Chezmoi, Chromium, GH, and more updates for Fedora

Fedora Linux 9269 Published by

Fedora 42, 43, and 44 have received several security updates to address vulnerabilities in various packages. The updates include fixes for vulnerabilities in packages like chromium, gh, prometheus, erlang-hex_core, staticcheck, and python3.10 among others.

Fedora 42 Update: chezmoi-2.69.4-1.fc42
Fedora 42 Update: chromium-145.0.7632.116-1.fc42
Fedora 42 Update: gh-2.87.3-1.fc42
Fedora 42 Update: prometheus-3.10.0-1.fc42
Fedora 43 Update: erlang-hex_core-0.12.2-1.fc43
Fedora 43 Update: staticcheck-2026.1-1.fc43
Fedora 44 Update: erlang-hex_core-0.12.2-1.fc44
Fedora 44 Update: chromium-145.0.7632.116-1.fc44
Fedora 44 Update: nss-3.120.1-1.fc44
Fedora 44 Update: firefox-148.0-1.fc44
Fedora 43 Update: python3.10-3.10.19-4.fc43
Fedora 43 Update: prometheus-3.10.0-1.fc43
Fedora 43 Update: python-asyncmy-0.2.11-2.fc43
Fedora 43 Update: python3.11-3.11.14-5.fc43
Fedora 44 Update: nextcloud-32.0.6-1.fc44
Fedora 44 Update: pgadmin4-9.12-2.fc44
Fedora 44 Update: cef-145.0.25^chromium145.0.7632.75-4.fc44
Fedora 44 Update: postgresql16-anonymizer-3.0.5-2.fc44
Fedora 44 Update: python3.9-3.9.25-6.fc44
Fedora 44 Update: microcode_ctl-2.1-74.fc44
Fedora 44 Update: keylime-agent-rust-0.2.9-1.fc44
Fedora 44 Update: keylime-7.14.1-1.fc44



[SECURITY] Fedora 42 Update: chezmoi-2.69.4-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f6901d5918
2026-03-07 03:20:54.895538+00:00
--------------------------------------------------------------------------------

Name : chezmoi
Product : Fedora 42
Version : 2.69.4
Release : 1.fc42
URL : https://github.com/twpayne/chezmoi
Summary : Manage your dotfiles across multiple diverse machines
Description :
Manage your dotfiles across multiple diverse machines, securely.

--------------------------------------------------------------------------------
Update Information:

Update to 2.69.4
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 11 2026 Packit [hello@packit.dev] - 2.69.4-1
- Update to 2.69.4 upstream release
- Resolves: rhbz#2430279
* Mon Feb 2 2026 Maxwell G [maxwell@gtmx.me] - 2.69.1-4
- Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.69.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.69.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Sat Jan 10 2026 Packit [hello@packit.dev] - 2.69.1-1
- Update to 2.69.1 upstream release
- Resolves: rhbz#2428410
* Mon Jan 5 2026 Packit [hello@packit.dev] - 2.69.0-1
- Update to 2.69.0 upstream release
- Resolves: rhbz#2427071
* Wed Dec 17 2025 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.68.1-1
- Update to 2.68.1 - Closes rhbz#2394285
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 2.63.1-2
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398284 - CVE-2025-47910 chezmoi: CrossOriginProtection bypass in net/http [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2398284
[ 2 ] Bug #2398651 - CVE-2025-47910 chezmoi: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398651
[ 3 ] Bug #2399325 - CVE-2025-47906 chezmoi: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399325
[ 4 ] Bug #2403147 - CVE-2025-11579 chezmoi: RarDecode Out Of Memory Crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403147
[ 5 ] Bug #2407853 - CVE-2025-58189 chezmoi: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407853
[ 6 ] Bug #2408630 - CVE-2025-61725 chezmoi: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408630
[ 7 ] Bug #2409320 - CVE-2025-61723 chezmoi: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409320
[ 8 ] Bug #2410272 - CVE-2025-58185 chezmoi: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410272
[ 9 ] Bug #2411184 - CVE-2025-58188 chezmoi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411184
[ 10 ] Bug #2412478 - CVE-2025-58183 chezmoi: Unbounded allocation when parsing GNU sparse map [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2412478
[ 11 ] Bug #2412748 - CVE-2025-58183 chezmoi: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412748
[ 12 ] Bug #2420578 - CVE-2025-47913 chezmoi: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2420578
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f6901d5918' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 42 Update: chromium-145.0.7632.116-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-cf96901e5c
2026-03-07 03:20:54.895543+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 145.0.7632.116
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 24 2026 Than Ngo [than@redhat.com] - 145.0.7632.116-1
- Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-cf96901e5c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 42 Update: gh-2.87.3-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-de52e7caa1
2026-03-07 03:20:54.895548+00:00
--------------------------------------------------------------------------------

Name : gh
Product : Fedora 42
Version : 2.87.3
Release : 1.fc42
URL : https://github.com/cli/cli
Summary : GitHub's official command line tool
Description :
A command-line interface to GitHub for use in your terminal or your scripts.

gh is a tool designed to enhance your workflow when working with GitHub. It
provides a seamless way to interact with GitHub repositories and perform various
actions right from the command line, eliminating the need to switch between your
terminal and the GitHub website.

--------------------------------------------------------------------------------
Update Information:

Update to 2.87.3
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 23 2026 Packit [hello@packit.dev] - 2.87.3-1
- Update to 2.87.3 upstream release
- Resolves: rhbz#2441488
* Wed Feb 18 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.87.0-2
- Drop patch included in 2.87.0
* Wed Feb 18 2026 Packit [hello@packit.dev] - 2.87.0-1
- Update to 2.87.0 upstream release
- Resolves: rhbz#2440729
* Mon Feb 2 2026 Maxwell G [maxwell@gtmx.me] - 2.86.0-3
- Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26
* Wed Jan 21 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.86.0-2
- Fix test build
* Wed Jan 21 2026 Packit [hello@packit.dev] - 2.86.0-1
- Update to 2.86.0 upstream release
- Resolves: rhbz#2431732
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.85.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Thu Jan 15 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.85.0-1
- Update 2.85.0 - Closes rhbz#2429758
* Wed Dec 10 2025 Packit [hello@packit.dev] - 2.83.2-1
- Update to 2.83.2 upstream release
- Resolves: rhbz#2414900
* Tue Nov 4 2025 Packit [hello@packit.dev] - 2.83.0-1
- Update to 2.83.0 upstream release
- Resolves: rhbz#2397664
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 2.79.0-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398688 - CVE-2025-47910 gh: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398688
[ 2 ] Bug #2399369 - CVE-2025-47906 gh: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399369
[ 3 ] Bug #2407892 - CVE-2025-58189 gh: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407892
[ 4 ] Bug #2408644 - CVE-2025-61725 gh: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408644
[ 5 ] Bug #2409361 - CVE-2025-61723 gh: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409361
[ 6 ] Bug #2410311 - CVE-2025-58185 gh: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410311
[ 7 ] Bug #2411212 - CVE-2025-58188 gh: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411212
[ 8 ] Bug #2412768 - CVE-2025-58183 gh: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412768
[ 9 ] Bug #2421869 - CVE-2025-66564 gh: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2421869
[ 10 ] Bug #2432190 - CVE-2026-23831 gh: Rekor denial of service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2432190
[ 11 ] Bug #2433103 - CVE-2026-23991 gh: go-tuf client DoS via malformed server response [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433103
[ 12 ] Bug #2433106 - CVE-2026-23992 gh: go-tuf improperly validates the configured threshold for delegations [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433106
[ 13 ] Bug #2433544 - CVE-2026-24117 gh: Rekor Server-Side Request Forgery (SSRF) [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433544
[ 14 ] Bug #2433583 - CVE-2026-24137 gh: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433583
[ 15 ] Bug #2434247 - CVE-2026-24686 gh: go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repository Names [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2434247
[ 16 ] Bug #2441162 - CVE-2025-69725 gh: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2441162
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-de52e7caa1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: prometheus-3.10.0-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c9fb6d2b76
2026-03-07 03:20:54.895531+00:00
--------------------------------------------------------------------------------

Name : prometheus
Product : Fedora 42
Version : 3.10.0
Release : 1.fc42
URL : https://github.com/prometheus/prometheus
Summary : Prometheus monitoring system and time series database
Description :
The Prometheus monitoring system and time series database.

--------------------------------------------------------------------------------
Update Information:

Rename from golang-github-prometheus and upgrade to 3.10.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 3.10.0-1
- Update to 3.10.0 - Closes rhbz#2390501
* Mon Feb 23 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.55.1-1
- Initial package after renaming from golang-github-prometheus - Closes
rhbz#2383787
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398776 - CVE-2025-47910 golang-github-prometheus: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398776
[ 2 ] Bug #2399447 - CVE-2025-47906 golang-github-prometheus: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399447
[ 3 ] Bug #2407977 - CVE-2025-58189 golang-github-prometheus: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407977
[ 4 ] Bug #2408652 - CVE-2025-61725 golang-github-prometheus: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408652
[ 5 ] Bug #2409447 - CVE-2025-61723 golang-github-prometheus: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409447
[ 6 ] Bug #2410398 - CVE-2025-58185 golang-github-prometheus: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410398
[ 7 ] Bug #2411298 - CVE-2025-58188 golang-github-prometheus: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411298
[ 8 ] Bug #2412781 - CVE-2025-58183 golang-github-prometheus: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412781
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c9fb6d2b76' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: erlang-hex_core-0.12.2-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-e67a6f9c45
2026-03-07 02:54:36.752572+00:00
--------------------------------------------------------------------------------

Name : erlang-hex_core
Product : Fedora 43
Version : 0.12.2
Release : 1.fc43
URL : https://github.com/hexpm/hex_core
Summary : Reference implementation of Hex specifications
Description :
Reference implementation of Hex specifications.

--------------------------------------------------------------------------------
Update Information:

hex_core ver. 0.12.2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2026 Peter Lemenkov [lemenkov@gmail.com] - 0.12.2-1
- hex_core ver. 0.12.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2443389 - erlang-hex_core-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2443389
[ 2 ] Bug #2443786 - CVE-2026-21619 erlang-hex_core: hex_core, hex, rebar3: Denial of Service due to uncontrolled resource consumption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2443786
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-e67a6f9c45' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: staticcheck-2026.1-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-0c4838b53c
2026-03-07 02:54:36.752504+00:00
--------------------------------------------------------------------------------

Name : staticcheck
Product : Fedora 43
Version : 2026.1
Release : 1.fc43
URL : https://github.com/dominikh/go-tools
Summary : The advanced Go linter
Description :
Staticcheck - The advanced Go linter.

--------------------------------------------------------------------------------
Update Information:

Rename from golang-honnef-tools and update to 2026.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2026.1-1
- Initial package - Closes rhbz#2442774 rhbz#2232814
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2384998 - golang-honnef-tools: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2384998
[ 2 ] Bug #2408266 - CVE-2025-58189 golang-honnef-tools: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408266
[ 3 ] Bug #2409739 - CVE-2025-61723 golang-honnef-tools: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409739
[ 4 ] Bug #2410689 - CVE-2025-58185 golang-honnef-tools: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410689
[ 5 ] Bug #2411585 - CVE-2025-58188 golang-honnef-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411585
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-0c4838b53c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: erlang-hex_core-0.12.2-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-e6bf22d958
2026-03-07 02:29:42.741165+00:00
--------------------------------------------------------------------------------

Name : erlang-hex_core
Product : Fedora 44
Version : 0.12.2
Release : 1.fc44
URL : https://github.com/hexpm/hex_core
Summary : Reference implementation of Hex specifications
Description :
Reference implementation of Hex specifications.

--------------------------------------------------------------------------------
Update Information:

hex_core ver. 0.12.2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 27 2026 Peter Lemenkov [lemenkov@gmail.com] - 0.12.2-1
- hex_core ver. 0.12.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2443389 - erlang-hex_core-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2443389
[ 2 ] Bug #2443786 - CVE-2026-21619 erlang-hex_core: hex_core, hex, rebar3: Denial of Service due to uncontrolled resource consumption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2443786
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-e6bf22d958' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: chromium-145.0.7632.116-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-845d4a7f07
2026-03-07 02:29:42.741112+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 44
Version : 145.0.7632.116
Release : 1.fc44
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 24 2026 Than Ngo [than@redhat.com] - 145.0.7632.116-1
- Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-845d4a7f07' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: nss-3.120.1-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b5bde68630
2026-03-07 02:29:42.741054+00:00
--------------------------------------------------------------------------------

Name : nss
Product : Fedora 44
Version : 3.120.1
Release : 1.fc44
URL : http://www.mozilla.org/projects/security/pki/nss/
Summary : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

--------------------------------------------------------------------------------
Update Information:

Update NSS to 3.120.1
Update to Firefox 148.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 18 2026 Frantisek Krenzelok [fkrenzel@redhat.com] - 3.120.1-1
- Update NSS to 3.120.1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b5bde68630' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: firefox-148.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b5bde68630
2026-03-07 02:29:42.741054+00:00
--------------------------------------------------------------------------------

Name : firefox
Product : Fedora 44
Version : 148.0
Release : 1.fc44
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

--------------------------------------------------------------------------------
Update Information:

Update NSS to 3.120.1
Update to Firefox 148.0
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 23 2026 Bojan Smojver [bojan@rexursive.com] - 148.0-1
- Add patch for dstdint compilation problem
* Mon Feb 23 2026 Martin Stransky [stransky@redhat.com] - 148.0-1
- Update to latest upstream (148.0)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b5bde68630' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: python3.10-3.10.19-4.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-489dc1bc1b
2026-03-07 02:24:06.258366+00:00
--------------------------------------------------------------------------------

Name : python3.10
Product : Fedora 43
Version : 3.10.19
Release : 4.fc43
URL : https://www.python.org/
Summary : Version 3.10 of the Python interpreter
Description :
Python 3.10 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.10 package provides the "python3.10" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.10-libs package,
which should be installed automatically along with python3.10.
The remaining parts of the Python standard library are broken out into the
python3.10-tkinter and python3.10-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.10-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.10-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and
CVE-2025-15367
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 9 2026 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.10.19-4
- Security fixes for CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 3.10.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Tue Jan 6 2026 Karolina Surma [ksurma@redhat.com] - 3.10.19-2
- Require at least the same expat version as used during the build time
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2431625 - CVE-2025-15366 python3.10: IMAP command injection in user-controlled commands [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431625
[ 2 ] Bug #2431649 - CVE-2025-15367 python3.10: POP3 command injection in user-controlled commands [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431649
[ 3 ] Bug #2431821 - CVE-2026-0865 python3.10: wsgiref.headers.Headers allows header newline injection in Python [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431821
[ 4 ] Bug #2433825 - CVE-2026-1299 python3.10: email header injection due to unquoted newlines [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433825
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-489dc1bc1b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 43 Update: prometheus-3.10.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ce1dd0caa0
2026-03-07 02:24:06.258413+00:00
--------------------------------------------------------------------------------

Name : prometheus
Product : Fedora 43
Version : 3.10.0
Release : 1.fc43
URL : https://github.com/prometheus/prometheus
Summary : Prometheus monitoring system and time series database
Description :
The Prometheus monitoring system and time series database.

--------------------------------------------------------------------------------
Update Information:

Rename from golang-github-prometheus & update to 3.10.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 3.10.0-1
- Update to 3.10.0 - Closes rhbz#2390501
* Mon Feb 23 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 2.55.1-1
- Initial package after renaming from golang-github-prometheus - Closes
rhbz#2383787
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2408245 - CVE-2025-58189 golang-github-prometheus: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408245
[ 2 ] Bug #2408712 - CVE-2025-61725 golang-github-prometheus: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408712
[ 3 ] Bug #2409716 - CVE-2025-61723 golang-github-prometheus: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409716
[ 4 ] Bug #2410669 - CVE-2025-58185 golang-github-prometheus: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410669
[ 5 ] Bug #2411565 - CVE-2025-58188 golang-github-prometheus: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411565
[ 6 ] Bug #2412700 - CVE-2025-58183 golang-github-prometheus: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412700
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ce1dd0caa0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: python-asyncmy-0.2.11-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d9161bac3
2026-03-07 02:24:06.258383+00:00
--------------------------------------------------------------------------------

Name : python-asyncmy
Product : Fedora 43
Version : 0.2.11
Release : 2.fc43
URL : https://github.com/long2ice/asyncmy
Summary : A fast asyncio MySQL/MariaDB driver
Description :
asyncmy is a fast asyncio MySQL/MariaDB driver, which reuses most of pymysql
and aiomysql but rewrites the core protocol with Cython to speed it up.

--------------------------------------------------------------------------------
Update Information:

This is an upstream security and bugfix release. For details, see the release
notes.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2026 Nils Philippsen [nils@redhat.com] - 0.2.11-1
- Update to 0.2.11
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.2.10-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418489 - CVE-2025-65896 python-asyncmy: Asyncmy SQL injection [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2418489
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d9161bac3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: python3.11-3.11.14-5.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f17f6e94ca
2026-03-07 02:24:06.258363+00:00
--------------------------------------------------------------------------------

Name : python3.11
Product : Fedora 43
Version : 3.11.14
Release : 5.fc43
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.11-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and
CVE-2025-15367
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 9 2026 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.11.14-5
- Security fixes for CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2431626 - CVE-2025-15366 python3.11: IMAP command injection in user-controlled commands [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431626
[ 2 ] Bug #2431650 - CVE-2025-15367 python3.11: POP3 command injection in user-controlled commands [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431650
[ 3 ] Bug #2431826 - CVE-2026-0865 python3.11: wsgiref.headers.Headers allows header newline injection in Python [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431826
[ 4 ] Bug #2433826 - CVE-2026-1299 python3.11: email header injection due to unquoted newlines [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433826
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f17f6e94ca' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 44 Update: nextcloud-32.0.6-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-94519b94d8
2026-03-07 00:17:58.501702+00:00
--------------------------------------------------------------------------------

Name : nextcloud
Product : Fedora 44
Version : 32.0.6
Release : 1.fc44
URL : http://nextcloud.com
Summary : Private file sync and share server
Description :
NextCloud gives you universal access to your files through a web interface or
WebDAV. It also provides a platform to easily view & sync your contacts,
calendars and bookmarks across all your devices and enables basic editing right
on the web. NextCloud is extendable via a simple but powerful API for
applications and plugins.

--------------------------------------------------------------------------------
Update Information:

32.0.6 release
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 21 2026 Andrew Bauer [zonexpertconsulting@outlook.com] - 32.0.6-1
- 32.0.6 release RHBZ#2440650
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2432927 - CVE-2025-13465 nextcloud: prototype pollution in _.unset and _.omit functions [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2432927
[ 2 ] Bug #2432981 - CVE-2025-13465 nextcloud: prototype pollution in _.unset and _.omit functions [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2432981
[ 3 ] Bug #2433031 - CVE-2025-13465 nextcloud: prototype pollution in _.unset and _.omit functions [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433031
[ 4 ] Bug #2439004 - CVE-2026-25639 nextcloud: Axios affected by Denial of Service via __proto__ Key in mergeConfig [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2439004
[ 5 ] Bug #2439019 - CVE-2026-25639 nextcloud: Axios affected by Denial of Service via __proto__ Key in mergeConfig [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2439019
[ 6 ] Bug #2439026 - CVE-2026-25639 nextcloud: Axios affected by Denial of Service via __proto__ Key in mergeConfig [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2439026
[ 7 ] Bug #2440650 - nextcloud-33.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2440650
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-94519b94d8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: pgadmin4-9.12-2.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2792616d35
2026-03-07 00:17:58.501667+00:00
--------------------------------------------------------------------------------

Name : pgadmin4
Product : Fedora 44
Version : 9.12
Release : 2.fc44
URL : https://www.pgadmin.org/
Summary : Administration tool for PostgreSQL
Description :
pgAdmin is the most popular and feature rich Open Source administration and development
platform for PostgreSQL, the most advanced Open Source database in the world.

--------------------------------------------------------------------------------
Update Information:

Refresh vendored bundle. fixes multiple CVEs.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 21 2026 Sandro Mani [manisandro@gmail.com] - 9.12-2
- Refresh vendor bundle, fixes svelte CVEs
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2439021 - CVE-2026-25639 pgadmin4: Axios affected by Denial of Service via __proto__ Key in mergeConfig [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2439021
[ 2 ] Bug #2439027 - CVE-2026-25639 pgadmin4: Axios affected by Denial of Service via __proto__ Key in mergeConfig [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2439027
[ 3 ] Bug #2441546 - CVE-2026-27125 pgadmin4: Svelte SSR attribute spreading includes inherited properties from prototype chain [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2441546
[ 4 ] Bug #2441547 - CVE-2026-27122 pgadmin4: Svelte SSR does not validate dynamic element tag names in `` [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2441547
[ 5 ] Bug #2441548 - CVE-2026-27125 pgadmin4: Svelte SSR attribute spreading includes inherited properties from prototype chain [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2441548
[ 6 ] Bug #2441549 - CVE-2026-27121 pgadmin4: Svelte affected by cross-site scripting via spread attributes in Svelte SSR [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2441549
[ 7 ] Bug #2441550 - CVE-2026-27119 pgadmin4: Svelte affected by XSS in SSR `` element [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2441550
[ 8 ] Bug #2441551 - CVE-2026-27122 pgadmin4: Svelte SSR does not validate dynamic element tag names in `` [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2441551
[ 9 ] Bug #2441552 - CVE-2026-27121 pgadmin4: Svelte affected by cross-site scripting via spread attributes in Svelte SSR [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2441552
[ 10 ] Bug #2441553 - CVE-2026-27119 pgadmin4: Svelte affected by XSS in SSR `` element [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2441553
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2792616d35' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: cef-145.0.25^chromium145.0.7632.75-4.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-376794abc1
2026-03-07 00:17:58.501618+00:00
--------------------------------------------------------------------------------

Name : cef
Product : Fedora 44
Version : 145.0.25^chromium145.0.7632.75
Release : 4.fc44
URL : https://bitbucket.org/chromiumembedded/cef
Summary : Chromium Embedded Framework
Description :
CEF is an embeddable build of Chromium, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to cef-145.0.25 + chromium 145.0.7632.75
CVE-2026-1861: Heap buffer overflow in libvpx
CVE-2026-1862: Type Confusion in V8
CVE-2026-2313: Use after free in CSS
CVE-2026-2314: Heap buffer overflow in Codecs
CVE-2026-2315: Inappropriate implementation in WebGPU
CVE-2026-2316: Insufficient policy enforcement in Frames
CVE-2026-2317: Inappropriate implementation in Animation
CVE-2026-2318: Inappropriate implementation in PictureInPicture
CVE-2026-2319: Race in DevTools
CVE-2026-2320: Inappropriate implementation in File input
CVE-2026-2321: Use after free in Ozone
CVE-2026-2322: Inappropriate implementation in File input
CVE-2026-2323: Inappropriate implementation in Downloads
CVE-2026-2441: Use after free in CSS
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 20 2026 Than Ngo [than@redhat.com] - 145.0.25^chromium145.0.7632.75-1
- Update to 145.0.7632.75
- * CVE-2026-2441: Use after free in CSS
- Fix FTFS on aarch64/ppc64le caused by missing include file (el9)
- Enable rustc_nightly_capability
* Fri Feb 20 2026 Than Ngo [than@redhat.com] - 145.0.25^chromium145.0.7632.45-1
- Update to 145.0.7632.45
- * CVE-2026-2313: Use after free in CSS
- * CVE-2026-2314: Heap buffer overflow in Codecs
- * CVE-2026-2315: Inappropriate implementation in WebGPU
- * CVE-2026-2316: Insufficient policy enforcement in Frames
- * CVE-2026-2317: Inappropriate implementation in Animation
- * CVE-2026-2318: Inappropriate implementation in PictureInPicture
- * CVE-2026-2319: Race in DevTools
- * CVE-2026-2320: Inappropriate implementation in File input
- * CVE-2026-2321: Use after free in Ozone
- * CVE-2026-2322: Inappropriate implementation in File input
- * CVE-2026-2323: Inappropriate implementation in Downloads
- Hoshino Lina: Update to cef-145.0.25+g265860d
* Fri Feb 20 2026 Than Ngo [than@redhat.com] - 144.0.11^chromium144.0.7559.132-1
- Update to 144.0.7559.132
- * CVE-2026-1861: Heap buffer overflow in libvpx
- * CVE-2026-1862: Type Confusion in V8
- Add BR on esbuild
- Disable devtool bundle
- Update scripts for downloading the source
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-376794abc1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: postgresql16-anonymizer-3.0.5-2.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-1ace5758de
2026-03-07 00:17:58.501107+00:00
--------------------------------------------------------------------------------

Name : postgresql16-anonymizer
Product : Fedora 44
Version : 3.0.5
Release : 2.fc44
URL : https://gitlab.com/dalibo/postgresql_anonymizer
Summary : Mask or replace personally identifiable information (PII) or sensitive data
Description :
PostgreSQL Anonymizer is an extension to mask or replace
personally identifiable information (PII) or commercially sensitive data from
a PostgreSQL database.
The project has a declarative approach of anonymization. This means you can
declare the masking rules using the PostgreSQL Data Definition Language (DDL)
and specify your anonymization policy inside the table definition itself.

--------------------------------------------------------------------------------
Update Information:

Updated to newest version fixing CVEs found in the previous one
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 18 2026 Petr Khartskhaev [pkhartsk@redhat.com] - 3.0.5-2
- Fix test to run on 3.0.5
* Wed Feb 18 2026 Petr Khartskhaev [pkhartsk@redhat.com] - 3.0.5-1
- Update to 3.0.5 and fixup vendor script
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2438041 - CVE-2026-25727 postgresql16-anonymizer: time affected by a stack exhaustion denial of service attack [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2438041
[ 2 ] Bug #2439079 - CVE-2026-2361 postgresql16-anonymizer: Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2439079
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-1ace5758de' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python3.9-3.9.25-6.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-14a63ba868
2026-03-07 00:17:58.501261+00:00
--------------------------------------------------------------------------------

Name : python3.9
Product : Fedora 44
Version : 3.9.25
Release : 6.fc44
URL : https://www.python.org/
Summary : Version 3.9 of the Python interpreter
Description :
Python 3.9 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.9 package provides the "python3.9" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.9-libs package,
which should be installed automatically along with python3.9.
The remaining parts of the Python standard library are broken out into the
python3.9-tkinter and python3.9-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.9-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.9-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and
CVE-2025-1536
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 10 2026 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.9.25-6
- Security fix for CVE-2026-1299
* Mon Feb 9 2026 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.9.25-5
- Security fixes for CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-14a63ba868' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 44 Update: microcode_ctl-2.1-74.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3b12e49fee
2026-03-07 00:17:58.501081+00:00
--------------------------------------------------------------------------------

Name : microcode_ctl
Product : Fedora 44
Version : 2.1
Release : 74.fc44
URL : https://pagure.io/microcode_ctl
Summary : Tool to transform and deploy CPU microcode update for x86
Description :
The microcode_ctl utility is a companion to the microcode driver written
by Tigran Aivazian [tigran@aivazian.fsnet.co.uk].

The microcode update is volatile and needs to be uploaded on each system
boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts
back to the old microcode.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.1-51. 20260210
Addition of 06-ae-01/0x97 (GNR-D B0/B1) microcode at revision
0x10002f3;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000410
up to 0xd000421;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002e0
up to 0x10002f1;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xca
up to 0xcc;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0xbc up to 0xbe;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x3c up
to 0x3e;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x56 up
to 0x58;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000643 up to 0x2b000661;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000401 up to 0x2c000421;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000401 up to 0x2c000421;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000643 up to 0x2b000661;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x3a up to 0x3e;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x3a up to 0x3e;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x3a up to 0x3e;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x3a
up to 0x3e;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x437 up to 0x43b;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x437 up to 0x43b;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x437 up to 0x43b;
Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0xa up
to 0xc;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x437
up to 0x43b;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x64 up
to 0x65;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x25
up to 0x28;
Update of 06-ad-01/0x20 (GNR-AP/SP H0) microcode from revision
0xa000100 up to 0xa000133;
Update of 06-ad-01/0x95 (GNR-AP/SP B0) microcode from revision
0x10003d0 up to 0x1000405;
Update of 06-af-03/0x01 (SRF-SP C0) microcode from revision 0x3000362
up to 0x3000382;
Update of 06-b5-00/0x80 (ARL-U A1) microcode from revision 0xa up
to 0xd;
Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12f up
to 0x133;
Update of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) from
revision 0x12f up to 0x133;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4129 up to 0x6134;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4129 up to 0x6134;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4129 up to 0x6134;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4129 up to 0x6134;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4129
up to 0x6134;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4129 up to 0x6134;
Update of 06-bd-01/0x80 (LNL B0) microcode from revision 0x123 up
to 0x125;
Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1d up
to 0x21;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x3a up to 0x3e;
Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x3a up to 0x3e;
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
Update of 06-c5-02/0x82 (ARL-H A1) microcode from revision 0x119 up
to 0x11b;
Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode (in
intel-ucode/06-c5-02) from revision 0x119 up to 0x11b;
Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
Update of 06-c5-02/0x82 (ARL-H A1) microcode (in intel-ucode/06-c6-02)
from revision 0x119 up to 0x11b;
Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode from revision
0x119 up to 0x11b;
Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x210002b3 up to 0x210002d3;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x210002b3
up to 0x210002d3.
Resolves RHBZ#2431378
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 18 2026 Eugene Syromiatnikov [evgsyr@gmail.com] 2:2.1-74
- Update to upstream 2.1-51. 20260210
- Addition of 06-ae-01/0x97 (GNR-D B0/B1) microcode at revision
0x10002f3;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000410
up to 0xd000421;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002e0
up to 0x10002f1;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xca
up to 0xcc;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0xbc up to 0xbe;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x3c up
to 0x3e;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x56 up
to 0x58;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000643 up to 0x2b000661;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000401 up to 0x2c000421;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000643 up to 0x2b000661;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x3a
up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x437 up to 0x43b;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x437 up to 0x43b;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x437 up to 0x43b;
- Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0xa up
to 0xc;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x437
up to 0x43b;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x64 up
to 0x65;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x25
up to 0x28;
- Update of 06-ad-01/0x20 (GNR-AP/SP H0) microcode from revision
0xa000100 up to 0xa000133;
- Update of 06-ad-01/0x95 (GNR-AP/SP B0) microcode from revision
0x10003d0 up to 0x1000405;
- Update of 06-af-03/0x01 (SRF-SP C0) microcode from revision 0x3000362
up to 0x3000382;
- Update of 06-b5-00/0x80 (ARL-U A1) microcode from revision 0xa up
to 0xd;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12f up
to 0x133;
- Update of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) from
revision 0x12f up to 0x133;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4129 up to 0x6134;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4129 up to 0x6134;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4129 up to 0x6134;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4129 up to 0x6134;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4129
up to 0x6134;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4129 up to 0x6134;
- Update of 06-bd-01/0x80 (LNL B0) microcode from revision 0x123 up
to 0x125;
- Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1d up
to 0x21;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
- Update of 06-c5-02/0x82 (ARL-H A1) microcode from revision 0x119 up
to 0x11b;
- Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode (in
intel-ucode/06-c5-02) from revision 0x119 up to 0x11b;
- Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
- Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
- Update of 06-c5-02/0x82 (ARL-H A1) microcode (in intel-ucode/06-c6-02)
from revision 0x119 up to 0x11b;
- Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode from revision
0x119 up to 0x11b;
- Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
- Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x210002b3 up to 0x210002d3;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x210002b3
up to 0x210002d3.
- Resolves RHBZ#2431378
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2431378 - microcode_ctl is outdated
https://bugzilla.redhat.com/show_bug.cgi?id=2431378
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3b12e49fee' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: keylime-agent-rust-0.2.9-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2b8b223cf0
2026-03-07 00:17:58.500932+00:00
--------------------------------------------------------------------------------

Name : keylime-agent-rust
Product : Fedora 44
Version : 0.2.9
Release : 1.fc44
URL : https://github.com/keylime/rust-keylime/
Summary : The Keylime agent
Description :
The Keylime agent

--------------------------------------------------------------------------------
Update Information:

Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9
Fixes: CVE-2026-1709 and CVE-2025-13609
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 13 2026 Anderson Toshiyuki Sasaki [ansasaki@redhat.com] - 0.2.9-1
- Update to upstream version 0.2.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2416761 - CVE-2025-13609 keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration
https://bugzilla.redhat.com/show_bug.cgi?id=2416761
[ 2 ] Bug #2435514 - CVE-2026-1709 keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication
https://bugzilla.redhat.com/show_bug.cgi?id=2435514
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2b8b223cf0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: keylime-7.14.1-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2b8b223cf0
2026-03-07 00:17:58.500932+00:00
--------------------------------------------------------------------------------

Name : keylime
Product : Fedora 44
Version : 7.14.1
Release : 1.fc44
URL : https://github.com/keylime/keylime
Summary : Open source TPM software for Bootstrapping and Maintaining Trust
Description :
Keylime is a TPM based highly scalable remote boot attestation
and runtime integrity measurement solution.

--------------------------------------------------------------------------------
Update Information:

Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9
Fixes: CVE-2026-1709 and CVE-2025-13609
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 13 2026 Sergio Correia [scorreia@redhat.com] - 7.14.1-1
- Updating for Keylime release v7.14.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2416761 - CVE-2025-13609 keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration
https://bugzilla.redhat.com/show_bug.cgi?id=2416761
[ 2 ] Bug #2435514 - CVE-2026-1709 keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication
https://bugzilla.redhat.com/show_bug.cgi?id=2435514
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2b8b223cf0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new


Delve, GIT-LFS, PostgreSQL updates for AlmaLinux

Ansible Automation Platform, NFS-Utils, AMQ Broker updates for RHEL

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...