457: Insufficient data validation in Extensions
• CVE-2026-12458: Incorrect security UI in Passwords
• CVE-2026-12459: Inappropriate implementation in Serial
• CVE-2026-12460: Insufficient policy enforcement in File System Access
• CVE-2026-12461: Out of bounds read in WebRTC
• CVE-2026-12462: Use after free in Media
• CVE-2026-12463: Inappropriate implementation in Views
• CVE-2026-12464: Use after free in Browser
• CVE-2026-12465: Insufficient validation of untrusted input in Metrics
• CVE-2026-12466: Heap buffer overflow in WebRTC
• CVE-2026-12467: Use after free in Extensions
• CVE-2026-12468: Inappropriate implementation in Updater
• CVE-2026-12469: Uninitialized Use in GPU

FEDORA-EPEL-2026-ad8f61e943 Packages in this update:

• chromium-149.0.7827.155-1.el10_2

Update description:

Update to 149.0.7827.155

• CVE-2026-12437: Use after free in WebShare
• CVE-2026-12438: Inappropriate implementation in WebView
• CVE-2026-12439: Use after free in Digital Credentials
• CVE-2026-12440: Use after free in DigitalCredentials
• CVE-2026-12441: Use after free in File Input
• CVE-2026-12442: Use after free in Passwords
• CVE-2026-12443: Use after free in Web Authentication
• CVE-2026-12444: Out of bounds read in Chromoting
• CVE-2026-12445: Use after free in Extensions
• CVE-2026-12446: Insufficient data validation in Passwords
• CVE-2026-12447: Heap buffer overflow in WebRTC
• CVE-2026-12448: Inappropriate implementation in WebView
• CVE-2026-12449: Use after free in Chromoting
• CVE-2026-12450: Inappropriate implementation in Media
• CVE-2026-12451: Use after free in DigitalCredentials
• CVE-2026-12452: Use after free in Downloads
• CVE-2026-12453: Insufficient validation of untrusted input in Input
• CVE-2026-12454: Race in Safe Browsing
• CVE-2026-12455: Use after free in Tab Strip
• CVE-2026-12456: Insufficient validation of untrusted input in Extensions
• CVE-2026-12457: Insufficient data validation in Extensions
• CVE-2026-12458: Incorrect security UI in Passwords
• CVE-2026-12459: Inappropriate implementation in Serial
• CVE-2026-12460: Insufficient policy enforcement in File System Access
• CVE-2026-12461: Out of bounds read in WebRTC
• CVE-2026-12462: Use after free in Media
• CVE-2026-12463: Inappropriate implementation in Views
• CVE-2026-12464: Use after free in Browser
• CVE-2026-12465: Insufficient validation of untrusted input in Metrics
• CVE-2026-12466: Heap buffer overflow in WebRTC
• CVE-2026-12467: Use after free in Extensions
• CVE-2026-12468: Inappropriate implementation in Updater
• CVE-2026-12469: Uninitialized Use in GPU

FEDORA-EPEL-2026-e97f88e82c Packages in this update:

• chromium-149.0.7827.155-1.el10_3

Update description:

Update to 149.0.7827.155

• CVE-2026-12437: Use after free in WebShare
• CVE-2026-12438: Inappropriate implementation in WebView
• CVE-2026-12439: Use after free in Digital Credentials
• CVE-2026-12440: Use after free in DigitalCredentials
• CVE-2026-12441: Use after free in File Input
• CVE-2026-12442: Use after free in Passwords
• CVE-2026-12443: Use after free in Web Authentication
• CVE-2026-12444: Out of bounds read in Chromoting
• CVE-2026-12445: Use after free in Extensions
• CVE-2026-12446: Insufficient data validation in Passwords
• CVE-2026-12447: Heap buffer overflow in WebRTC
• CVE-2026-12448: Inappropriate implementation in WebView
• CVE-2026-12449: Use after free in Chromoting
• CVE-2026-12450: Inappropriate implementation in Media
• CVE-2026-12451: Use after free in DigitalCredentials
• CVE-2026-12452: Use after free in Downloads
• CVE-2026-12453: Insufficient validation of untrusted input in Input
• CVE-2026-12454: Race in Safe Browsing
• CVE-2026-12455: Use after free in Tab Strip
• CVE-2026-12456: Insufficient validation of untrusted input in Extensions
• CVE-2026-12457: Insufficient data validation in Extensions
• CVE-2026-12458: Incorrect security UI in Passwords
• CVE-2026-12459: Inappropriate implementation in Serial
• CVE-2026-12460: Insufficient policy enforcement in File System Access
• CVE-2026-12461: Out of bounds read in WebRTC
• CVE-2026-12462: Use after free in Media
• CVE-2026-12463: Inappropriate implementation in Views
• CVE-2026-12464: Use after free in Browser
• CVE-2026-12465: Insufficient validation of untrusted input in Metrics
• CVE-2026-12466: Heap buffer overflow in WebRTC
• CVE-2026-12467: Use after free in Extensions
• CVE-2026-12468: Inappropriate implementation in Updater
• CVE-2026-12469: Uninitialized Use in GPU

FEDORA-EPEL-2026-f8b56453b1 Packages in this update:

• haveged-1.9.23-3.el8

Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-EPEL-2026-7238dbdbd4 Packages in this update:

• haveged-1.9.23-3.el10_2

Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-EPEL-2026-ef7be8379d Packages in this update:

• haveged-1.9.23-3.el10_3

Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-EPEL-2026-166b182fb8 Packages in this update:

• haveged-1.9.23-3.el9

Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

FEDORA-2026-47a467ca27 Packages in this update:

• haveged-1.9.23-3.fc43

Update description:

Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle (annocheck is a security inspection and cannot be disabled via inspections section)

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined