Fedora 42 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc42
Fedora 42 Update: freerdp-3.23.0-1.fc42
Fedora 43 Update: chromium-146.0.7680.71-1.fc43
Fedora 43 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc43
Fedora 43 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc43
Fedora 44 Update: chromium-146.0.7680.71-1.fc44
Fedora 44 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc44
Fedora 44 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc44
Fedora 44 Update: gstreamer1-rtsp-server-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-plugins-base-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-plugins-bad-free-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-1.28.1-1.fc44
Fedora 44 Update: python-gstreamer1-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-plugins-ugly-free-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-plugins-good-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-plugin-libav-1.28.1-1.fc44
Fedora 44 Update: gstreamer1-doc-1.28.1-1.fc44
Fedora 44 Update: gst-editing-services-1.28.1-1.fc44
Fedora 44 Update: gst-devtools-1.28.1-1.fc44
[SECURITY] Fedora 42 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-bfa5bd0004
2026-03-14 02:22:24.216879+00:00
--------------------------------------------------------------------------------
Name : SDL2_sound
Product : Fedora 42
Version : 2.0.5^20260117git1be041b
Release : 1.fc42
URL : http://www.icculus.org/SDL_sound
Summary : An abstract soundfile decoder library
Description :
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
--------------------------------------------------------------------------------
Update Information:
Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled
dr_flac.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2026 Dominik Mierzejewski [dominik@greysector.net] - 2.0.5^20260117git1be041b-1
- update to 20260117 snapshot from stable-2.0 branch
- fixes CVE-2025-14369 (resolves rhbz#2431177)
- fixes rpmbuild -bi --short-circuit
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Thu Jul 31 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 2.0.4-5
- Go back to bundling dr_flac and dr_mp3, since it is not straightforward to
patch for the current releases
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Mar 24 2025 Tim Landscheidt - 2.0.4-3
- Fix documentation for devel subpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2431177 - CVE-2025-14369 SDL2_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431177
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-bfa5bd0004' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: freerdp-3.23.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-53fe996a57
2026-03-14 02:22:24.216855+00:00
--------------------------------------------------------------------------------
Name : freerdp
Product : Fedora 42
Version : 3.23.0
Release : 1.fc42
URL : http://www.freerdp.com/
Summary : Free implementation of the Remote Desktop Protocol (RDP)
Description :
The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP
project.
xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows
machines, xrdp and VirtualBox.
--------------------------------------------------------------------------------
Update Information:
Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271,
CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953,
CVE-2026-25952, CVE-2026-25942, CVE-2026-25941
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2026 Neal Gompa [ngompa@fedoraproject.org] - 2:3.23.0-1
- Update to 3.23.0 (CVE-2026-26965, CVE-2026-26955, CVE-2026-26271,
CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954,
CVE-2026-25953, CVE-2026-25952, CVE-2026-25942, CVE-2026-25941)
Resolves: rhbz#2442589
- Small spec cleanups
- Enable rdp2tcp channel support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2442856 - CVE-2026-25955 freerdp: FreeRDP: Denial of Service via use-after-free in xf_AppUpdateWindowFromSurface [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2442856
[ 2 ] Bug #2442972 - CVE-2026-26965 freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2442972
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-53fe996a57' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: chromium-146.0.7680.71-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-0dc0c88f83
2026-03-14 02:19:04.531326+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 43
Version : 146.0.7680.71
Release : 1.fc43
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 146.0.7680.71
* CVE-2026-3913: Heap buffer overflow in WebML
* CVE-2026-3914: Integer overflow in WebML
* CVE-2026-3915: Heap buffer overflow in WebML
* CVE-2026-3916: Out of bounds read in Web Speech
* CVE-2026-3917: Use after free in Agents
* CVE-2026-3918: Use after free in WebMCP
* CVE-2026-3919: Use after free in Extensions
* CVE-2026-3920: Out of bounds memory access in WebML
* CVE-2026-3921: Use after free in TextEncoding
* CVE-2026-3922: Use after free in MediaStream
* CVE-2026-3923: Use after free in WebMIDI
* CVE-2026-3924: Use after free in WindowDialog
* CVE-2026-3925: Incorrect security UI in LookalikeChecks
* CVE-2026-3926: Out of bounds read in V8
* CVE-2026-3927: Incorrect security UI in PictureInPicture
* CVE-2026-3928: Insufficient policy enforcement in Extensions
* CVE-2026-3929: Side-channel information leakage in ResourceTiming
* CVE-2026-3930: Unsafe navigation in Navigation
* CVE-2026-3931: Heap buffer overflow in Skia
* CVE-2026-3932: Insufficient policy enforcement in PDF
* CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
* CVE-2026-3935: Incorrect security UI in WebAppInstalls
* CVE-2026-3936: Use after free in WebView
* CVE-2026-3937: Incorrect security UI in Downloads
* CVE-2026-3938: Insufficient policy enforcement in Clipboard
* CVE-2026-3939: Insufficient policy enforcement in PDF
* CVE-2026-3940: Insufficient policy enforcement in DevTools
* CVE-2026-3941: Insufficient policy enforcement in DevTools
* CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 12 2026 Than Ngo [than@redhat.com] - 146.0.7680.71-1
- Update to 146.0.7680.71
* CVE-2026-3913: Heap buffer overflow in WebML
* CVE-2026-3914: Integer overflow in WebML
* CVE-2026-3915: Heap buffer overflow in WebML
* CVE-2026-3916: Out of bounds read in Web Speech
* CVE-2026-3917: Use after free in Agents
* CVE-2026-3918: Use after free in WebMCP
* CVE-2026-3919: Use after free in Extensions
* CVE-2026-3920: Out of bounds memory access in WebML
* CVE-2026-3921: Use after free in TextEncoding
* CVE-2026-3922: Use after free in MediaStream
* CVE-2026-3923: Use after free in WebMIDI
* CVE-2026-3924: Use after free in WindowDialog
* CVE-2026-3925: Incorrect security UI in LookalikeChecks
* CVE-2026-3926: Out of bounds read in V8
* CVE-2026-3927: Incorrect security UI in PictureInPicture
* CVE-2026-3928: Insufficient policy enforcement in Extensions
* CVE-2026-3929: Side-channel information leakage in ResourceTiming
* CVE-2026-3930: Unsafe navigation in Navigation
* CVE-2026-3931: Heap buffer overflow in Skia
* CVE-2026-3932: Insufficient policy enforcement in PDF
* CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
* CVE-2026-3935: Incorrect security UI in WebAppInstalls
* CVE-2026-3936: Use after free in WebView
* CVE-2026-3937: Incorrect security UI in Downloads
* CVE-2026-3938: Insufficient policy enforcement in Clipboard
* CVE-2026-3939: Insufficient policy enforcement in PDF
* CVE-2026-3940: Insufficient policy enforcement in DevTools
* CVE-2026-3941: Insufficient policy enforcement in DevTools
* CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-0dc0c88f83' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-243f5046dc
2026-03-14 02:19:04.531273+00:00
--------------------------------------------------------------------------------
Name : SDL3_sound
Product : Fedora 43
Version : 3.0.0~20260117gitb00e4a3
Release : 1.fc43
URL : https://www.icculus.org/SDL_sound
Summary : An abstract soundfile decoder library
Description :
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
--------------------------------------------------------------------------------
Update Information:
Latest snapshot from 3.0 branch. Fixes CVE-2025-14369.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2026 Dominik 'Rathann' Mierzejewski [dominik@greysector.net] - 3.0.0~20260117gitb00e4a3-1
- update to 20260117 snapshot from main (3.0) branch
- fixes CVE-2025-14369 (resolves rhbz#2431178)
- fixes rpmbuild -bi --short-circuit
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 3.0.0~20250724git5c76963-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 3.0.0~20250724git5c76963-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2431178 - CVE-2025-14369 SDL3_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431178
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-243f5046dc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-6ea6f0a56b
2026-03-14 02:19:04.531270+00:00
--------------------------------------------------------------------------------
Name : SDL2_sound
Product : Fedora 43
Version : 2.0.5^20260117git1be041b
Release : 1.fc43
URL : http://www.icculus.org/SDL_sound
Summary : An abstract soundfile decoder library
Description :
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
--------------------------------------------------------------------------------
Update Information:
Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled
dr_flac.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2026 Dominik Mierzejewski [dominik@greysector.net] - 2.0.5^20260117git1be041b-1
- update to 20260117 snapshot from stable-2.0 branch
- fixes CVE-2025-14369 (resolves rhbz#2431177)
- fixes rpmbuild -bi --short-circuit
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2431177 - CVE-2025-14369 SDL2_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431177
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-6ea6f0a56b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: chromium-146.0.7680.71-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-6e868c481c
2026-03-14 00:15:28.464596+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 44
Version : 146.0.7680.71
Release : 1.fc44
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 146.0.7680.71
* CVE-2026-3913: Heap buffer overflow in WebML
* CVE-2026-3914: Integer overflow in WebML
* CVE-2026-3915: Heap buffer overflow in WebML
* CVE-2026-3916: Out of bounds read in Web Speech
* CVE-2026-3917: Use after free in Agents
* CVE-2026-3918: Use after free in WebMCP
* CVE-2026-3919: Use after free in Extensions
* CVE-2026-3920: Out of bounds memory access in WebML
* CVE-2026-3921: Use after free in TextEncoding
* CVE-2026-3922: Use after free in MediaStream
* CVE-2026-3923: Use after free in WebMIDI
* CVE-2026-3924: Use after free in WindowDialog
* CVE-2026-3925: Incorrect security UI in LookalikeChecks
* CVE-2026-3926: Out of bounds read in V8
* CVE-2026-3927: Incorrect security UI in PictureInPicture
* CVE-2026-3928: Insufficient policy enforcement in Extensions
* CVE-2026-3929: Side-channel information leakage in ResourceTiming
* CVE-2026-3930: Unsafe navigation in Navigation
* CVE-2026-3931: Heap buffer overflow in Skia
* CVE-2026-3932: Insufficient policy enforcement in PDF
* CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
* CVE-2026-3935: Incorrect security UI in WebAppInstalls
* CVE-2026-3936: Use after free in WebView
* CVE-2026-3937: Incorrect security UI in Downloads
* CVE-2026-3938: Insufficient policy enforcement in Clipboard
* CVE-2026-3939: Insufficient policy enforcement in PDF
* CVE-2026-3940: Insufficient policy enforcement in DevTools
* CVE-2026-3941: Insufficient policy enforcement in DevTools
* CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 12 2026 Than Ngo [than@redhat.com] - 146.0.7680.71-1
- Update to 146.0.7680.71
* CVE-2026-3913: Heap buffer overflow in WebML
* CVE-2026-3914: Integer overflow in WebML
* CVE-2026-3915: Heap buffer overflow in WebML
* CVE-2026-3916: Out of bounds read in Web Speech
* CVE-2026-3917: Use after free in Agents
* CVE-2026-3918: Use after free in WebMCP
* CVE-2026-3919: Use after free in Extensions
* CVE-2026-3920: Out of bounds memory access in WebML
* CVE-2026-3921: Use after free in TextEncoding
* CVE-2026-3922: Use after free in MediaStream
* CVE-2026-3923: Use after free in WebMIDI
* CVE-2026-3924: Use after free in WindowDialog
* CVE-2026-3925: Incorrect security UI in LookalikeChecks
* CVE-2026-3926: Out of bounds read in V8
* CVE-2026-3927: Incorrect security UI in PictureInPicture
* CVE-2026-3928: Insufficient policy enforcement in Extensions
* CVE-2026-3929: Side-channel information leakage in ResourceTiming
* CVE-2026-3930: Unsafe navigation in Navigation
* CVE-2026-3931: Heap buffer overflow in Skia
* CVE-2026-3932: Insufficient policy enforcement in PDF
* CVE-2026-3934: Insufficient policy enforcement in ChromeDriver
* CVE-2026-3935: Incorrect security UI in WebAppInstalls
* CVE-2026-3936: Use after free in WebView
* CVE-2026-3937: Incorrect security UI in Downloads
* CVE-2026-3938: Insufficient policy enforcement in Clipboard
* CVE-2026-3939: Insufficient policy enforcement in PDF
* CVE-2026-3940: Insufficient policy enforcement in DevTools
* CVE-2026-3941: Insufficient policy enforcement in DevTools
* CVE-2026-3942: Incorrect security UI in PictureInPicture
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-6e868c481c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c8cb37d552
2026-03-14 00:15:28.464504+00:00
--------------------------------------------------------------------------------
Name : SDL3_sound
Product : Fedora 44
Version : 3.0.0~20260117gitb00e4a3
Release : 1.fc44
URL : https://www.icculus.org/SDL_sound
Summary : An abstract soundfile decoder library
Description :
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
--------------------------------------------------------------------------------
Update Information:
Latest snapshot from 3.0 branch. Fixes CVE-2025-14369.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2026 Dominik 'Rathann' Mierzejewski [dominik@greysector.net] - 3.0.0~20260117gitb00e4a3-1
- update to 20260117 snapshot from main (3.0) branch
- fixes CVE-2025-14369 (resolves rhbz#2431178)
- fixes rpmbuild -bi --short-circuit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2431178 - CVE-2025-14369 SDL3_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431178
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c8cb37d552' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9b4cb66a86
2026-03-14 00:15:28.464500+00:00
--------------------------------------------------------------------------------
Name : SDL2_sound
Product : Fedora 44
Version : 2.0.5^20260117git1be041b
Release : 1.fc44
URL : http://www.icculus.org/SDL_sound
Summary : An abstract soundfile decoder library
Description :
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
--------------------------------------------------------------------------------
Update Information:
Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled
dr_flac.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 5 2026 Dominik Mierzejewski [dominik@greysector.net] - 2.0.5^20260117git1be041b-1
- update to 20260117 snapshot from stable-2.0 branch
- fixes CVE-2025-14369 (resolves rhbz#2431177)
- fixes rpmbuild -bi --short-circuit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2431177 - CVE-2025-14369 SDL2_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2431177
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9b4cb66a86' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-rtsp-server-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-rtsp-server
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer RTSP server library
Description :
A GStreamer-based RTSP server library.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-plugins-base-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-plugins-base
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer streaming media framework base plugins
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plug-ins.
This package contains a set of well-maintained base plug-ins.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-plugins-bad-free-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-plugins-bad-free
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer streaming media framework "bad" plugins
Description :
GStreamer is a streaming media framework, based on graphs of elements which
operate on media data.
This package contains plug-ins that aren't tested well enough, or the code
is not of good enough quality.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
* Mon Feb 16 2026 Marcin Juszkiewicz [mjuszkiewicz@redhat.com] - 1.28.0-5
- Disable onnx on riscv64 port
* Fri Feb 6 2026 Yaakov Selkowitz [yselkowi@redhat.com] - 1.28.0-4
- Move HIP plugin to main package
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer streaming media framework runtime
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plugins.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: python-gstreamer1-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : python-gstreamer1
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : Python bindings for GStreamer
Description :
This module contains PyGObject overrides to make it easier to write
applications that use GStreamer 1.x in Python.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- new version
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-plugins-ugly-free-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-plugins-ugly-free
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer streaming media framework "ugly" plugins
Description :
GStreamer is a streaming media framework, based on graphs of elements which
operate on media data.
This package contains plug-ins whose license is not fully compatible with LGPL.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-plugins-good-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-plugins-good
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer plugins with good code and licensing
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plugins.
GStreamer Good Plugins is a collection of well-supported plugins of
good quality and under the LGPL license.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-plugin-libav-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-plugin-libav
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : https://gstreamer.freedesktop.org/
Summary : GStreamer FFmpeg/LibAV plugin
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plugins.
This package provides FFmpeg/LibAV GStreamer plugin.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gstreamer1-doc-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gstreamer1-doc
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer documentation
Description :
GStreamer documentation.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gst-editing-services-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gst-editing-services
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : http://cgit.freedesktop.org/gstreamer/gst-editing-services/
Summary : Gstreamer editing services
Description :
This is a high-level library for facilitating the creation of audio/video
non-linear editors.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: gst-devtools-1.28.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9cfb46ac78
2026-03-14 00:15:28.464474+00:00
--------------------------------------------------------------------------------
Name : gst-devtools
Product : Fedora 44
Version : 1.28.1
Release : 1.fc44
URL : https://gstreamer.freedesktop.org/src/gst-devtools
Summary : Development and debugging tools for GStreamer
Description :
Development and debugging tools for GStreamer.
--------------------------------------------------------------------------------
Update Information:
1.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 26 2026 Gwyn Ciesla [gwync@protonmail.com] - 1.28.1-1
- 1.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
