package-announce April 2026

package-announce@lists.fedoraproject.org

1 participants
4649 discussions

Fedora 42 Update: rust-pyo3-0.28.3-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d86d16584a 2026-04-30 01:28:38.068272+00:00 -------------------------------------------------------------------------------- Name : rust-pyo3 Product : Fedora 42 Version : 0.28.3 Release : 1.fc42 URL : https://crates.io/crates/pyo3 Summary : Bindings to Python interpreter Description : Bindings to Python interpreter. -------------------------------------------------------------------------------- Update Information: Update PyO3 to version 0.28.3 and add compat packages for version 0.27. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 18 2026 Fabio Valentini <decathorpe(a)gmail.com> - 0.28.3-1 - Update to version 0.28.3; Fixes RHBZ#2435852 * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.27.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d86d16584a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: miniupnpd-2.3.10-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2e8a8fd35b 2026-04-30 01:28:38.068264+00:00 -------------------------------------------------------------------------------- Name : miniupnpd Product : Fedora 42 Version : 2.3.10 Release : 1.fc42 URL : https://miniupnp.tuxfamily.org/ Summary : Lightweight UPnP IGD & PCP/NAT-PMP daemon Description : The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-PMP. -------------------------------------------------------------------------------- Update Information: 2026/03/24: fix missing fclose and potential double free in option file parsing 2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders() minixml.c: fix buffer read overflow 2026/02/05: Rewrite permission line parser 2025/05/26: Fix false negative filtered STUN CGNAT test result for unsupported servers #825 2025/05/24: Fix Mac OS X 10.9 build 2025/05/15: build: teststun executable 2025/04/28: pf: fix delete_pinhole for openbsd. Was broken since miniupnpd 2.3.7 2025/04/26 Fix parsing of interfaces names starting with a digit nftables: add counter for DNAT rule (ENABLE_NFT_RULE_COUNTER in config.h) nftables: improve scripts to support already existing tables -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 - Michael Cronenworth <mike(a)cchtml.com> - 2.3.10-1 - Version update * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.9-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459688 - CVE-2026-5720 miniupnpd: miniupnpd: Denial of service or information disclosure due to integer underflow in SOAPAction header parsing. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2459688 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2e8a8fd35b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: binaryen-126-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3831e11232 2026-04-30 01:28:38.068267+00:00 -------------------------------------------------------------------------------- Name : binaryen Product : Fedora 42 Version : 126 Release : 1.fc42 URL : https://github.com/WebAssembly/binaryen Summary : Compiler and toolchain infrastructure library for WebAssembly Description : Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: * Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form but also accepts a general control flow graph for compilers that prefer that. * Fast: Binaryen's internal IR uses compact data structures and is designed for completely parallel codegen and optimization, using all available CPU cores. Binaryen's IR also compiles down to WebAssembly extremely easily and quickly because it is essentially a subset of WebAssembly. * Effective: Binaryen's optimizer has many passes that can improve code very significantly (e.g. local coloring to coalesce local variables; dead code elimination; precomputing expressions when possible at compile time; etc.). These optimizations aim to make Binaryen powerful enough to be used as a compiler backend by itself. One specific area of focus is on WebAssembly-specific optimizations (that general-purpose compilers might not do), which you can think of as wasm minification , similar to minification for JavaScript, CSS, etc., all of which are language-specific (an example of such an optimization is block return value generation in SimplifyLocals). -------------------------------------------------------------------------------- Update Information: Fixes CVE-2025-14956 . -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 22 2026 Dominik Mierzejewski <dominik(a)greysector.net> - 126-1 - update to 126 (resolves rhbz#2439791) - backport upstream fix for https://github.com/WebAssembly/binaryen/issues/8360 * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 125-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 125-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Nov 26 2025 Dominik Mierzejewski <dominik(a)greysector.net> - 125-1 - update to 125 (resolves rhbz#2416026) * Sat Sep 27 2025 Dominik Mierzejewski <dominik(a)greysector.net> - 124-1 - update to 124 (resolves rhbz#2392739) * Wed Jul 23 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 123-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sun Mar 30 2025 Dominik Mierzejewski <dominik(a)greysector.net> - 123-1 - update to 123 (resolves rhbz#2354967) * Tue Mar 4 2025 Dominik Mierzejewski <dominik(a)greysector.net> - 122-2 - unbundle FP16 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2429126 - CVE-2025-14956 binaryen: heap-based buffer overflow in WasmBinaryReader::readExpression() when parsing a malformed WebAssembly binary [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2429126 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3831e11232' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: lemonldap-ng-2.22.3-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-69743812a7 2026-04-30 01:28:38.068269+00:00 -------------------------------------------------------------------------------- Name : lemonldap-ng Product : Fedora 42 Version : 2.22.3 Release : 1.fc42 URL : https://lemonldap-ng.org Summary : Web Single Sign On (SSO) and Access Management Description : LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as described below. -------------------------------------------------------------------------------- Update Information: Update to 2.22.3 https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-22-3-is-out/ -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 Clement Oudot <clement.oudot(a)worteks.com> - 2.22.3-1 - Update to 2.22.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459684 - lemonldap-ng-2.22.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2459684 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-69743812a7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 42 Update: perl-Finance-Quote-1.6900-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6bb991f2a6 2026-04-30 01:28:38.068257+00:00 -------------------------------------------------------------------------------- Name : perl-Finance-Quote Product : Fedora 42 Version : 1.6900 Release : 1.fc42 URL : https://metacpan.org/release/Finance-Quote Summary : A Perl module that retrieves stock and mutual fund quotes Description : This module retrieves stock and mutual fund quotes from various exchanges using various source. -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release, with fixes for changes in various quite sources, -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 19 2026 Paul Howarth <paul(a)city-fan.org> - 1.6900-1 - Update to 1.69 - Sinvestor.pm: Trim whitespace before parsing date and price - XETRA.pm: Trim whitespace from date-time before extracting the actual date value (GH#557) - Modified Stooq.pm to send cookies - Stooq requires European visitors to their website to accept cookies - Cookies are set using JavaScript - Current version of module hard codes these cookies gleaned from a browser session - Added CurrencyRates/TwelveData.pm * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6800-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6bb991f2a6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 42 Update: perl-XML-Catalog-1.03-33.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0780488a2a 2026-04-30 01:28:38.068259+00:00 -------------------------------------------------------------------------------- Name : perl-XML-Catalog Product : Fedora 42 Version : 1.03 Release : 33.fc42 URL : https://metacpan.org/release/XML-Catalog Summary : Resolve public identifiers and remap system identifiers Description : This module implements draft 0.4 of John Cowan's XML Catalog (formerly known as XCatalog) see (<https://www.oasis-open.org/committees/entity/specs/cs-entity-xml-catalogs-1…>) Catalogs may be written in either SOCAT or XML syntax. XML::Catalog will assume SOCAT syntax if the catalog is not in well-formed XML syntax. -------------------------------------------------------------------------------- Update Information: This release restores a compatibility with perl-XML-Parser ≥ 2.48. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 Petr Pisar <ppisar(a)redhat.com> - 1.03-33 - Adapt to changes in XML-Parser-2.48 (bug #2457783) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2457783 - perl-XML-Catalog-1.03-34.fc45 FTBFS: tests fail with perl-XML-Parser ≥ 2.51 https://bugzilla.redhat.com/show_bug.cgi?id=2457783 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0780488a2a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 42 Update: python-astropy-iers-data-0.2026.4.20.0.58.15-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7b698300ff 2026-04-30 01:28:38.068262+00:00 -------------------------------------------------------------------------------- Name : python-astropy-iers-data Product : Fedora 42 Version : 0.2026.4.20.0.58.15 Release : 1.fc42 URL : https://github.com/astropy/astropy-iers-data Summary : IERS Earth Rotation and Leap Second tables for the astropy core package Description : This package provides IERS Earth Rotation and Leap Second tables for the astropy.utils.iers package. There the following IERS data products are included: * Bulletin A (IERS_A) is updated weekly and has historical data starting from 1973 and predictive data for 1 year into the future. It contains Earth orientation parameters x/y pole, UT1-UTC and their errors at daily intervals. * Bulletin B (IERS_B) is updated monthly and has data from 1962 up to the time when it is generated. This file contains Earth’s orientation in the IERS Reference System including Universal Time, coordinates of the terrestrial pole, and celestial pole offsets. The package also provides leap second data. Note: This package is not currently meant to be used directly by users, and only meant to be used from the core Astropy package. -------------------------------------------------------------------------------- Update Information: Automatic update for python-astropy-iers-data-0.2026.4.20.0.58.15-1.fc42. Changelog for python-astropy-iers-data * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 0.2026.4.20.0.58.15-1 - Update to 0.2026.4.20.0.58.15 upstream release - Resolves: rhbz#2457724 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 0.2026.4.20.0.58.15-1 - Update to 0.2026.4.20.0.58.15 upstream release - Resolves: rhbz#2457724 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2457724 - python-astropy-iers-data-0.2026.4.20.0.58.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=2457724 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7b698300ff' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: xdg-dbus-proxy-0.1.7-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-adc66b374a 2026-04-30 01:28:38.068251+00:00 -------------------------------------------------------------------------------- Name : xdg-dbus-proxy Product : Fedora 42 Version : 0.1.7 Release : 1.fc42 URL : https://github.com/flatpak/xdg-dbus-proxy/ Summary : Filtering proxy for D-Bus connections Description : xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. -------------------------------------------------------------------------------- Update Information: Update the package, including fix for CVE-2026-34080. See also: upstream security advisory -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 14 2026 Adrian Vovk <adrianvovk(a)gmail.com> - 0.1.7-1 - Update to 0.1.7 * Wed Mar 25 2026 Jan Grulich <jgrulich(a)redhat.com> - 0.1.6-6 - Add configuration for release-monitoring * Sat Jan 17 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jul 25 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2456381 - CVE-2026-34080 xdg-dbus-proxy: xdg-dbus-proxy: Information disclosure due to policy parser vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2456381 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-adc66b374a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 42 Update: python-awscrt-0.32.1-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9b0fecb881 2026-04-30 01:28:38.068254+00:00 -------------------------------------------------------------------------------- Name : python-awscrt Product : Fedora 42 Version : 0.32.1 Release : 1.fc42 URL : https://github.com/awslabs/aws-crt-python Summary : Python bindings for the AWS Common Runtime Description : Python bindings for the AWS Common Runtime -------------------------------------------------------------------------------- Update Information: Automatic update for python-awscrt-0.32.1-1.fc42. Changelog for python-awscrt * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 0.32.1-1 - Update to 0.32.1 upstream release - Resolves: rhbz#2439666 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 0.32.1-1 - Update to 0.32.1 upstream release - Resolves: rhbz#2439666 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2439666 - python-awscrt-0.32.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439666 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9b0fecb881' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 42 Update: awscli2-2.34.29-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9b0fecb881 2026-04-30 01:28:38.068254+00:00 -------------------------------------------------------------------------------- Name : awscli2 Product : Fedora 42 Version : 2.34.29 Release : 1.fc42 URL : https://github.com/aws/aws-cli/tree/v2 Summary : Universal Command Line Environment for AWS, version 2 Description : This package provides version 2 of the unified command line interface to Amazon Web Services. -------------------------------------------------------------------------------- Update Information: Automatic update for python-awscrt-0.32.1-1.fc42. Changelog for python-awscrt * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 0.32.1-1 - Update to 0.32.1 upstream release - Resolves: rhbz#2439666 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2026 Packit <hello(a)packit.dev> - 2.34.29-1 - Update to 2.34.29 upstream release - Resolves: rhbz#2433632 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2439666 - python-awscrt-0.32.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439666 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9b0fecb881' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce April 2026