Fedora 43 Update: bind-9.18.49-1.fc43
Fedora 43 Update: bind-dyndb-ldap-11.11-13.fc43
Fedora 43 Update: linux-firmware-20260519-1.fc43
Fedora 43 Update: tor-0.4.9.8-1.fc43
Fedora 44 Update: unbound-1.25.1-1.fc44
Fedora 44 Update: tor-0.4.9.8-1.fc44
[SECURITY] Fedora 43 Update: bind-9.18.49-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b626e83a45
2026-05-26 01:20:50.020972+00:00
--------------------------------------------------------------------------------
Name : bind
Product : Fedora 43
Version : 9.18.49
Release : 1.fc43
URL : https://www.isc.org/downloads/bind/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.
--------------------------------------------------------------------------------
Update Information:
Update to 9.18.49 (rhbz#2480121)
Security Fixes:
Limit resolver server list size. (CVE-2026-3592)
Fix GSS-API resource leak. (CVE-2026-3039)
Disable recursion, UPDATE, and NOTIFY for non-IN views. (CVE-2026-5946)
Avoid unbounded recursion loop. (CVE-2026-5950)
Fix outgoing zone transfers' quota issue.
Feature Changes:
Fix CPU spikes and slow queries when cache approaches memory limit.
Bug Fixes:
Fix named crash when processing SIG records in dynamic updates.
Fix rndc modzone behavior for a zone in named.conf.
Fix zone verification of NSEC3 signed zones.
Prevent a crash when using both dns64 and filter-aaaa.
Fixed an assertion failure when processing catalog zones.
Prevent malicious DNSSEC zones from exhausting validator CPU.
Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits.
Prevent crafted queries from degrading RRL performance.
Fix a bug in allow-query/allow-transfer catalog zone custom properties.
Fix a memory leak issue in catalog zones.
Fix suppressed missing-glue check in named-checkzone.
Reject record sets too large to serve in DNS.
Source:
https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for-
bind-9-18-49
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 20 2026 Petr Men????k [pemensik@redhat.com] - 32:9.18.49-1
- Update to 9.18.49 (rhbz#2480121)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2480121 - bind-9.18.49 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2480121
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b626e83a45' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 43 Update: bind-dyndb-ldap-11.11-13.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b626e83a45
2026-05-26 01:20:50.020972+00:00
--------------------------------------------------------------------------------
Name : bind-dyndb-ldap
Product : Fedora 43
Version : 11.11
Release : 13.fc43
URL : https://releases.pagure.org/bind-dyndb-ldap
Summary : LDAP back-end plug-in for BIND
Description :
This package provides an LDAP back-end plug-in for BIND. It features
support for dynamic updates and internal caching, to lift the load
off of your LDAP server.
--------------------------------------------------------------------------------
Update Information:
Update to 9.18.49 (rhbz#2480121)
Security Fixes:
Limit resolver server list size. (CVE-2026-3592)
Fix GSS-API resource leak. (CVE-2026-3039)
Disable recursion, UPDATE, and NOTIFY for non-IN views. (CVE-2026-5946)
Avoid unbounded recursion loop. (CVE-2026-5950)
Fix outgoing zone transfers' quota issue.
Feature Changes:
Fix CPU spikes and slow queries when cache approaches memory limit.
Bug Fixes:
Fix named crash when processing SIG records in dynamic updates.
Fix rndc modzone behavior for a zone in named.conf.
Fix zone verification of NSEC3 signed zones.
Prevent a crash when using both dns64 and filter-aaaa.
Fixed an assertion failure when processing catalog zones.
Prevent malicious DNSSEC zones from exhausting validator CPU.
Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits.
Prevent crafted queries from degrading RRL performance.
Fix a bug in allow-query/allow-transfer catalog zone custom properties.
Fix a memory leak issue in catalog zones.
Fix suppressed missing-glue check in named-checkzone.
Reject record sets too large to serve in DNS.
Source:
https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for-
bind-9-18-49
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 20 2026 Petr Men????k [pemensik@redhat.com] - 11.11-13
- Rebuilt for BIND 9.18.49 (rhbz#2480121)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2480121 - bind-9.18.49 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2480121
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b626e83a45' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 43 Update: linux-firmware-20260519-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-16c8693020
2026-05-26 01:20:50.020969+00:00
--------------------------------------------------------------------------------
Name : linux-firmware
Product : Fedora 43
Version : 20260519
Release : 1.fc43
URL : http://www.kernel.org/
Summary : Firmware files used by the Linux kernel
Description :
This package includes firmware files required for some devices to
operate.
--------------------------------------------------------------------------------
Update Information:
Update to 20260519:
ASoC: tas2783: Add Firmware files for tas2783A projects
add firmware for MT7927 WiFi device
Add HP ISH firmware for Intel Panther Lake systems
ti: Add PCM6240 firmware with multiple audio profiles support
qcom: add CDSP firmware for shikra platform
amdgpu: updates for various ASICs
qcom: update ADSP firmware for x1e80100 platform
qcom: Add cdsp1r.jsn for sa8775p platform
Add firmware for Lontium LT9611C
xe: Update GUC to v70.65.0 for LNL, BMG, PTL
rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
qcom: update ADSP firmware for x1e80100 platform
linux-firmware:Add firmware for Lontium LT7911EXC bridge
qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
qcom: Update CDSP firmware for Kaanapali platform
qcom: vpu: add Gen2 firmware binary for Agatti
amdgpu: DMCUB updates for various ASICs
Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
qcom: Update ADSP firmware for Glymur platform
mediatek MT7925: update bluetooth firmware to 20260414153243
update firmware for MT7925 WiFi device
Revert "Update firmware file for Intel Quasar core"
qcom: Add gpdspr.jsn for qcs8300 platform
ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
ath12k: QCC2072 hw1.0: add board-2.bin
ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
ath12k: IPQ5424 hw1.0: add board-2.bin
qcom: Update ADSP firmware for Kaanapali platform
cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c
17aa235d)
QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
amdgpu: DMCUB updates for DCN36
Update AMD cpu microcode
powervr: update Imagination Rogue firmware images
qcom: Update ADSP firmware for Kaanapali platform
i915: Xe3LPD DMC v2.34
i915: Xe3LPD_3002 DMC v2.29
qcom: Update ADSP firmware for QCM6490 platform
firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
mediatek: vpu: drop old sym link
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 19 2026 Peter Robinson [pbrobinson@fedoraproject.org] - 20260519-1
- Update to 20260519
- ASoC: tas2783: Add Firmware files for tas2783A projects
- add firmware for MT7927 WiFi device
- Add HP ISH firmware for Intel Panther Lake systems
- ti: Add PCM6240 firmware with multiple audio profiles support
- qcom: add CDSP firmware for shikra platform
- amdgpu: updates for various ASICs
- qcom: update ADSP firmware for x1e80100 platform
- qcom: Add cdsp1r.jsn for sa8775p platform
- Add firmware for Lontium LT9611C
- xe: Update GUC to v70.65.0 for LNL, BMG, PTL
- rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
- Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
- qcom: update ADSP firmware for x1e80100 platform
- linux-firmware:Add firmware for Lontium LT7911EXC bridge
- qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
- qcom: Update CDSP firmware for Kaanapali platform
- qcom: vpu: add Gen2 firmware binary for Agatti
- amdgpu: DMCUB updates for various ASICs
- Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
- Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
- qcom: Update ADSP firmware for Glymur platform
- mediatek MT7925: update bluetooth firmware to 20260414153243
- update firmware for MT7925 WiFi device
- Revert "Update firmware file for Intel Quasar core"
- qcom: Add gpdspr.jsn for qcs8300 platform
- ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
- ath12k: QCC2072 hw1.0: add board-2.bin
- ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
- ath12k: IPQ5424 hw1.0: add board-2.bin
- qcom: Update ADSP firmware for Kaanapali platform
- cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c 17aa235d)
- QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
- amdgpu: DMCUB updates for DCN36
- Update AMD cpu microcode
- powervr: update Imagination Rogue firmware images
- qcom: Update ADSP firmware for Kaanapali platform
- i915: Xe3LPD DMC v2.34
- i915: Xe3LPD_3002 DMC v2.29
- qcom: Update ADSP firmware for QCM6490 platform
- firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
- mediatek: vpu: drop old sym link
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2401745 - /usr/lib/firmware/vpu_p.bin.xz: broken symbolic link to mediatek/mt8173/vpu_p.bin.xz
https://bugzilla.redhat.com/show_bug.cgi?id=2401745
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-16c8693020' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: tor-0.4.9.8-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-0c38968a1b
2026-05-26 01:20:50.020957+00:00
--------------------------------------------------------------------------------
Name : tor
Product : Fedora 43
Version : 0.4.9.8
Release : 1.fc43
URL : https://www.torproject.org
Summary : Anonymizing overlay network for TCP
Description :
The Tor network is a group of volunteer-operated servers that allows people to
improve their privacy and security on the Internet. Tor's users employ this
network by connecting through a series of virtual tunnels rather than making a
direct connection, thus allowing both organizations and individuals to share
information over public networks without compromising their privacy. Along the
same line, Tor is an effective censorship circumvention tool, allowing its
users to reach otherwise blocked destinations or content. Tor can also be used
as a building block for software developers to create new communication tools
with built-in privacy features.
This package contains the Tor software that can act as either a server on the
Tor network, or as a client to connect to the Tor network.
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release https://forum.torproject.org/t/security-
release-0-4-8-25-and-0-4-9-8/21559
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2026 Marcel H??rry - 0.4.9.8-1
- Update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-25-and-0-4-9-8/21559
- Fix CVE-2026-44600 (bz#2476455 / bz#2476454)
- Fix CVE-2026-44599 (bz#2476453 / bz#2476452)
- Fix CVE-2026-44597 (bz#2476451 / bz#2476450)
- Fix CVE-2026-44601 (bz#2467732 / bz#2467731)
- Fix CVE-2026-44603 (bz#2467720 / bz#2467719)
- Fix CVE-2026-44602 (bz#2467718 / nz@2467717)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2467295 - tor-0.4.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467295
[ 2 ] Bug #2467718 - CVE-2026-44602 tor: Tor: Denial of service via out-of-order CERT cell [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467718
[ 3 ] Bug #2467719 - CVE-2026-44603 tor: Tor: Denial of Service via malformed BEGIN cell [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467719
[ 4 ] Bug #2467732 - CVE-2026-44601 tor: Tor: Client crash due to double close of a circuit [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467732
[ 5 ] Bug #2476451 - CVE-2026-44597 tor: Tor: Denial of Service due to out-of-bounds read [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476451
[ 6 ] Bug #2476453 - CVE-2026-44599 tor: Tor: Low integrity impact via directory message manipulation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476453
[ 7 ] Bug #2476455 - CVE-2026-44600 tor: Tor: Denial of Service due to mishandling of conflux out-of-order queue accounting [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476455
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-0c38968a1b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 44 Update: unbound-1.25.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-49f37e16aa
2026-05-26 00:55:24.541616+00:00
--------------------------------------------------------------------------------
Name : unbound
Product : Fedora 44
Version : 1.25.1
Release : 1.fc44
URL : https://nlnetlabs.nl/projects/unbound/
Summary : Validating, recursive, and caching DNS(SEC) resolver
Description :
Unbound is a validating, recursive, and caching DNS(SEC) resolver.
The C implementation of Unbound is developed and maintained by NLnet
Labs. It is based on ideas and algorithms taken from a java prototype
developed by Verisign labs, Nominet, Kirei and ep.net.
Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
as a server, but are linked into an application) are easily possible.
--------------------------------------------------------------------------------
Update Information:
Update to 1.25.1 (rhbz#2480119)
Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation.
Thanks to Qifan Zhang, Palo Alto Networks, for the report.
Fix CVE-2026-42944, Heap overflow and crash with multiple nsid, cookie, padding
EDNS options. Thanks to Qifan Zhang, Palo Alto Networks, for the report.
Fix CVE-2026-42959, Crash during DNSSEC validation of malicious content. Thanks
to Qifan Zhang, Palo Alto Networks, for the report.
Fix CVE-2026-32792, Packet of death with DNSCrypt. Thanks to Andrew Griffiths
from 'calif.io' for the report.
Fix CVE-2026-40622, "Ghost domain name" variant. Thanks to Qifan Zhang, Palo
Alto Networks, for the report.
Fix CVE-2026-41292, Parsing a long list of incoming EDNS options degrades
performance. Thanks to GitHub user 'N0zoM1z0', also Qifan Zhang from Palo Alto
Networks, for the report.
Fix CVE-2026-42534, Jostle logic bypass degrades resolution performance. Thanks
to Qifan Zhang, Palo Alto Networks, for the report.
Fix CVE-2026-42923, Degradation of service with unbounded NSEC3 hash
calculations. Thanks to Qifan Zhang, Palo Alto Networks, for the report.
Fix CVE-2026-42960, Possible cache poisoning attack while following delegation.
Thanks to TaoFei Guo from Peking University, Yang Luo and JianJun Chen, Tsinghua
University, for the report.
Fix CVE-2026-44390, Unbounded name compression in certain cases causes
degradation of service. Thanks to Qifan Zhang, Palo Alto Networks, for the
report.
Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks to Qifan Zhang,
Palo Alto Networks, for the report.
Swapped sources signature source number with systemd unit to have them
close.
Update to 1.25.0 (rhbz#2463781)
Feature changes:
Improved TTL 0 handling
Reload also certificates on reload if they have changed
Allow control-interface specification also of port.
Added new tls-protocols option. Can disable TLS 1.2 explicitly.
And bug fixes.
Remove merged patches.
Source: https://nlnetlabs.nl/projects/unbound/download/#unbound-1-25-0
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 20 2026 Petr Men????k [pemensik@redhat.com] - 1.25.1-1
- Update to 1.25.1 (rhbz#2480119)
* Tue May 19 2026 Petr Men????k [pemensik@redhat.com] - 1.25.0-2
- Remove the key of Yorgos, one should be enough
* Mon May 18 2026 Petr Men????k [pemensik@redhat.com] - 1.25.0-1
- Update to 1.25.0 (rhbz#2463781)
* Mon May 18 2026 Petr Men????k [pemensik@redhat.com] - 1.24.2-12
- Simple support for openssl4
* Wed Mar 25 2026 Tomas Korbar [tkorbar@redhat.com] - 1.24.2-11
- Change unbound dracut module
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2463781 - unbound-1.25.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2463781
[ 2 ] Bug #2480119 - unbound-1.25.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2480119
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-49f37e16aa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 44 Update: tor-0.4.9.8-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-5ce7cc46bb
2026-05-26 00:55:24.541595+00:00
--------------------------------------------------------------------------------
Name : tor
Product : Fedora 44
Version : 0.4.9.8
Release : 1.fc44
URL : https://www.torproject.org
Summary : Anonymizing overlay network for TCP
Description :
The Tor network is a group of volunteer-operated servers that allows people to
improve their privacy and security on the Internet. Tor's users employ this
network by connecting through a series of virtual tunnels rather than making a
direct connection, thus allowing both organizations and individuals to share
information over public networks without compromising their privacy. Along the
same line, Tor is an effective censorship circumvention tool, allowing its
users to reach otherwise blocked destinations or content. Tor can also be used
as a building block for software developers to create new communication tools
with built-in privacy features.
This package contains the Tor software that can act as either a server on the
Tor network, or as a client to connect to the Tor network.
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release https://forum.torproject.org/t/security-
release-0-4-8-25-and-0-4-9-8/21559
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2026 Marcel H??rry - 0.4.9.8-1
- Update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-25-and-0-4-9-8/21559
- Fix CVE-2026-44600 (bz#2476455 / bz#2476454)
- Fix CVE-2026-44599 (bz#2476453 / bz#2476452)
- Fix CVE-2026-44597 (bz#2476451 / bz#2476450)
- Fix CVE-2026-44601 (bz#2467732 / bz#2467731)
- Fix CVE-2026-44603 (bz#2467720 / bz#2467719)
- Fix CVE-2026-44602 (bz#2467718 / nz@2467717)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2467295 - tor-0.4.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467295
[ 2 ] Bug #2467718 - CVE-2026-44602 tor: Tor: Denial of service via out-of-order CERT cell [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467718
[ 3 ] Bug #2467719 - CVE-2026-44603 tor: Tor: Denial of Service via malformed BEGIN cell [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467719
[ 4 ] Bug #2467732 - CVE-2026-44601 tor: Tor: Client crash due to double close of a circuit [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467732
[ 5 ] Bug #2476451 - CVE-2026-44597 tor: Tor: Denial of Service due to out-of-bounds read [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476451
[ 6 ] Bug #2476453 - CVE-2026-44599 tor: Tor: Low integrity impact via directory message manipulation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476453
[ 7 ] Bug #2476455 - CVE-2026-44600 tor: Tor: Denial of Service due to mishandling of conflux out-of-order queue accounting [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2476455
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-5ce7cc46bb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
