Fedora 44 Update: freerdp-3.23.0-1.fc44
Fedora 42 Update: libsixel-1.10.5-5.fc42
Fedora 42 Update: opensips-3.5.9-2.fc42
Fedora 43 Update: libsixel-1.10.5-5.fc43
Fedora 44 Update: yt-dlp-2026.02.21-1.fc44
[SECURITY] Fedora 44 Update: freerdp-3.23.0-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a160e550ec
2026-03-06 05:59:58.272336+00:00
--------------------------------------------------------------------------------
Name : freerdp
Product : Fedora 44
Version : 3.23.0
Release : 1.fc44
URL : http://www.freerdp.com/
Summary : Free implementation of the Remote Desktop Protocol (RDP)
Description :
The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP
project.
xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows
machines, xrdp and VirtualBox.
--------------------------------------------------------------------------------
Update Information:
Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271,
CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953,
CVE-2026-25952, CVE-2026-25942, CVE-2026-25941
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2026 Neal Gompa [ngompa@fedoraproject.org] - 2:3.23.0-1
- Update to 3.23.0 (CVE-2026-26965, CVE-2026-26955, CVE-2026-26271,
CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954,
CVE-2026-25953, CVE-2026-25952, CVE-2026-25942, CVE-2026-25941)
Resolves: rhbz#2442589
- Small spec cleanups
- Enable rdp2tcp channel support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2442589 - freerdp-3.23.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2442589
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a160e550ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: libsixel-1.10.5-5.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-57cd5704e9
2026-03-06 01:27:14.988023+00:00
--------------------------------------------------------------------------------
Name : libsixel
Product : Fedora 42
Version : 1.10.5
Release : 5.fc42
URL : https://github.com/libsixel/libsixel
Summary : SIXEL encoding and decoding
Description :
An encoder/decoder implementation for DEC SIXEL graphics.
--------------------------------------------------------------------------------
Update Information:
Apply fix for CVE-2025-61146
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2026 ErrorNoInternet [errornointernet@envs.net] - 1.10.5-5
- Apply fix for CVE-2025-61146
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2442029 - CVE-2025-61146 libsixel: memory leak in rpl_malloc() in malloc_stub.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2442029
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-57cd5704e9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-1a199d8524
2026-03-06 01:27:14.988048+00:00
--------------------------------------------------------------------------------
Name : opensips
Product : Fedora 42
Version : 3.5.9
Release : 2.fc42
URL : https://opensips.org
Summary : Open Source SIP Server
Description :
OpenSIPS or Open SIP Server is a very fast and flexible SIP (RFC3261)
proxy server. Written entirely in C, opensips can handle thousands calls
per second even on low-budget hardware. A C Shell like scripting language
provides full control over the server's behaviour. It's modular
architecture allows only required functionality to be loaded.
Currently the following modules are available: digest authentication,
CPL scripts, instant messaging, MySQL and UNIXODBC support, a presence agent,
radius authentication, record routing, an SMS gateway, a jabber gateway, a
transaction and dialog module, OSP module, statistics support,
registrar and user location.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2026-25554
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2026 Peter Lemenkov [lemenkov@gmail.com] - 3.5.9-2
- Backpost CVE-2026-25554 fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2442706 - CVE-2026-25554 opensips: OpenSIPS: Authentication bypass due to SQL injection in JWT processing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2442706
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-1a199d8524' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: libsixel-1.10.5-5.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b227fad171
2026-03-06 01:08:13.743328+00:00
--------------------------------------------------------------------------------
Name : libsixel
Product : Fedora 43
Version : 1.10.5
Release : 5.fc43
URL : https://github.com/libsixel/libsixel
Summary : SIXEL encoding and decoding
Description :
An encoder/decoder implementation for DEC SIXEL graphics.
--------------------------------------------------------------------------------
Update Information:
Apply fix for CVE-2025-61146
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2026 ErrorNoInternet [errornointernet@envs.net] - 1.10.5-5
- Apply fix for CVE-2025-61146
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2442029 - CVE-2025-61146 libsixel: memory leak in rpl_malloc() in malloc_stub.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2442029
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b227fad171' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: yt-dlp-2026.02.21-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-937e768833
2026-03-05 17:05:56.954208+00:00
--------------------------------------------------------------------------------
Name : yt-dlp
Product : Fedora 44
Version : 2026.02.21
Release : 1.fc44
URL : https://github.com/yt-dlp/yt-dlp
Summary : A command-line program to download videos from online video platforms
Description :
yt-dlp is a command-line program to download videos from many different online
video platforms, such as youtube.com. The project is a fork of youtube-dl with
additional features and fixes.
--------------------------------------------------------------------------------
Update Information:
Update to 2026.02.21. Fixes rhbz#2441709.
Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)
* Sat Feb 21 2026 Dominik 'Rathann' Mierzejewski [dominik@greysector.net] -
2026.02.04-2
- fix FTBFS with python 3.14.3
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 24 2026 Maxwell G [maxwell@gtmx.me] - 2026.02.21-1
- Update to 2026.02.21. Fixes rhbz#2441709.
- Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)
* Sat Feb 21 2026 Dominik 'Rathann' Mierzejewski [dominik@greysector.net] - 2026.02.04-2
- fix FTBFS with python 3.14.3
* Mon Feb 9 2026 Maxwell G [maxwell@gtmx.me] - 2026.02.04-1
- Update to 2026.02.04. Fixes rhbz#2435740.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2441709 - yt-dlp-2026.02.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2441709
[ 2 ] Bug #2442244 - CVE-2026-26331 yt-dlp: yt-dlp: Arbitrary command injection via maliciously crafted URL when --netrc-cmd is used [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2442244
[ 3 ] Bug #2442427 - [F44 CLONE] CVE-2026-26331 yt-dlp: yt-dlp: Arbitrary command injection via maliciously crafted URL when --netrc-cmd is used [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2442427
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-937e768833' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
