Fedora administrators should immediately apply recent security patches to both Fedora 43 and Fedora 44 systems to address critical vulnerabilities across several core packages. The updates resolve argument injection flaws in ansible-core that could allow arbitrary code execution during role installations, while also fixing configuration parsing issues in perl-Config-IniFiles. WebKitGTK receives a major overhaul with over a dozen CVE mitigations alongside performance improvements for video playback and disk space handling. Meanwhile, PostgreSQL JDBC drivers and their associated SCRAM authentication libraries have been upgraded to prevent silent channel-binding downgrades through unsupported certificate algorithms.

Fedora 43 Update: ansible-core-2.18.18~rc1-1.fc43
Fedora 43 Update: perl-Config-IniFiles-3.001000-1.fc43
Fedora 43 Update: webkitgtk-2.52.4-1.fc43
Fedora 44 Update: ansible-core-2.20.7~rc1-1.fc44
Fedora 44 Update: perl-Config-IniFiles-3.001000-1.fc44
Fedora 44 Update: postgresql-jdbc-42.7.8-6.fc44
Fedora 44 Update: ongres-stringprep-2.4-1.fc44
Fedora 44 Update: ongres-scram-3.3-1.fc44

[SECURITY] Fedora 43 Update: ansible-core-2.18.18~rc1-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f027f57724
2026-06-20 01:06:42.654493+00:00
--------------------------------------------------------------------------------

Name : ansible-core
Product : Fedora 43
Version : 2.18.18~rc1
Release : 1.fc43
URL : https://ansible.com
Summary : A radically simple IT automation system
Description :
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.

This is the base part of ansible (the engine).

--------------------------------------------------------------------------------
Update Information:

Mitigates CVE-2026-11332 (rhbz#2485397)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 11 2026 Maxwell G [maxwell@gtmx.me] - 2.18.18~rc1-1
- Update to 2.18.18~rc1.
- Mitigates CVE-2026-11332 (rhbz#2485397)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2485397 - CVE-2026-11332 ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2485397
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f027f57724' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 43 Update: perl-Config-IniFiles-3.001000-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3cce371bdf
2026-06-20 01:06:42.654461+00:00
--------------------------------------------------------------------------------

Name : perl-Config-IniFiles
Product : Fedora 43
Version : 3.001000
Release : 1.fc43
URL : https://metacpan.org/release/Config-IniFiles
Summary : A module for reading .ini-style configuration files
Description :
Config::IniFiles provides a way to have readable configuration files
outside your Perl script. Configurations can be imported (inherited,
stacked,...), sections can be grouped, and settings can be accessed
from a tied hash.

--------------------------------------------------------------------------------
Update Information:

Update to 3.001000, fixes CVE-2026-11527
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 11 2026 Xavier Bachelot [xavier@bachelot.org] - 3.001000-1
- Update to 3.001000 (RHBZ#2487822)
- Fixes CVE-2026-11527
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 3.000003-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3cce371bdf' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 43 Update: webkitgtk-2.52.4-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-1557aaef26
2026-06-20 01:06:42.654447+00:00
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 43
Version : 2.52.4
Release : 1.fc43
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Add support for half-width fonts.
Improve content filter compilation by avoiding file copies.
Improve handling of out of disk space conditions when the NetworkProcess tried
to write data in caches.
Fix painting scrollbars when their width changes.
Fix playback of certain YouTube videos with low frame rates.
Fix webkit://gpu not working in systems where neither libGL.so.1 nor
libOpenGL.so.0 are available.
Fix several crashes and rendering issues.
Security fixes: CVE-2026-28847, CVE-2026-28883, CVE-2026-28901, CVE-2026-28902,
CVE-2026-28903, CVE-2026-28904, CVE-2026-28905, CVE-2026-28907, CVE-2026-28942,
CVE-2026-28946, CVE-2026-28947, CVE-2026-28953, CVE-2026-28955, CVE-2026-28958,
CVE-2026-43658, CVE-2026-43660
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 3 2026 Michael Catanzaro [mcatanzaro@gnome.org] - 2.52.4-1
- Update to 2.52.4
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-1557aaef26' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: ansible-core-2.20.7~rc1-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-7f70f809f0
2026-06-20 00:50:40.883572+00:00
--------------------------------------------------------------------------------

Name : ansible-core
Product : Fedora 44
Version : 2.20.7~rc1
Release : 1.fc44
URL : https://ansible.com
Summary : A radically simple IT automation system
Description :
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.

This is the base part of ansible (the engine).

--------------------------------------------------------------------------------
Update Information:

Mitigates CVE-2026-11332 (rhbz#2485397)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 11 2026 Maxwell G [maxwell@gtmx.me] - 2.20.7~rc1-1
- Update to 2.20.7~rc1.
- Mitigates CVE-2026-11332 (rhbz#2485397)
* Thu Jun 4 2026 Python Maint - 2.20.6-2
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2485397 - CVE-2026-11332 ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2485397
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-7f70f809f0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: perl-Config-IniFiles-3.001000-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-1c2676703e
2026-06-20 00:50:40.883538+00:00
--------------------------------------------------------------------------------

Name : perl-Config-IniFiles
Product : Fedora 44
Version : 3.001000
Release : 1.fc44
URL : https://metacpan.org/release/Config-IniFiles
Summary : A module for reading .ini-style configuration files
Description :
Config::IniFiles provides a way to have readable configuration files
outside your Perl script. Configurations can be imported (inherited,
stacked,...), sections can be grouped, and settings can be accessed
from a tied hash.

--------------------------------------------------------------------------------
Update Information:

Update to 3.001000, fixes CVE-2026-11527
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 11 2026 Xavier Bachelot [xavier@bachelot.org] - 3.001000-1
- Update to 3.001000 (RHBZ#2487822)
- Fixes CVE-2026-11527
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-1c2676703e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: postgresql-jdbc-42.7.8-6.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3f51edec7b
2026-06-20 00:50:40.883482+00:00
--------------------------------------------------------------------------------

Name : postgresql-jdbc
Product : Fedora 44
Version : 42.7.8
Release : 6.fc44
URL : https://jdbc.postgresql.org/
Summary : JDBC driver for PostgreSQL
Description :
PostgreSQL is an advanced Object-Relational database management system. The
postgresql-jdbc package includes the .jar files needed for Java programs to
access a PostgreSQL database.

--------------------------------------------------------------------------------
Update Information:

Ongres Scram update and security fix.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 10 2026 Marian Koncek [mkoncek@redhat.com] - 42.7.8-6
- Switch tests to using matrix tests
* Wed Jun 10 2026 Marian Koncek [mkoncek@redhat.com] - 42.7.8-5
- Rebuild with newer ongres dependencies
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2487526 - Silent channel-binding authentication downgrade via unsupported certificate algorithms
https://bugzilla.redhat.com/show_bug.cgi?id=2487526
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3f51edec7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: ongres-stringprep-2.4-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3f51edec7b
2026-06-20 00:50:40.883482+00:00
--------------------------------------------------------------------------------

Name : ongres-stringprep
Product : Fedora 44
Version : 2.4
Release : 1.fc44
URL : https://github.com/ongres/stringprep
Summary : RFC 3454 Preparation of Internationalized Strings in pure Java
Description :
The stringprep protocol does not stand on its own; it has to be used by other
protocols at precisely-defined places in those other protocols.

--------------------------------------------------------------------------------
Update Information:

Ongres Scram update and security fix.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 10 2026 Marian Koncek [mkoncek@redhat.com] - 2.4-1
- Update to upstream version 2.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2487526 - Silent channel-binding authentication downgrade via unsupported certificate algorithms
https://bugzilla.redhat.com/show_bug.cgi?id=2487526
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3f51edec7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: ongres-scram-3.3-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3f51edec7b
2026-06-20 00:50:40.883482+00:00
--------------------------------------------------------------------------------

Name : ongres-scram
Product : Fedora 44
Version : 3.3
Release : 1.fc44
URL : https://github.com/ongres/scram
Summary : Salted Challenge Response Authentication Mechanism (SCRAM) - Java Implementation
Description :
This is a Java implementation of SCRAM (Salted Challenge Response
Authentication Mechanism) which is part of the family of Simple
Authentication and Security Layer (SASL, RFC 4422) authentication
mechanisms. It is described as part of RFC 5802 and RFC7677.

--------------------------------------------------------------------------------
Update Information:

Ongres Scram update and security fix.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 10 2026 Marian Koncek [mkoncek@redhat.com] - 3.3-1
- Update to upstream version 3.3
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2487526 - Silent channel-binding authentication downgrade via unsupported certificate algorithms
https://bugzilla.redhat.com/show_bug.cgi?id=2487526
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3f51edec7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new