package-announce January 2026

package-announce@lists.fedoraproject.org

1 participants
3134 discussions

[SECURITY] Fedora 43 Update: bind9-next-9.21.17-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b31c8d8e83 2026-01-31 17:26:56.329411+00:00 -------------------------------------------------------------------------------- Name : bind9-next Product : Fedora 43 Version : 9.21.17 Release : 1.fc43 URL : https://www.isc.org/downloads/bind/ Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. -------------------------------------------------------------------------------- Update Information: Update to 9.21.17 (rhbz#2415843) Security Fixes: Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878) New Features: Add support for Extended DNS Error 9 (Missing DNSKEY). Add support for Extended DNS Error 13 (Cached Error). Add support for Generalized DNS Notifications. Features Changes: Add more information to the rndc recursing output about fetches. Enforce bounds of multiple configuration options. Bug Fixes: Fix inbound IXFR performance regression. Make DNSSEC key rollovers more robust. Fix a catalog zone issue, where member zones could fail to load. Fix slow speed when signing a large delegation zone with NSEC3 opt-out. Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid. Fix a possible catalog zone issue during reconfiguration. Fix the charts in the statistics channel. https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-f… bind-9-21-17 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.17-1 - Update to 9.21.17 (rhbz#2415843) * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.16-2 - Fix build for RHEL, disable JEMALLOC there * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.16-1 - Update to 9.21.16 (rhbz#2415843) * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.15-2 - Use dns-root-data package for hints source * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.15-1 - Update to 9.21.15 (rhbz#2415843) * Thu Jan 22 2026 Petr Menšík <pemensik(a)redhat.com> - 32:9.21.14-3 - Fix running SYSTEMTEST during build -------------------------------------------------------------------------------- References: [ 1 ] Bug #2415843 - bind9-next-9.21.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=2415843 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b31c8d8e83' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: python-pyscf-2.12.0-2.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e0cdd36810 2026-01-31 17:26:56.329409+00:00 -------------------------------------------------------------------------------- Name : python-pyscf Product : Fedora 43 Version : 2.12.0 Release : 2.fc43 URL : https://github.com/pyscf/pyscf/ Summary : Python module for quantum chemistry Description : Python‐based simulations of chemistry framework (PySCF) is a general‐purpose electronic structure platform designed from the ground up to emphasize code simplicity, so as to facilitate new method development and enable flexible computational workflows. The package provides a wide range of tools to support simulations of finite‐size systems, extended systems with periodic boundary conditions, low‐dimensional periodic systems, and custom Hamiltonians, using mean‐field and post‐mean‐field methods with standard Gaussian basis functions. To ensure ease of extensibility, PySCF uses the Python language to implement almost all of its features, while computationally critical paths are implemented with heavily optimized C routines. Using this combined Python/C implementation, the package is as efficient as the best existing C or Fortran‐based quantum chemistry programs. -------------------------------------------------------------------------------- Update Information: Fixed the internal dependence issue. Update to 2.12.0, see full changelog at https://github.com/pyscf/pyscf/releases -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 2.12.0-2 - Filter out dependency on internal library. * Wed Jan 21 2026 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 2.12.0-1 - Update to 2.12.0. * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.11.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Oct 22 2025 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 2.11.0-1 - Update to 2.11.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2361234 - python-pyscf-2.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2361234 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e0cdd36810' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: xtide-2.16-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-bc6e6dab8a 2026-01-31 17:26:56.329406+00:00 -------------------------------------------------------------------------------- Name : xtide Product : Fedora 43 Version : 2.16 Release : 1.fc43 URL : http://www.flaterco.com/xtide/ Summary : Calculate tide all over the world Description : XTide is a package that provides tide and current predictions in a wide variety of formats. Graphs, text listings, and calendars can be generated, or a tide clock can be provided on your desktop. XTide can work with X-windows, plain text terminals, or the web. This is accomplished with three separate programs: the interactive interface (xtide), the non-interactive or command line interface (tide), and the web interface. The algorithm that XTide uses to predict tides is the one used by the National Ocean Service in the U.S. It is significantly more accurate than the simple tide clocks that can be bought in novelty stores. However, it takes more to predict tides accurately than just a spiffy algorithm -- you also need some special data for each and every location for which you want to predict tides. XTide reads this data from harmonics files. See http://www.flaterco.com/xtide/files.html for details on where to get these NOTE: Please also see README.fedora in xtide-common package for Fedora specific issue. -------------------------------------------------------------------------------- Update Information: xtide 2.16 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.16-1 - 2.16 * Thu Jan 22 2026 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.15.6-6 - Use Xaw3d - Use system libdstr correctly * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.15.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Jan 14 2026 Jitka Plesnikova <jplesnik(a)redhat.com> - 2.15.6-4 - Rebuild for new gpsd -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bc6e6dab8a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: yamllint-1.38.0-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-49a6c5e4f6 2026-01-31 17:26:56.329403+00:00 -------------------------------------------------------------------------------- Name : yamllint Product : Fedora 43 Version : 1.38.0 Release : 1.fc43 URL : https://github.com/adrienverge/yamllint Summary : A linter for YAML files Description : A linter for YAML files. yamllint does not only check for syntax validity, but for weirdnesses like key repetition and cosmetic problems such as lines length, trailing spaces, indentation, etc. -------------------------------------------------------------------------------- Update Information: Update to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 13 2026 Adrien Vergé - 1.38.0-1 - Update to latest upstream version -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-49a6c5e4f6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: libdstr-1.1-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

1 0

Fedora 43 Update: swayimg-4.7-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e7535075ca 2026-01-31 17:26:56.329398+00:00 -------------------------------------------------------------------------------- Name : swayimg Product : Fedora 43 Version : 4.7 Release : 1.fc43 URL : https://github.com/artemsen/swayimg Summary : Lightweight image viewer for Wayland display servers Description : Swayimg is a lightweight image viewer for Wayland display servers. -------------------------------------------------------------------------------- Update Information: Update to 4.7 (#2430102) -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Aleksei Bavshin <alebastr(a)fedoraproject.org> - 4.7-1 - Update to 4.7 (#2430102) * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2430102 - swayimg-4.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2430102 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e7535075ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 43 Update: nodejs20-20.20.0-2.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f601b2f60a 2026-01-31 17:26:56.329401+00:00 -------------------------------------------------------------------------------- Name : nodejs20 Product : Fedora 43 Version : 20.20.0 Release : 2.fc43 URL : http://nodejs.org/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.} -------------------------------------------------------------------------------- Update Information: Update to version 20.20.0 Update to version 20.19.6 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 19 2026 Jan Staněk <jstanek(a)redhat.com> - 1:20.20.0-2 - Diverge from rawhide * Tue Jan 13 2026 tjuhasz <tjuhasz(a)redhat.com> - 1:20.20.0-1 - Update to version 20.20.0 (rhbz#2428957) * Mon Dec 1 2025 tjuhasz <tjuhasz(a)redhat.com> - 1:20.19.6-1 - Update to version 20.19.6 (rhbz#2417008) * Wed Nov 12 2025 tjuhasz <tjuhasz(a)redhat.com> - 1:20.19.5-3 - Rebuild for nodejs-packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #2421307 - CVE-2025-62408 nodejs20: c-ares: Denial of Service due to query termination after maximum attempts [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2421307 [ 2 ] Bug #2430298 - CVE-2026-22036 nodejs20: Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2430298 [ 3 ] Bug #2431454 - CVE-2025-55132 nodejs20: Nodejs filesystem permissions bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431454 [ 4 ] Bug #2431461 - CVE-2026-21637 nodejs20: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431461 [ 5 ] Bug #2431468 - CVE-2025-59466 nodejs20: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431468 [ 6 ] Bug #2431475 - CVE-2025-59464 nodejs20: Nodejs memory leak [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431475 [ 7 ] Bug #2431490 - CVE-2025-59465 nodejs20: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431490 [ 8 ] Bug #2431491 - CVE-2025-55131 nodejs20: Nodejs uninitialized memory exposure [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431491 [ 9 ] Bug #2431492 - CVE-2025-55130 nodejs20: Nodejs file permissions bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431492 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f601b2f60a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: gh-2.86.0-2.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ffb389d5a2 2026-01-31 17:26:56.329396+00:00 -------------------------------------------------------------------------------- Name : gh Product : Fedora 43 Version : 2.86.0 Release : 2.fc43 URL : https://github.com/cli/cli Summary : GitHub's official command line tool Description : A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform various actions right from the command line, eliminating the need to switch between your terminal and the GitHub website. -------------------------------------------------------------------------------- Update Information: Update to 2.86.0 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2026 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 2.86.0-2 - Fix test build * Wed Jan 21 2026 Packit <hello(a)packit.dev> - 2.86.0-1 - Update to 2.86.0 upstream release - Resolves: rhbz#2431732 * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.85.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ffb389d5a2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: ruby-build-20260121-1.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5eb830fce9 2026-01-31 17:26:56.329393+00:00 -------------------------------------------------------------------------------- Name : ruby-build Product : Fedora 43 Version : 20260121 Release : 1.fc43 URL : https://github.com/rbenv/ruby-build Summary : Compile and install Ruby Description : ruby-build is a command-line utility that makes it easy to install virtually any version of Ruby, from source. -------------------------------------------------------------------------------- Update Information: Update to 20260121 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2026 Packit <hello(a)packit.dev> - 20260121-1 - Update to 20260121 upstream release - Resolves: rhbz#2431769 * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 20260114-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5eb830fce9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 43 Update: nodejs24-24.13.0-4.fc43
by updates＠fedoraproject.org 31 Jan '26

31 Jan '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5cd409edfa 2026-01-31 17:26:56.329391+00:00 -------------------------------------------------------------------------------- Name : nodejs24 Product : Fedora 43 Version : 24.13.0 Release : 4.fc43 URL : https://nodejs.org Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. -------------------------------------------------------------------------------- Update Information: Update to version 24.13.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 19 2026 tjuhasz <tjuhasz(a)redhat.com> - 1:24.13.0-4 - Replace usage of man_info_compress to be funcional across all branches. * Mon Jan 19 2026 Andrei Radchenko <aradchen(a)redhat.com> - 1:24.13.0-3 - build: expose libplatform symbols in shared libnode * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:24.13.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Tue Jan 13 2026 tjuhasz <tjuhasz(a)redhat.com> - 1:24.13.0-1 - Update to version 24.13.0 (rhbz#2421027) * Mon Jan 12 2026 Jan Staněk <jstanek(a)redhat.com> - 1:24.11.1-3 - Run version checks only on bundled components * Tue Dec 2 2025 tjuhasz <tjuhasz(a)redhat.com> - 1:24.11.1-2 - Fix name collision of the COMPRESS variable in spec file. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2421027 - nodejs24-24.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2421027 [ 2 ] Bug #2430300 - CVE-2026-22036 nodejs24: Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2430300 [ 3 ] Bug #2431456 - CVE-2025-55132 nodejs24: Nodejs filesystem permissions bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431456 [ 4 ] Bug #2431463 - CVE-2026-21637 nodejs24: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431463 [ 5 ] Bug #2431470 - CVE-2025-59466 nodejs24: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431470 [ 6 ] Bug #2431477 - CVE-2025-59464 nodejs24: Nodejs memory leak [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431477 [ 7 ] Bug #2431496 - CVE-2025-59465 nodejs24: Nodejs denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431496 [ 8 ] Bug #2431497 - CVE-2025-55130 nodejs24: Nodejs file permissions bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431497 [ 9 ] Bug #2431498 - CVE-2025-55131 nodejs24: Nodejs uninitialized memory exposure [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431498 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5cd409edfa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

← Newer
1
...
4
5
6
7
8
9
10
...
314
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce January 2026