epel-package-announce May 2026

epel-package-announce@lists.fedoraproject.org

1 participants
1367 discussions

[SECURITY] Fedora EPEL 9 Update: libssh2-1.11.1-6.el9
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-e7b8776a02 2026-05-31 00:48:26.884994+00:00 -------------------------------------------------------------------------------- Name : libssh2 Product : Fedora EPEL 9 Version : 1.11.1 Release : 6.el9 URL : https://www.libssh2.org/ Summary : A library implementing the SSH2 protocol Description : libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). -------------------------------------------------------------------------------- Update Information: This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings. -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2026 Paul Howarth <paul(a)city-fan.org> - 1.11.1-6 - Fix CVE-2026-7598: integer overflow via large username or password arguments (https://github.com/libssh2/libssh2/pull/1858) * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jan 20 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Jan 17 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2468329 - CVE-2026-7598 libssh2: integer overflow via large username or password arguments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2468329 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update libssh2' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 10.3 Update: libssh2-1.11.1-6.el10_3
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-afd26ad447 2026-05-31 00:36:43.226626+00:00 -------------------------------------------------------------------------------- Name : libssh2 Product : Fedora EPEL 10.3 Version : 1.11.1 Release : 6.el10_3 URL : https://www.libssh2.org/ Summary : A library implementing the SSH2 protocol Description : libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). -------------------------------------------------------------------------------- Update Information: This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings. -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2026 Paul Howarth <paul(a)city-fan.org> - 1.11.1-6 - Fix CVE-2026-7598: integer overflow via large username or password arguments (https://github.com/libssh2/libssh2/pull/1858) * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jan 20 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Jan 17 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2468329 - CVE-2026-7598 libssh2: integer overflow via large username or password arguments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2468329 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update libssh2' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora EPEL 10.3 Update: python-colcon-coveragepy-result-0.0.8-1.el10_3
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-ed4503c40c 2026-05-31 00:36:43.226644+00:00 -------------------------------------------------------------------------------- Name : python-colcon-coveragepy-result Product : Fedora EPEL 10.3 Version : 0.0.8 Release : 1.el10_3 URL : https://colcon.readthedocs.io Summary : Extension for colcon to collect coverage.py results Description : A colcon extension for collecting coverage.py results. -------------------------------------------------------------------------------- Update Information: Initial build of colcon_coveragepy_result for EPEL 10 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 29 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.8-1 - Update to 0.0.8 (rhbz#1849204) * Tue May 19 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.5-1 - Update to 0.0.5 * Mon May 11 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.3-1 - Initial package (rhbz#1834496) -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update python-colcon-coveragepy-result' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora EPEL 10.2 Update: python-colcon-coveragepy-result-0.0.8-1.el10_2
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-16e70e92d5 2026-05-31 00:25:19.808930+00:00 -------------------------------------------------------------------------------- Name : python-colcon-coveragepy-result Product : Fedora EPEL 10.2 Version : 0.0.8 Release : 1.el10_2 URL : https://colcon.readthedocs.io Summary : Extension for colcon to collect coverage.py results Description : A colcon extension for collecting coverage.py results. -------------------------------------------------------------------------------- Update Information: Initial build of colcon_coveragepy_result for EPEL 10 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 29 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.8-1 - Update to 0.0.8 (rhbz#1849204) * Tue May 19 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.5-1 - Update to 0.0.5 * Mon May 11 2020 Scott K Logan <logans(a)cottsay.net> - 0.0.3-1 - Initial package (rhbz#1834496) -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update python-colcon-coveragepy-result' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 10.2 Update: libssh2-1.11.1-6.el10_2
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-afcb3443a1 2026-05-31 00:25:19.808921+00:00 -------------------------------------------------------------------------------- Name : libssh2 Product : Fedora EPEL 10.2 Version : 1.11.1 Release : 6.el10_2 URL : https://www.libssh2.org/ Summary : A library implementing the SSH2 protocol Description : libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). -------------------------------------------------------------------------------- Update Information: This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings. -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2026 Paul Howarth <paul(a)city-fan.org> - 1.11.1-6 - Fix CVE-2026-7598: integer overflow via large username or password arguments (https://github.com/libssh2/libssh2/pull/1858) * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jan 20 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Fri Jan 17 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2468329 - CVE-2026-7598 libssh2: integer overflow via large username or password arguments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2468329 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update libssh2' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora EPEL 10.2 Update: mod_auth_mellon-0.19.1-2.el10_2
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-972d52b9ed 2026-05-31 00:25:19.808894+00:00 -------------------------------------------------------------------------------- Name : mod_auth_mellon Product : Fedora EPEL 10.2 Version : 0.19.1 Release : 2.el10_2 URL : https://github.com/latchset/mod_auth_mellon Summary : A SAML 2.0 authentication module for the Apache Httpd Server Description : The mod_auth_mellon module is an authentication service that implements the SAML 2.0 federation protocol. It grants access based on the attributes received in assertions generated by a IdP server. -------------------------------------------------------------------------------- Update Information: First EPEL 10.2 build. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Mon Dec 8 2025 Xavier Bachelot <xavier(a)bachelot.org> - 0.19.1-1 - Update to 0.19.1 - Fix bogus date in changelog - Drop support for EOL releases * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Fri Jan 17 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Thu Jul 18 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.19.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Tomas Halman <thalman(a)redhat.com> - 0.19.0-1 - Resolves: rhbz#2258342 - new version is available * Thu Jan 25 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.18.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.18.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2326534 - [RFE:EPEL10] EPEL10 branch of mod_auth_mellon https://bugzilla.redhat.com/show_bug.cgi?id=2326534 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update mod_auth_mellon' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 10.2 Update: netatalk-4.4.3-1.el10_2
by updates＠fedoraproject.org 30 May '26

30 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-cb90c89045 2026-05-31 00:25:19.808927+00:00 -------------------------------------------------------------------------------- Name : netatalk Product : Fedora EPEL 10.2 Version : 4.4.3 Release : 1.el10_2 URL : http://netatalk.sourceforge.net Summary : Open Source Apple Filing Protocol(AFP) File Server Description : Netatalk is a freely-available Open Source AFP file server. A *NIX/*BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server (AFP). In addition to the AFP file server daemon, the following utility programs are also included: * ad - AppleDouble file utility suite * afpldaptest - validate Netatalk LDAP parameters * afppasswd - RandNum UAM password management * afpstats - inquire AFP server usage stats * asip-status - inquire AFP server capabilities * dbd - CNID database maintenance * macusers - list connected AFP server users -------------------------------------------------------------------------------- Update Information: 4.4.3 release -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 7 2026 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:4.4.3-1 - 4.4.3 release - See the github release page for list of many CVEs fixed * Sat Feb 7 2026 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:4.4.1-1 - 4.4.1 release * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 5:4.2.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 5:4.2.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sat Jul 5 2025 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:4.2.4-1 - 4.2.4 release - add RunTimeDirectory to relevant service files, fixes RHBZ#2376521 * Mon Apr 28 2025 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:4.2.2-1 - 4.2.2 release - replace cmark with pandoc. Alows building of htmldocs. * Sat Apr 19 2025 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:4.2.1-1 - 4.2.1 release - disable doc subpackage due to missing cmark-gfm dependency for htmldocs - update with-lockfile-path fixes RHBZ#2360947 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459261 - netatalk-4.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2459261 [ 2 ] Bug #2480439 - CVE-2026-44057 netatalk: Netatalk: Information disclosure via crafted Spotlight RPC requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480439 [ 3 ] Bug #2480440 - CVE-2026-44057 netatalk: Netatalk: Information disclosure via crafted Spotlight RPC requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480440 [ 4 ] Bug #2480449 - CVE-2026-44049 netatalk: Netatalk: Arbitrary code execution via out-of-bounds write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480449 [ 5 ] Bug #2480450 - CVE-2026-44049 netatalk: Netatalk: Arbitrary code execution via out-of-bounds write [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480450 [ 6 ] Bug #2480467 - CVE-2026-44069 netatalk: Netatalk: Integer underflow vulnerability in volxlate function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480467 [ 7 ] Bug #2480470 - CVE-2026-44052 netatalk: Netatalk: Information Disclosure via ldap simple-bind password exposure in logs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480470 [ 8 ] Bug #2480471 - CVE-2026-44052 netatalk: Netatalk: Information Disclosure via ldap simple-bind password exposure in logs [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480471 [ 9 ] Bug #2480472 - CVE-2026-44054 netatalk: Netatalk: Denial of Service via predictable session token [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480472 [ 10 ] Bug #2480473 - CVE-2026-44054 netatalk: Netatalk: Denial of Service via predictable session token [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480473 [ 11 ] Bug #2480478 - CVE-2026-44062 netatalk: Netatalk: Arbitrary code execution or denial of service due to missing bounds check [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480478 [ 12 ] Bug #2480479 - CVE-2026-44062 netatalk: Netatalk: Arbitrary code execution or denial of service due to missing bounds check [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480479 [ 13 ] Bug #2480483 - CVE-2026-44068 netatalk: Netatalk: Arbitrary file access via path traversal [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480483 [ 14 ] Bug #2480486 - CVE-2026-44076 netatalk: Netatalk: Arbitrary Code Execution via shell injection in volume path [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480486 [ 15 ] Bug #2480487 - CVE-2026-44076 netatalk: Netatalk: Arbitrary Code Execution via shell injection in volume path [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480487 [ 16 ] Bug #2480488 - CVE-2026-44060 netatalk: Netatalk: Denial of Service via integer underflow [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480488 [ 17 ] Bug #2480489 - CVE-2026-44060 netatalk: Netatalk: Denial of Service via integer underflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480489 [ 18 ] Bug #2480490 - CVE-2026-44055 netatalk: Netatalk: Arbitrary code execution via shell injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480490 [ 19 ] Bug #2480491 - CVE-2026-44055 netatalk: Netatalk: Arbitrary code execution via shell injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480491 [ 20 ] Bug #2480496 - CVE-2026-44050 netatalk: Netatalk: Arbitrary code execution via heap buffer overflow in cnid daemon [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480496 [ 21 ] Bug #2480497 - CVE-2026-44050 netatalk: Netatalk: Arbitrary code execution via heap buffer overflow in cnid daemon [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480497 [ 22 ] Bug #2480501 - CVE-2026-44047 netatalk: Netatalk: Arbitrary code execution and data compromise via SQL injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480501 [ 23 ] Bug #2480502 - CVE-2026-44047 netatalk: Netatalk: Arbitrary code execution and data compromise via SQL injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480502 [ 24 ] Bug #2480624 - CVE-2026-44048 netatalk: stack buffer overflow via UCS-2 type confusion in convert_charset() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480624 [ 25 ] Bug #2480625 - CVE-2026-44048 netatalk: stack buffer overflow via UCS-2 type confusion in convert_charset() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480625 [ 26 ] Bug #2480626 - CVE-2026-44066 netatalk: heap out-of-bounds reads in Spotlight RPC unmarshalling [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480626 [ 27 ] Bug #2480627 - CVE-2026-44066 netatalk: heap out-of-bounds reads in Spotlight RPC unmarshalling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480627 [ 28 ] Bug #2480628 - CVE-2026-44064 netatalk: ASP session ID out-of-bounds access [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480628 [ 29 ] Bug #2480629 - CVE-2026-44064 netatalk: ASP session ID out-of-bounds access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480629 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update netatalk' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 8 Update: xrdp-0.10.6-2.el8
by updates＠fedoraproject.org 29 May '26

29 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-cf191f562d 2026-05-30 00:56:30.883327+00:00 -------------------------------------------------------------------------------- Name : xrdp Product : Fedora EPEL 8 Version : 0.10.6 Release : 2.el8 URL : http://www.xrdp.org/ Summary : Open source remote desktop protocol (RDP) server Description : xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. -------------------------------------------------------------------------------- Update Information: Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc. -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2026 Bojan Smojver <bojan(a)rexursive.com> - 1:0.10.6-2 - close TCP port in default Xvnc config, Unix domain socket only -------------------------------------------------------------------------------- References: [ 1 ] Bug #2480423 - no authentication required to connect to Xvnc https://bugzilla.redhat.com/show_bug.cgi?id=2480423 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update xrdp' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 8 Update: perl-Sereal-Decoder-4.018-2.el8
by updates＠fedoraproject.org 29 May '26

29 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-9c8dc0ea44 2026-05-30 00:56:30.883307+00:00 -------------------------------------------------------------------------------- Name : perl-Sereal-Decoder Product : Fedora EPEL 8 Version : 4.018 Release : 2.el8 URL : https://metacpan.org/release/Sereal-Decoder Summary : Perl deserialization for Sereal format Description : This library implements a deserializer for an efficient, compact-output, and feature-rich binary protocol called Sereal. -------------------------------------------------------------------------------- Update Information: This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer. -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2026 Paul Howarth <paul(a)city-fan.org> - 4.018-2 - Make sure that COPY tags cannot be used to read past end of buffer (ported from upstream commit 303a2c69) -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update perl-Sereal-Decoder' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora EPEL 9 Update: perl-Sereal-Decoder-4.018-2.el9
by updates＠fedoraproject.org 29 May '26

29 May '26

-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2026-78a69d7632 2026-05-30 00:47:09.187562+00:00 -------------------------------------------------------------------------------- Name : perl-Sereal-Decoder Product : Fedora EPEL 9 Version : 4.018 Release : 2.el9 URL : https://metacpan.org/release/Sereal-Decoder Summary : Perl deserialization for Sereal format Description : This library implements a deserializer for an efficient, compact-output, and feature-rich binary protocol called Sereal. -------------------------------------------------------------------------------- Update Information: This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer. -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2026 Paul Howarth <paul(a)city-fan.org> - 4.018-2 - Make sure that COPY tags cannot be used to read past end of buffer (ported from upstream commit 303a2c69) -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update perl-Sereal-Decoder' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

epel-package-announce May 2026