Fedora 44 Update: chromium-148.0.7778.178-1.fc44
Fedora 44 Update: dotnet8.0-8.0.127-1.fc44
Fedora 44 Update: perl-Apache-Session-Browseable-1.3.19-1.fc44
Fedora 44 Update: dotnet10.0-10.0.108-1.fc44
Fedora 44 Update: dotnet9.0-9.0.117-1.fc44
Fedora 44 Update: docker-buildkit-0.30.0-1.fc44
Fedora 44 Update: docker-buildx-0.34.0-1.fc44
Fedora 44 Update: python3.15-3.15.0~b1-1.fc44
Fedora 44 Update: pie-1.4.4-1.fc44
Fedora 44 Update: composer-2.9.8-1.fc44
[SECURITY] Fedora 44 Update: chromium-148.0.7778.178-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c758d44a9a
2026-05-23 00:56:16.173372+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 44
Version : 148.0.7778.178
Release : 1.fc44
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 148.0.7778.178
CVE-2026-9111: Use after free in WebRTC
CVE-2026-9110: Inappropriate implementation in UI
CVE-2026-9112: Use after free in GPU
CVE-2026-9113: Out of bounds read in GPU
CVE-2026-9114: Use after free in QUIC
CVE-2026-9115: Insufficient policy enforcement in Service Worker
CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
CVE-2026-9117: Type Confusion in GFX
CVE-2026-9118: Use after free in XR
CVE-2026-9119: Heap buffer overflow in WebRTC
CVE-2026-9120: Use after free in WebRTC
CVE-2026-9126: Use after free in DOM
CVE-2026-9121: Out of bounds read in GPU
CVE-2026-9122: Out of bounds read in GPU
CVE-2026-9123: Heap buffer overflow in Chromecast
CVE-2026-9124: Insufficient validation of untrusted input in Input
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 20 2026 Than Ngo [than@redhat.com] - 148.0.7778.178-1
- Update to 148.0.7778.178
- Backport upstream patches to improve auto dark image inversion logic
- Update default chromium browser config
* Fri May 15 2026 Than Ngo [than@redhat.com] - 148.0.7778.167-1
- Update to 148.0.7778.167
* CVE-2026-8509: Heap buffer overflow in WebML
* CVE-2026-8510: Integer overflow in Skia
* CVE-2026-8511: Use after free in UI
* CVE-2026-8512: Use after free in FileSystem
* CVE-2026-8513: Use after free in Input
* CVE-2026-8514: Use after free in Aura
* CVE-2026-8515: Use after free in HID
* CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer
* CVE-2026-8517: Object lifecycle issue in WebShare
* CVE-2026-8518: Use after free in Blink
* CVE-2026-8519: Integer overflow in ANGLE
* CVE-2026-8520: Race in Payments
* CVE-2026-8521: Use after free in Tab Groups
* CVE-2026-8522: Use after free in Downloads
* CVE-2026-8523: Use after free in Mojo
* CVE-2026-8558: Out of bounds write in Fonts
* CVE-2026-8524: Out of bounds write in WebAudio
* CVE-2026-8525: Heap buffer overflow in ANGLE
* CVE-2026-8526: Out of bounds write in WebRTC
* CVE-2026-8527: Insufficient validation of untrusted input in Downloads
* CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation
* CVE-2026-8529: Heap buffer overflow in Codecs
* CVE-2026-8530: Use after free in Network
* CVE-2026-8531: Heap buffer overflow in WebML
* CVE-2026-8532: Integer overflow in XML
* CVE-2026-8533: Use after free in Accessibility
* CVE-2026-8534: Integer overflow in GPU
* CVE-2026-8535: Out of bounds read in Media
* CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode
* CVE-2026-8537: Insufficient policy enforcement in ViewTransitions
* CVE-2026-8538: Insufficient validation of untrusted input in GPU
* CVE-2026-8539: Script injection in SanitizerAPI
* CVE-2026-8540: Type Confusion in V8
* CVE-2026-8541: Out of bounds read in UI
* CVE-2026-8542: Use after free in Core
* CVE-2026-8543: Out of bounds read in FileSystem
* CVE-2026-8544: Use after free in Media
* CVE-2026-8545: Object corruption in Compositing
* CVE-2026-8546: Out of bounds read in GPU
* CVE-2026-8547: Insufficient policy enforcement in Passwords
* CVE-2026-8548: Out of bounds write in Media
* CVE-2026-8549: Use after free in Media
* CVE-2026-8550: Use after free in Google Lens
* CVE-2026-8551: Use after free in Downloads
* CVE-2026-8552: Heap buffer overflow in GPU
* CVE-2026-8553: Use after free in GPU
* CVE-2026-8554: Type Confusion in ANGLE
* CVE-2026-8555: Use after free in GTK
* CVE-2026-8556: Inappropriate implementation in ANGLE
* CVE-2026-8557: Use after free in Accessibility
* CVE-2026-8559: Integer overflow in Internationalization
* CVE-2026-8560: Heap buffer overflow in SwiftShader
* CVE-2026-8561: Incorrect security UI in Fullscreen
* CVE-2026-8562: Side-channel information leakage in Navigation
* CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox
* CVE-2026-8564: Incorrect security UI in Downloads
* CVE-2026-8565: Inappropriate implementation in Downloads
* CVE-2026-8566: Insufficient policy enforcement in Payments
* CVE-2026-8567: Integer overflow in ANGLE
* CVE-2026-8568: Insufficient policy enforcement in AI
* CVE-2026-8569: Out of bounds write in Codecs
* CVE-2026-8570: Type Confusion in V8
* CVE-2026-8571: Insufficient policy enforcement in GPU
* CVE-2026-8572: Insufficient policy enforcement in Network
* CVE-2026-8573: Integer overflow in Codecs
* CVE-2026-8574: Use after free in Core
* CVE-2026-8575: Use after free in UI
* CVE-2026-8576: Inappropriate implementation in CORS
* CVE-2026-8577: Integer overflow in Fonts
* CVE-2026-8578: Out of bounds read in GPU
* CVE-2026-8579: Insufficient validation of untrusted input in Skia
* CVE-2026-8580: Use after free in Mojo
* CVE-2026-8581: Use after free in GPU
* CVE-2026-8582: Object lifecycle issue in Dawn
* CVE-2026-8583: Insufficient policy enforcement in WebXR
* CVE-2026-8584: Inappropriate implementation in Views
* CVE-2026-8585: Inappropriate implementation in Media
* CVE-2026-8586: Inappropriate implementation in Chromoting
* CVE-2026-8587: Use after free in Extensions
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c758d44a9a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: dotnet8.0-8.0.127-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-223f4839fc
2026-05-23 00:56:16.173355+00:00
--------------------------------------------------------------------------------
Name : dotnet8.0
Product : Fedora 44
Version : 8.0.127
Release : 1.fc44
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
Update to .NET SDK 8.0.127 and Runtime 8.0.27
Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-
notes/8.0/8.0.27/8.0.127.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/8.0/8.0.27/8.0.27.md
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Omair Majid [omajid@redhat.com] - 8.0.127-1
- Update to .NET SDK 8.0.127 and Runtime 8.0.27
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-223f4839fc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: perl-Apache-Session-Browseable-1.3.19-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-19d80281b7
2026-05-23 00:56:16.173336+00:00
--------------------------------------------------------------------------------
Name : perl-Apache-Session-Browseable
Product : Fedora 44
Version : 1.3.19
Release : 1.fc44
URL : https://metacpan.org/release/Apache-Session-Browseable
Summary : Add index and search methods to Apache::Session
Description :
A virtual Apache::Session back-end providing some class methods to manipulate
all sessions and add the capability to index some fields to make re-search
faster.
--------------------------------------------------------------------------------
Update Information:
This update has improvements to generate more secure session IDs
(CVE-2026-8503).
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 14 2026 Paul Howarth - 1.3.19-1
- Update to 1.3.19 (rhbz#2477392)
- Apache::Session::Generate::SHA256 used a low-entropy seed (time, PID, rand,
stringified hash ref) to derive session identifiers; use Crypt::URandom to
generate session ids from a cryptographically secure source, falling back
to the previous hashing method only if Crypt::URandom is unavailable
(CVE-2026-8503, similar in scope to CVE-2025-40931 and CVE-2025-40932)
- Fix Redis indexes: never cleaned before
- Improve resilience and reliability of Patroni driver
* Thu Apr 9 2026 Xavier Bachelot [xavier@bachelot.org] - 1.3.18-4
- BR: perl(DBD::Cassandra) to improve test coverage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2477392 - perl-Apache-Session-Browseable-1.3.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2477392
[ 2 ] Bug #2477847 - CVE-2026-8503 perl-Apache-Session-Browseable: perl-Apache-Session-Browseable: Predictable session IDs allow unauthorized system access [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2477847
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-19d80281b7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: dotnet10.0-10.0.108-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-0d598afbf9
2026-05-23 00:56:16.173333+00:00
--------------------------------------------------------------------------------
Name : dotnet10.0
Product : Fedora 44
Version : 10.0.108
Release : 1.fc44
URL : https://github.com/dotnet/
Summary : .NET 10.0 Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
Update to .NET SDK 10.0.108 and Runtime 10.0.8
Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-
notes/10.0/10.0.8/10.0.108.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/10.0/10.0.8/10.0.8.md
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Omair Majid [omajid@redhat.com] - 10.0.108-1
- Update to .NET SDK 10.0.108 and Runtime 10.0.8
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-0d598afbf9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: dotnet9.0-9.0.117-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9c63a012b9
2026-05-23 00:56:16.173331+00:00
--------------------------------------------------------------------------------
Name : dotnet9.0
Product : Fedora 44
Version : 9.0.117
Release : 1.fc44
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
Update to .NET SDK 9.0.117 and Runtime 9.0.16
Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.16/9.0.117.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.16/9.0.16.md
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Omair Majid [omajid@redhat.com] - 9.0.117-1
- Update to .NET SDK 9.0.117 and Runtime 9.0.16
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9c63a012b9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: docker-buildkit-0.30.0-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-5045ce29e3
2026-05-23 00:56:16.173310+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 44
Version : 0.30.0
Release : 1.fc44
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to release v0.30.0
Resolves CVE-2026-39984: rhbz#2458929
Upstream new features and fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Bradley G Smith [bradley.g.smith@gmail.com] - 0.30.0-1
- Update to release v0.30.0
- Resolves CVE-2026-39984: rhbz#2458929
- Upstream new features and fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2458929 - CVE-2026-39984 docker-buildkit: improper certificate validation in verifier [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458929
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-5045ce29e3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: docker-buildx-0.34.0-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-7f8de90b74
2026-05-23 00:56:16.173313+00:00
--------------------------------------------------------------------------------
Name : docker-buildx
Product : Fedora 44
Version : 0.34.0
Release : 1.fc44
URL : https://github.com/docker/buildx
Summary : Docker CLI plugin for extended build capabilities with BuildKit
Description :
Docker CLI plugin for extended build capabilities with BuildKit.
--------------------------------------------------------------------------------
Update Information:
Update to release v0.34.0
Resolves: rhbz#2467576
Resolves CVE-2026-39984: rhbz#2458930
Upstream new features and fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Bradley G Smith [bradley.g.smith@gmail.com] - 0.34.0-1
- Update to release v0.34.0
- Resolves: rhbz#2467576
- Resolves CVE-2026-39984: rhbz#2458930
- Upstream new features and fixes
* Thu Apr 2 2026 Bradley G Smith [bradley.g.smith@gmail.com] - 0.33.0-2
- Update to new spec file
- Regenerate spec file using go2rpm
- Use gocheck2. Current v0.33.0 release will sometimes fail during check
phase with an https related test. No obvious pattern related to
architecture. gocheck2 will allow for test to be skipped if needed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2458930 - CVE-2026-39984 docker-buildx: improper certificate validation in verifier [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458930
[ 2 ] Bug #2467576 - docker-buildx-0.34.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467576
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-7f8de90b74' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: python3.15-3.15.0~b1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2ee2d7abd5
2026-05-23 00:56:16.173292+00:00
--------------------------------------------------------------------------------
Name : python3.15
Product : Fedora 44
Version : 3.15.0~b1
Release : 1.fc44
URL : https://www.python.org/
Summary : Version 3.15 of the Python interpreter
Description :
Python 3.15 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3.15 package provides the "python3.15" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.15-libs package,
which should be installed automatically along with python3.15.
The remaining parts of the Python standard library are broken out into the
python3.15-tkinter and python3.15-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3.15-docs package.
Packages containing additional libraries for Python are generally named with
the "python3.15-" prefix.
--------------------------------------------------------------------------------
Update Information:
New prerelease of Python 3.15 with several CVE fixes
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 11 2026 Karolina Surma [ksurma@redhat.com] - 3.15.0~b1-1
- Update to Python 3.15.0b1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2457945 - CVE-2026-1502 python3.15: Python: HTTP header injection via CR/LF in proxy tunnel headers [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2457945
[ 2 ] Bug #2458017 - CVE-2026-6100 python3.15: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458017
[ 3 ] Bug #2458225 - CVE-2026-4786 python3.15: Python: Arbitrary code execution via command injection in webbrowser.open() API [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458225
[ 4 ] Bug #2458489 - CVE-2026-5713 python3.15: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process. [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458489
[ 5 ] Bug #2461289 - CVE-2026-3219 python3.15: pip: Incorrect file installation due to improper archive handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2461289
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2ee2d7abd5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: pie-1.4.4-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3d8d946f69
2026-05-23 00:56:16.173276+00:00
--------------------------------------------------------------------------------
Name : pie
Product : Fedora 44
Version : 1.4.4
Release : 1.fc44
URL : https://github.com/php/pie
Summary : PHP Installer for Extensions
Description :
PIE (PHP Installer for Extensions).
PIE can install an extension to any installed PHP version.
A list of extensions that support PIE can be found on
https://packagist.org/extensions.
Documentation: /usr/share/doc/pie/docs/usage.md
--------------------------------------------------------------------------------
Update Information:
Version 1.4.4
Dependencies
Update Composer to 2.9.8
Version 1.4.3
add output check for dnf permission denied thanks to @asgrim and @hackel
don't auto install re2c and bison thanks to @asgrim and @hackel
fix two packages found for same ext in pie show etc thanks to @asgrim and
@hackel
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Remi Collet [remi@remirepo.net] - 1.4.4-1
- update to 1.4.4
* Tue May 12 2026 Remi Collet [remi@remirepo.net] - 1.4.3-1
- update to 1.4.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3d8d946f69' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-bd05cb6c4d
2026-05-23 00:56:16.173256+00:00
--------------------------------------------------------------------------------
Name : composer
Product : Fedora 44
Version : 2.9.8
Release : 1.fc44
URL : https://getcomposer.org/
Summary : Dependency Manager for PHP
Description :
Composer helps you declare, manage and install dependencies of PHP projects,
ensuring you have the right stack everywhere.
Documentation: https://getcomposer.org/doc/
--------------------------------------------------------------------------------
Update Information:
Version 2.9.8 - 2026-05-13
Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2026 Remi Collet [remi@remirepo.net] - 2.9.8-1
- update to 2.9.8
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-bd05cb6c4d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
