Keylime, libssh2, CryptX, and NASM updates for Fedora

Fedora Linux 9377 Published by

Fedora administrators should immediately deploy these critical security patches across both version 43 and version 44 environments. The updates address several dangerous vulnerabilities within essential packages like Keylime, libssh2, perl-CryptX, and NASM. Each release tackles a distinct threat vector that could otherwise enable remote attackers to bypass authentication checks or trigger arbitrary code execution through malformed data inputs. System owners can quickly apply the necessary corrections by executing the standard dnf upgrade command with the specific advisory identifiers listed in the notification headers.

Fedora 43 Update: keylime-7.14.2-1.fc43
Fedora 43 Update: perl-CryptX-0.089-1.fc43
Fedora 43 Update: libssh2-1.11.1-6.fc43
Fedora 44 Update: nasm-3.01-3.fc44
Fedora 44 Update: keylime-7.14.2-1.fc44
Fedora 44 Update: perl-CryptX-0.089-1.fc44




[SECURITY] Fedora 43 Update: keylime-7.14.2-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-513c495139
2026-06-07 01:06:43.462201+00:00
--------------------------------------------------------------------------------

Name : keylime
Product : Fedora 43
Version : 7.14.2
Release : 1.fc43
URL : https://github.com/keylime/keylime
Summary : Open source TPM software for Bootstrapping and Maintaining Trust
Description :
Keylime is a TPM based highly scalable remote boot attestation
and runtime integrity measurement solution.

--------------------------------------------------------------------------------
Update Information:

Updating for Keylime release v7.14.2:
This includes the fix for CVE-2026-6420.
Update keylime-selinux policy to the latest version 44.1.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 27 2026 Anderson Toshiyuki Sasaki [ansasaki@redhat.com] - 7.14.2-1
- Updating for Keylime release v7.14.2
- This includes the fix for CVE-2026-6420.
- Update keylime-selinux policy to the latest version 44.1.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2467277 - keylime-7.14.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467277
[ 2 ] Bug #2467584 - CVE-2026-6420 keylime: Keylime: Security bypass due to hardcoded TPM quote nonce [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467584
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-513c495139' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: perl-CryptX-0.089-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2ef4c0c642
2026-06-07 01:06:43.462193+00:00
--------------------------------------------------------------------------------

Name : perl-CryptX
Product : Fedora 43
Version : 0.089
Release : 1.fc43
URL : https://metacpan.org/release/CryptX
Summary : Cryptographic toolkit
Description :
This Perl library provides a cryptography based on LibTomCrypt library.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2026-41565
--------------------------------------------------------------------------------
ChangeLog:

* Sun May 10 2026 Xavier Bachelot [xavier@bachelot.org] - 0.089-1
- Update to 0.089 (RHBZ#2468592)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2482788 - CVE-2026-41565 perl-CryptX: perl-CryptX: Stack buffer overflow allows arbitrary code execution via a crafted authentication tag. [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2482788
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2ef4c0c642' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: libssh2-1.11.1-6.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-1b9134cdc9
2026-06-07 01:06:43.462152+00:00
--------------------------------------------------------------------------------

Name : libssh2
Product : Fedora 43
Version : 1.11.1
Release : 6.fc43
URL : https://www.libssh2.org/
Summary : A library implementing the SSH2 protocol
Description :
libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25),
SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*,
SECSH-DHGEX(04), and SECSH-NUMBERS(10).

--------------------------------------------------------------------------------
Update Information:

This update addresses CVE-2026-7598, a potential heap buffer overflow, which
could be triggered remotely by supplying very long username and/or password
strings.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 22 2026 Paul Howarth - 1.11.1-6
- Fix CVE-2026-7598: integer overflow via large username or password arguments
( https://github.com/libssh2/libssh2/pull/1858)
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.11.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2468328 - CVE-2026-7598 libssh2: integer overflow via large username or password arguments [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2468328
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-1b9134cdc9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: nasm-3.01-3.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-eaae48ece0
2026-06-07 00:55:32.282503+00:00
--------------------------------------------------------------------------------

Name : nasm
Product : Fedora 44
Version : 3.01
Release : 3.fc44
URL : http://www.nasm.us
Summary : A portable x86 assembler which uses Intel-like syntax
Description :
NASM is the Netwide Assembler, a free portable assembler for the Intel
80x86 microprocessor series, using primarily the traditional Intel
instruction mnemonics and syntax.

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2026-6067 .
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 22 2026 Dominik Mierzejewski [rpm@greysector.net] - 3.01-3
- fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089)
patch by Nick Clifton
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2458087 - CVE-2026-6067 nasm: Netwide Assembler (NASM): Arbitrary code execution via malicious assembly file processing [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2458087
[ 2 ] Bug #2458089 - CVE-2026-6067 nasm: Netwide Assembler (NASM): Arbitrary code execution via malicious assembly file processing [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2458089
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-eaae48ece0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: keylime-7.14.2-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9064cdf8ef
2026-06-07 00:55:32.282462+00:00
--------------------------------------------------------------------------------

Name : keylime
Product : Fedora 44
Version : 7.14.2
Release : 1.fc44
URL : https://github.com/keylime/keylime
Summary : Open source TPM software for Bootstrapping and Maintaining Trust
Description :
Keylime is a TPM based highly scalable remote boot attestation
and runtime integrity measurement solution.

--------------------------------------------------------------------------------
Update Information:

Updating for Keylime release v7.14.2:
This includes the fix for CVE-2026-6420.
Update keylime-selinux policy to the latest version 44.1.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 27 2026 Anderson Toshiyuki Sasaki [ansasaki@redhat.com] - 7.14.2-1
- Updating for Keylime release v7.14.2
- This includes the fix for CVE-2026-6420.
- Update keylime-selinux policy to the latest version 44.1.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2467277 - keylime-7.14.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467277
[ 2 ] Bug #2467584 - CVE-2026-6420 keylime: Keylime: Security bypass due to hardcoded TPM quote nonce [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2467584
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9064cdf8ef' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: perl-CryptX-0.089-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2158c96917
2026-06-07 00:55:32.282457+00:00
--------------------------------------------------------------------------------

Name : perl-CryptX
Product : Fedora 44
Version : 0.089
Release : 1.fc44
URL : https://metacpan.org/release/CryptX
Summary : Cryptographic toolkit
Description :
This Perl library provides a cryptography based on LibTomCrypt library.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2026-41565
--------------------------------------------------------------------------------
ChangeLog:

* Sun May 10 2026 Xavier Bachelot [xavier@bachelot.org] - 0.089-1
- Update to 0.089 (RHBZ#2468592)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2482788 - CVE-2026-41565 perl-CryptX: perl-CryptX: Stack buffer overflow allows arbitrary code execution via a crafted authentication tag. [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2482788
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2158c96917' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new


Dovecot, Apache2, Request Tracker5, and Tomcat9 updates for Debian

Unbound, PHP, Bind9.16, and Thunderbird updates for Rocky Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...