package-announce April 2026

package-announce@lists.fedoraproject.org

1 participants
4649 discussions

[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-156e6bfb27 2026-04-30 01:28:38.068244+00:00 -------------------------------------------------------------------------------- Name : podman Product : Fedora 42 Version : 5.8.2 Release : 1.fc42 URL : https://podman.io/ Summary : Manage Pods, Containers and Container Images Description : podman (Pod Manager) is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=podman. Most podman commands can be run as a regular user, without requiring additional privileges. podman uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other. -------------------------------------------------------------------------------- Update Information: Automatic update for buildah-1.43.1-1.fc42, skopeo-1.22.2-1.fc42, podman-5.8.2-1.fc42. Changelog for buildah * Wed Apr 08 2026 Packit <hello(a)packit.dev> - 2:1.43.1-1 - Update to 1.43.1 upstream release Changelog for skopeo * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 1:1.22.2-1 - Update to 1.22.2 upstream release * Fri Apr 10 2026 Lokesh Mandvekar <lsm5(a)redhat.com> - 1:1.22.1-2 - TMT: fix ref in plan * Thu Apr 09 2026 Packit <hello(a)packit.dev> - 1:1.22.1-1 - Update to 1.22.1 upstream release Changelog for podman * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 5:5.8.2-1 - Update to 5.8.2 upstream release Security fix for CVE-2026-34986 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 5:5.8.2-1 - Update to 5.8.2 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455675 - CVE-2026-34986 skopeo: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455675 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-156e6bfb27' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: libexif-0.6.26-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b01307dc4d 2026-04-30 01:28:38.068248+00:00 -------------------------------------------------------------------------------- Name : libexif Product : Fedora 42 Version : 0.6.26 Release : 1.fc42 URL : https://libexif.github.io/ Summary : Library for extracting extra information from image files Description : Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. -------------------------------------------------------------------------------- Update Information: Update to 0.6.26, fixing several CVEs https://github.com/libexif/libexif/releases/tag/v0.6.26 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 0.6.26-1 - Update to 0.6.26 upstream release - Resolves: rhbz#2458177 * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.25-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.25-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2457746 - CVE-2026-40386 libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2457746 [ 2 ] Bug #2457747 - CVE-2026-40385 libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2457747 [ 3 ] Bug #2458177 - libexif-0.6.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458177 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b01307dc4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: skopeo-1.22.2-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-156e6bfb27 2026-04-30 01:28:38.068244+00:00 -------------------------------------------------------------------------------- Name : skopeo Product : Fedora 42 Version : 1.22.2 Release : 1.fc42 URL : https://github.com/containers/skopeo Summary : Inspect container images and repositories on registries Description : Command line utility to inspect images and repositories directly on Docker registries without the need to pull them. -------------------------------------------------------------------------------- Update Information: Automatic update for buildah-1.43.1-1.fc42, skopeo-1.22.2-1.fc42, podman-5.8.2-1.fc42. Changelog for buildah * Wed Apr 08 2026 Packit <hello(a)packit.dev> - 2:1.43.1-1 - Update to 1.43.1 upstream release Changelog for skopeo * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 1:1.22.2-1 - Update to 1.22.2 upstream release * Fri Apr 10 2026 Lokesh Mandvekar <lsm5(a)redhat.com> - 1:1.22.1-2 - TMT: fix ref in plan * Thu Apr 09 2026 Packit <hello(a)packit.dev> - 1:1.22.1-1 - Update to 1.22.1 upstream release Changelog for podman * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 5:5.8.2-1 - Update to 5.8.2 upstream release Security fix for CVE-2026-34986 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 1:1.22.2-1 - Update to 1.22.2 upstream release * Fri Apr 10 2026 Lokesh Mandvekar <lsm5(a)redhat.com> - 1:1.22.1-2 - TMT: fix ref in plan * Thu Apr 9 2026 Packit <hello(a)packit.dev> - 1:1.22.1-1 - Update to 1.22.1 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455675 - CVE-2026-34986 skopeo: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455675 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-156e6bfb27' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: asterisk-18.26.4-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-98decbde87 2026-04-30 01:28:38.068222+00:00 -------------------------------------------------------------------------------- Name : asterisk Product : Fedora 42 Version : 18.26.4 Release : 1.fc42 URL : http://www.asterisk.org/ Summary : The Open Source PBX Description : Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. -------------------------------------------------------------------------------- Update Information: Update to Asterisk 18.26.4, addressing numerous security vulnerabilities accumulated since the long-stale 18.12.1 package. The following CVEs are fixed in this update: CVE-2022-26498 (fixed in 18.13.0): use-after-free in chan_ooh323 CVE-2022-42705 (fixed in 18.15.0): use-after-free in res_pjsip_pubsub CVE-2022-37325 (fixed in 18.15.1): crash in H323 channel via malformed IE CVE-2023-37457 (fixed in 18.20.0): buffer overflow in PJSIP_HEADER function CVE-2023-49294 (fixed in 18.20.1): arbitrary file read via AMI GetConfig CVE-2023-49786 (fixed in 18.20.1): DTLS race condition causing DoS CVE-2024-35190 (fixed in 18.23.1): unauthorized SIP requests matched as endpoint CVE-2024-42365 (fixed in 18.24.2): Write=originate allows code execution CVE-2024-42491 (fixed in 18.25.0): crash via malformed Contact/Record-Route URI CVE-2025-49832 (fixed in 18.26.3): DoS/RCE in res_stir_shaken CVE-2025-47779 (fixed in 18.26.2): identity forging via malformed From header CVE-2025-1131 (fixed in 18.26.3): local privilege escalation via safe_asterisk CVE-2025-54995 (fixed in 18.26.4): resource exhaustion via RTP port leak Also fixes F44FailsToInstall for asterisk-snmp (BZ#2433748). -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 10 2026 Peter Lemenkov <lemenkov(a)gmail.com> - 18.26.4-1 - Update to upstream 18.26.4 release. * Fri Jan 23 2026 Benjamin A. Beasley <code(a)musicinmybrain.net> - 18.12.1-1.18 - Rebuilt for net-snmp 5.9.5.2 * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 18.12.1-1.17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering <releng(a)fedoraproject.org> - 18.12.1-1.16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Jul 23 2025 Fedora Release Engineering <releng(a)fedoraproject.org> - 18.12.1-1.15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl> - 18.12.1-1.14 - Add sysusers.d config file to allow rpm to create users/groups automatically * Sat Feb 1 2025 Björn Esser <besser82(a)fedoraproject.org> - 18.12.1-1.13 - Add explicit BR: libxcrypt-devel -------------------------------------------------------------------------------- References: [ 1 ] Bug #2076245 - CVE-2022-26498 CVE-2022-26499 CVE-2022-26651 asterisk: multiple vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2076245 [ 2 ] Bug #2150945 - CVE-2022-42705 asterisk: Use after free in res_pjsip_pubsub.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2150945 [ 3 ] Bug #2150951 - CVE-2022-37325 asterisk: Remote Crash Vulnerability in H323 channel add on [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2150951 [ 4 ] Bug #2254627 - TRIAGE CVE-2023-37457 asterisk: potential buffer overflow in PJSIP_HEADER dialplan function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254627 [ 5 ] Bug #2254632 - TRIAGE CVE-2023-49294 asterisk: access to arbitrary files via directory traversal [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254632 [ 6 ] Bug #2254635 - TRIAGE CVE-2023-49786 asterisk: race condition in the hello handshake phase of the DTLS protocol triggers denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254635 [ 7 ] Bug #2281497 - CVE-2024-35190 asterisk: wrongly matches ALL unauthorized SIP requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2281497 [ 8 ] Bug #2303919 - CVE-2024-42365 asterisk: Write=originate, is sufficient permissions for code execution / System() dialplan [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2303919 [ 9 ] Bug #2310293 - CVE-2024-42491 asterisk: A malformed Contact or Record-Route URI in an incoming SIP request can cause crash [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2310293 [ 10 ] Bug #2310294 - CVE-2024-42491 asterisk: A malformed Contact or Record-Route URI in an incoming SIP request can cause crash [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2310294 [ 11 ] Bug #2386209 - CVE-2025-49832 asterisk: Asterisk SIP Profile Remote Code Execution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2386209 [ 12 ] Bug #2386210 - CVE-2025-49832 asterisk: Asterisk SIP Profile Remote Code Execution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2386210 [ 13 ] Bug #2391521 - CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2391521 [ 14 ] Bug #2391522 - CVE-2025-54995 asterisk: Asterisk resource exhaustion [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2391522 [ 15 ] Bug #2395449 - CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395449 [ 16 ] Bug #2395450 - CVE-2025-47779 asterisk: Using malformed From header can forge identity with ";" or NULL in name portion [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395450 [ 17 ] Bug #2397958 - CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2397958 [ 18 ] Bug #2397959 - CVE-2025-1131 asterisk-sounds-core: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2397959 [ 19 ] Bug #2397961 - CVE-2025-1131 asterisk: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397961 [ 20 ] Bug #2397962 - CVE-2025-1131 asterisk-sounds-core: Asterisk Unsafe Shell Sourcing Leads to Local Privilege Escalation [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397962 [ 21 ] Bug #2433748 - F44FailsToInstall: asterisk-snmp https://bugzilla.redhat.com/show_bug.cgi?id=2433748 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-98decbde87' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 42 Update: buildah-1.43.1-1.fc42
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-156e6bfb27 2026-04-30 01:28:38.068244+00:00 -------------------------------------------------------------------------------- Name : buildah Product : Fedora 42 Version : 1.43.1 Release : 1.fc42 URL : https://buildah.io Summary : A command line tool used for creating OCI Images Description : The buildah package provides a command line tool which can be used to * create a working container from scratch or * create a working container from an image as a starting point * mount/umount a working container's root file system for manipulation * save container's root file system layer to create a new image * delete a working container or an image -------------------------------------------------------------------------------- Update Information: Automatic update for buildah-1.43.1-1.fc42, skopeo-1.22.2-1.fc42, podman-5.8.2-1.fc42. Changelog for buildah * Wed Apr 08 2026 Packit <hello(a)packit.dev> - 2:1.43.1-1 - Update to 1.43.1 upstream release Changelog for skopeo * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 1:1.22.2-1 - Update to 1.22.2 upstream release * Fri Apr 10 2026 Lokesh Mandvekar <lsm5(a)redhat.com> - 1:1.22.1-2 - TMT: fix ref in plan * Thu Apr 09 2026 Packit <hello(a)packit.dev> - 1:1.22.1-1 - Update to 1.22.1 upstream release Changelog for podman * Tue Apr 14 2026 Packit <hello(a)packit.dev> - 5:5.8.2-1 - Update to 5.8.2 upstream release Security fix for CVE-2026-34986 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 8 2026 Packit <hello(a)packit.dev> - 2:1.43.1-1 - Update to 1.43.1 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455675 - CVE-2026-34986 skopeo: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455675 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-156e6bfb27' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: ethtool-7.0-1.fc43
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a4763df2e8 2026-04-30 01:19:30.574335+00:00 -------------------------------------------------------------------------------- Name : ethtool Product : Fedora 43 Version : 7.0 Release : 1.fc43 URL : https://www.kernel.org/pub/software/network/ethtool/ Summary : Settings tool for Ethernet NICs Description : This utility allows querying and changing settings such as speed, port, auto-negotiation, PCI locations and checksum offload on many network devices, especially of Ethernet devices. -------------------------------------------------------------------------------- Update Information: ethtool 7.0 Feature: support MSE display (--show-mse) Feature: add 2 new link_ext_state names Fix: fix index calculation in ixgbe register dump (-d) Fix: cmis wavelength tolerance output (-m) Fix: duplicate sfpid Active Cu compliance output (-m) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 28 2026 Robert Scheck <robert(a)fedoraproject.org> - 2:7.0-1 - Upgrade to 7.0 (#2463460) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2463460 - ethtool-7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2463460 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a4763df2e8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: wireless-regdb-2026.03.18-1.fc43
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b92d4819b7 2026-04-30 01:19:30.574330+00:00 -------------------------------------------------------------------------------- Name : wireless-regdb Product : Fedora 43 Version : 2026.03.18 Release : 1.fc43 URL : https://wireless.wiki.kernel.org/en/developers/regulatory/wireless-regdb Summary : Regulatory database for 802.11 wireless networking Description : The wireless-regdb package provides the regulatory rules database used by the kernels 802.11 networking stack in order to comply with radio frequency regulatory rules around the world. -------------------------------------------------------------------------------- Update Information: 2026.03.18 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2026 Gwyn Ciesla <gwync(a)protonmail.com> - 2026.03.18-1 - 2026.03.18 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461896 - wireless-regdb-2026.03.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2461896 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b92d4819b7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: selinux-policy-43.7-1.fc43
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-80879d3dfe 2026-04-30 01:19:30.574333+00:00 -------------------------------------------------------------------------------- Name : selinux-policy Product : Fedora 43 Version : 43.7 Release : 1.fc43 URL : https://github.com/fedora-selinux/selinux-policy Summary : SELinux policy configuration Description : SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. -------------------------------------------------------------------------------- Update Information: New F43 update -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 28 2026 Zdenek Pytela <zpytela(a)redhat.com> - 43.7-1 - Allow init nnp domain transition do dirsrv_t and dirsrv_snmp_t - Allow accounts-daemon read accountsd_share_t symlinks - Allow thump_t setattr on thumb_tmp_t lnk_files - Allow gpsd the setcap process capability - Allow accountsd list accountsd_share_t dirs - Allow sshd-auth/sshd-session get attributes of their sshd parent -------------------------------------------------------------------------------- References: [ 1 ] Bug #2440544 - SELinux is preventing unsquashfs from 'setattr' accesses on the lnk_file .DirIcon. https://bugzilla.redhat.com/show_bug.cgi?id=2440544 [ 2 ] Bug #2441643 - SELinux is preventing gpsd from using the 'setcap' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=2441643 [ 3 ] Bug #2457951 - Update SELinux policy so that 389ds supports NoNewPrileges in dirsrv service units https://bugzilla.redhat.com/show_bug.cgi?id=2457951 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-80879d3dfe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 43 Update: libgcrypt-1.11.1-4.fc43
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8409145c11 2026-04-30 01:19:30.574325+00:00 -------------------------------------------------------------------------------- Name : libgcrypt Product : Fedora 43 Version : 1.11.1 Release : 4.fc43 URL : https://www.gnupg.org/ Summary : A general-purpose cryptography library Description : Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. -------------------------------------------------------------------------------- Update Information: Fix CVE-2026-41989 (#2461782) -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2026 Jakub Jelen <jjelen(a)redhat.com> - 1.11.1-4 - Fix CVE-2026-41989 (#2461782) - Skip annochecks -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461782 - CVE-2026-41989 libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461782 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8409145c11' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 43 Update: xorg-x11-server-Xwayland-24.1.11-1.fc43
by updates＠fedoraproject.org 29 Apr '26

29 Apr '26

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-32a6d23b06 2026-04-30 01:19:30.574328+00:00 -------------------------------------------------------------------------------- Name : xorg-x11-server-Xwayland Product : Fedora 43 Version : 24.1.11 Release : 1.fc43 URL : http://www.x.org Summary : Xwayland Description : Xwayland is an X server for running X clients under Wayland. -------------------------------------------------------------------------------- Update Information: Update to xwayland 24.1.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2026 Olivier Fourdan <ofourdan(a)redhat.com> - 24.1.11-1 - Update to xwayland 24.1.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2460141 - [abrt] xorg-x11-server-Xwayland: Xwayland killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2460141 [ 2 ] Bug #2463215 - xorg-x11-server-Xwayland-24.1.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2463215 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-32a6d23b06' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

← Newer
1
2
3
4
5
6
7
...
465
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce April 2026