A security update for Fedora 43 is available, which includes updates to the linux-sgx package. The linux-sgx package provides Intel Linux SGX SDK and Platform Software, allowing developers to create and debug Intel SGX enabled applications in C/C++. The update addresses several CVEs related to nodejs modules used by the pccs daemon.

Separately, a security update for Fedora 43 is available for the python-aiohttp package. This update resolves an issue with test_send_compress_text_notakeover on s390x and closes bug #2434949.

Fedora 43 Update: linux-sgx-2.26-34.fc43
Fedora 43 Update: python-aiohttp-3.13.3-4.fc43

[SECURITY] Fedora 43 Update: linux-sgx-2.26-34.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a84e0ad039
2026-02-14 01:08:36.223091+00:00
--------------------------------------------------------------------------------

Name : linux-sgx
Product : Fedora 43
Version : 2.26
Release : 34.fc43
URL : https://github.com/intel/linux-sgx
Summary : Intel Linux SGX SDK and Platform Software
Description :
The Intel SGX SDK is a collection of APIs, libraries, documentations and
tools that allow software developers to create and debug Intel SGX
enabled applications in C/C++.

--------------------------------------------------------------------------------
Update Information:

Update nodejs modules used by pccs daemon for CVE-2026-23745, CVE-2026-23950,
CVE-2026-24842, CVE-2025-13465, CVE-2025-15284.
Remove Fedora override of default pccs daemon port.
Remove redundant dep on mpa_registration from pccs.
Add system scriptlets for pccs server.
Port to pycryptography & pyasn1.
Fix tracebacks in keyring code.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-33
- Fix pccsadmin 'cache' command help text
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-32
- Fix multiple nodejs CVEs in PCCS
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-31
- fix build for boost 1.90 update api breakage
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-29
- Fixes for GCC 16 build failures
* Wed Feb 4 2026 Miro Hron??ok [miro@hroncok.cz] - 2.26-27
- sgx-pccs-admin: Migrate from deprecated pkg_resources to packaging
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-26
- Drop dep from pccs to mpa_registration
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-25
- Improve pycryptography port & drop pccs port number change
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-24
- Add sgx-common dep from pccs
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-23
- Make npm dep conditional for RHEL-9
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-22
- Fix traceback when clearing keyring if none exists
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-21
- Drop sgx-mpa dep from sgx-pccs
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-20
- Port to pycryptography and pyasn1 and make keyring optional
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-19
- Add systemd & sysusers scriptlets for PCCS
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-18
- Enable pccsadmin everywhere
* Wed Feb 4 2026 Yaakov Selkowitz [yselkowi@redhat.com] - 2.26-17
- Use chrpath to remove RPATH
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-16
- Set execute on node_sqlite3.node for debuginfo
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-15
- Add patchelf as a build dep
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-14
- Purge nodejs sqlite3 rpath instead of disabling rpath checks
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-13
- Drop obsolete perl mangling cmd that is failing
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-12
- Re-add tinyxml2 bundling to be used in RHEL rebuilds
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-11
- Wildcard ignore more tarballs
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-10
- Stop using _sbindir for services
* Wed Feb 4 2026 Daniel P. Berrang?? [berrange@redhat.com] - 2.26-9
- Add newline in pccs.service
* Wed Feb 4 2026 V??t Ondruch [vondruch@redhat.com] - 2.26-8
- Rebuild for nodejs-packaging
* Wed Feb 4 2026 V??t Ondruch [vondruch@redhat.com] - 2.26-7
- Rebuild for nodejs-packaging
* Wed Nov 12 2025 V??t Ondruch [vondruch@redhat.com] - 2.26-6
- Rebuild for nodejs-packaging
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a84e0ad039' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 43 Update: python-aiohttp-3.13.3-4.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-66cb8ecfc2
2026-02-14 01:08:36.223045+00:00
--------------------------------------------------------------------------------

Name : python-aiohttp
Product : Fedora 43
Version : 3.13.3
Release : 4.fc43
URL : https://github.com/aio-libs/aiohttp
Summary : Python HTTP client/server for asyncio
Description :
Python HTTP client/server for asyncio which supports both the client and the
server side of the HTTP protocol, client and server websocket, and webservers
with middlewares and pluggable routing.

--------------------------------------------------------------------------------
Update Information:

https://github.com/aio-libs/aiohttp/blob/v3.13.3/CHANGES.rst
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 3 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 3.13.3-4
- Skip test_send_compress_text_notakeover on s390x for now
- Close RHBZ#2434949
* Tue Feb 3 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 3.13.3-3
- Revert "Drop s390xx for isal"
* Tue Feb 3 2026 Nicolas Chauvet [kwizart@gmail.com] - 3.13.3-2
- Drop s390xx for isal
* Tue Feb 3 2026 Nicolas Chauvet [kwizart@gmail.com] - 3.13.3-1
- Update to 3.13.3
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 3.13.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Oct 17 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 3.13.1-1
- Update to 3.13.1
* Thu Oct 16 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 3.13.0-1
- Update to 3.13.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2434949 - python-aiohttp: FTBFS in Fedora rawhide/f44
https://bugzilla.redhat.com/show_bug.cgi?id=2434949
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-66cb8ecfc2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new