Fedora 43 Update: mariadb10.11-10.11.18-2.fc43
Fedora 43 Update: python-pydantic-settings-2.14.2-1.fc43
Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43
Fedora 43 Update: podman-tui-1.11.2-1.fc43
Fedora 44 Update: chromium-149.0.7827.200-1.fc44
Fedora 44 Update: mariadb11.8-11.8.8-3.fc44
Fedora 44 Update: libssh2-1.11.1-9.fc44
Fedora 44 Update: podman-tui-1.11.2-1.fc44
Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44
[SECURITY] Fedora 43 Update: mariadb10.11-10.11.18-2.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-efc64a64ec
2026-06-29 01:10:47.357937+00:00
--------------------------------------------------------------------------------
Name : mariadb10.11
Product : Fedora 43
Version : 10.11.18
Release : 2.fc43
URL : http://mariadb.org
Summary : A very fast and robust SQL database server
Description :
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded
SQL database server. It is a client/server implementation consisting of
a server daemon (mariadbd) and many different client programs and libraries.
The base package contains the standard MariaDB/MySQL client programs and
utilities.
--------------------------------------------------------------------------------
Update Information:
MariaDB 10.11.18
Upstream Release notes:
https://mariadb.com/docs/release-notes/community-server/10.11/10.11.18
Upstream Changelog:
https://mariadb.com/docs/release-notes/community-
server/changelogs/10.11/10.11.18
Fixes CVEs:
CVE-2026-49261 CVE-2026-48165 CVE-2026-48163 CVE-2026-44173 CVE-2026-44172
CVE-2026-44171 CVE-2026-44170 CVE-2026-44168
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 25 2026 Franti??ek Zatloukal [fzatlouk@redhat.com] - 3:10.11.18-2
- Rebuilt for fmt/spdlog
* Wed Jun 3 2026 Pavol Sloboda [psloboda@redhat.com] - 3:10.11.18-1
- Rebase to 10.11.18
* Tue May 26 2026 Pavol Sloboda [psloboda@redhat.com] - 3:10.11.17-1
- Rebase to 10.11.17
* Thu Mar 19 2026 Michal Schorm [mschorm@redhat.com] - 3:10.11.16-3
- Bump release for package rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-efc64a64ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 43 Update: python-pydantic-settings-2.14.2-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ade10efd88
2026-06-29 01:10:47.357904+00:00
--------------------------------------------------------------------------------
Name : python-pydantic-settings
Product : Fedora 43
Version : 2.14.2
Release : 1.fc43
URL : https://github.com/pydantic/pydantic-settings
Summary : Settings management using pydantic
Description :
Settings management using pydantic.
--------------------------------------------------------------------------------
Update Information:
Update to 2.14.2; fixes GHSA-4xgf-cpjx-pc3j.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 19 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 2.14.2-1
- Update to 2.14.2; close RHBZ#2490754; fixes GHSA-4xgf-cpjx-pc3j
* Thu Jun 4 2026 Python Maint - 2.14.1-2
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2490754 - python-pydantic-settings-2.14.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2490754
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ade10efd88' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-460749ef95
2026-06-29 01:10:47.357894+00:00
--------------------------------------------------------------------------------
Name : prometheus-podman-exporter
Product : Fedora 43
Version : 1.21.1
Release : 1.fc43
URL : https://github.com/containers/prometheus-podman-exporter
Summary : Prometheus exporter for podman environment
Description :
Prometheus exporter for podman environments exposing containers, pods, images,
volumes and networks information.
--------------------------------------------------------------------------------
Update Information:
release 1.21.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 20 2026 Packit [hello@packit.dev] - 1.21.1-1
- Update to 1.21.1 upstream release
* Sat Mar 14 2026 Packit [hello@packit.dev] - 1.21.0-1
- Update to 1.21.0 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2421878 - CVE-2025-66506 prometheus-podman-exporter: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2421878
[ 2 ] Bug #2421883 - CVE-2025-66506 prometheus-podman-exporter: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2421883
[ 3 ] Bug #2455641 - CVE-2026-34986 prometheus-podman-exporter: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455641
[ 4 ] Bug #2455671 - CVE-2026-34986 prometheus-podman-exporter: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455671
[ 5 ] Bug #2486201 - CVE-2026-45287 prometheus-podman-exporter: OpenTelemetry-Go: Denial of Service due to file descriptor leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486201
[ 6 ] Bug #2486270 - CVE-2026-45287 prometheus-podman-exporter: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486270
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-460749ef95' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: podman-tui-1.11.2-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ac94948c8a
2026-06-29 01:10:47.357873+00:00
--------------------------------------------------------------------------------
Name : podman-tui
Product : Fedora 43
Version : 1.11.2
Release : 1.fc43
URL : https://github.com/containers/podman-tui
Summary : Podman Terminal User Interface
Description :
podman-tui is a terminal user interface for Podman.
podman-tui is using podman.socket service to communicate with podman environment
and SSH to connect to remote podman machines.
--------------------------------------------------------------------------------
Update Information:
release 1.11.2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 20 2026 Packit [hello@packit.dev] - 1.11.2-1
- Update to 1.11.2 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2421877 - CVE-2025-66506 podman-tui: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2421877
[ 2 ] Bug #2421882 - CVE-2025-66506 podman-tui: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2421882
[ 3 ] Bug #2455640 - CVE-2026-34986 podman-tui: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455640
[ 4 ] Bug #2455670 - CVE-2026-34986 podman-tui: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455670
[ 5 ] Bug #2486211 - CVE-2026-45287 podman-tui: OpenTelemetry-Go: Denial of Service due to file descriptor leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486211
[ 6 ] Bug #2486257 - CVE-2026-45287 podman-tui: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486257
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ac94948c8a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: chromium-149.0.7827.200-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-148601cd51
2026-06-29 00:57:02.525524+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 44
Version : 149.0.7827.200
Release : 1.fc44
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 149.0.7827.200
CVE-2026-13281: Integer overflow in Mojo
CVE-2026-13282: Use after free in Payments
CVE-2026-13283: Use after free in AdFilter
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 26 2026 Than Ngo [than@redhat.com] - 149.0.7827.200-1
- Update to 149.0.7827.200
CVE-2026-13281: Integer overflow in Mojo
CVE-2026-13282: Use after free in Payments
CVE-2026-13283: Use after free in AdFilter
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-148601cd51' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: mariadb11.8-11.8.8-3.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3fdd0e930d
2026-06-29 00:57:02.525506+00:00
--------------------------------------------------------------------------------
Name : mariadb11.8
Product : Fedora 44
Version : 11.8.8
Release : 3.fc44
URL : http://mariadb.org
Summary : A very fast and robust SQL database server
Description :
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded
SQL database server. It is a client/server implementation consisting of
a server daemon (mariadbd) and many different client programs and libraries.
The base package contains the standard MariaDB/MySQL client programs and
utilities.
--------------------------------------------------------------------------------
Update Information:
MariaDB 11.8.8
Upstream Release notes:
https://mariadb.com/docs/release-notes/community-server/11.8/11.8.8
Upstream Changelog:
https://mariadb.com/docs/release-notes/community-server/changelogs/11.8/11.8.8
Fixes CVEs:
CVE-2026-49261 CVE-2026-48165 CVE-2026-48163 CVE-2026-44173 CVE-2026-44172
CVE-2026-44171 CVE-2026-44170 CVE-2026-44169 CVE-2026-44168
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 25 2026 Franti??ek Zatloukal [fzatlouk@redhat.com] - 3:11.8.8-3
- Rebuilt for fmt/spdlog
* Fri Jun 12 2026 Yaakov Selkowitz [yselkowi@redhat.com] - 3:11.8.8-2
- Rebuilt for openssl 4.0
* Wed Jun 3 2026 Pavol Sloboda [psloboda@redhat.com] - 3:11.8.8-1
- Rebase to 11.8.8
* Wed May 20 2026 Michal Schorm [mschorm@redhat.com] - 3:11.8.7-1
- Rebase to 11.8.7
* Thu Mar 19 2026 Michal Schorm [mschorm@redhat.com] - 3:11.8.6-3
- Bump release for package rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3fdd0e930d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 44 Update: libssh2-1.11.1-9.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ca858b3ed8
2026-06-29 00:57:02.525499+00:00
--------------------------------------------------------------------------------
Name : libssh2
Product : Fedora 44
Version : 1.11.1
Release : 9.fc44
URL : https://www.libssh2.org/
Summary : A library implementing the SSH2 protocol
Description :
libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25),
SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*,
SECSH-DHGEX(04), and SECSH-NUMBERS(10).
--------------------------------------------------------------------------------
Update Information:
This update addresses a few security issues, one of which could plausibly result
in remote code execution.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 25 2026 Paul Howarth - 1.11.1-9
- Fix CVE-2025-15661: Information disclosure and denial of service via crafted
SFTP response
* Tue Jun 23 2026 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.11.1-8
- Fix CVE-2026-55200 & CVE-2026-55199
* Fri Jun 12 2026 Yaakov Selkowitz [yselkowi@redhat.com] - 1.11.1-7
- Rebuilt for openssl 4.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2491730 - CVE-2026-55199 libssh2: libssh2: Denial of Service via crafted SSH_MSG_EXT_INFO message [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2491730
[ 2 ] Bug #2491738 - CVE-2026-55200 libssh2: libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2491738
[ 3 ] Bug #2492698 - CVE-2025-15661 libssh2: libssh2: Information disclosure and denial of service via crafted SFTP response [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2492698
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ca858b3ed8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: podman-tui-1.11.2-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c55ec73fe2
2026-06-29 00:57:02.525432+00:00
--------------------------------------------------------------------------------
Name : podman-tui
Product : Fedora 44
Version : 1.11.2
Release : 1.fc44
URL : https://github.com/containers/podman-tui
Summary : Podman Terminal User Interface
Description :
podman-tui is a terminal user interface for Podman.
podman-tui is using podman.socket service to communicate with podman environment
and SSH to connect to remote podman machines.
--------------------------------------------------------------------------------
Update Information:
release 1.11.2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 20 2026 Packit [hello@packit.dev] - 1.11.2-1
- Update to 1.11.2 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2421877 - CVE-2025-66506 podman-tui: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2421877
[ 2 ] Bug #2421882 - CVE-2025-66506 podman-tui: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2421882
[ 3 ] Bug #2455640 - CVE-2026-34986 podman-tui: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455640
[ 4 ] Bug #2455670 - CVE-2026-34986 podman-tui: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455670
[ 5 ] Bug #2486211 - CVE-2026-45287 podman-tui: OpenTelemetry-Go: Denial of Service due to file descriptor leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486211
[ 6 ] Bug #2486257 - CVE-2026-45287 podman-tui: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486257
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c55ec73fe2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3c6643b33a
2026-06-29 00:57:02.525456+00:00
--------------------------------------------------------------------------------
Name : prometheus-podman-exporter
Product : Fedora 44
Version : 1.21.1
Release : 1.fc44
URL : https://github.com/containers/prometheus-podman-exporter
Summary : Prometheus exporter for podman environment
Description :
Prometheus exporter for podman environments exposing containers, pods, images,
volumes and networks information.
--------------------------------------------------------------------------------
Update Information:
release 1.21.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 20 2026 Packit [hello@packit.dev] - 1.21.1-1
- Update to 1.21.1 upstream release
* Sat Mar 14 2026 Packit [hello@packit.dev] - 1.21.0-1
- Update to 1.21.0 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2421878 - CVE-2025-66506 prometheus-podman-exporter: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2421878
[ 2 ] Bug #2421883 - CVE-2025-66506 prometheus-podman-exporter: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2421883
[ 3 ] Bug #2455641 - CVE-2026-34986 prometheus-podman-exporter: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455641
[ 4 ] Bug #2455671 - CVE-2026-34986 prometheus-podman-exporter: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2455671
[ 5 ] Bug #2486201 - CVE-2026-45287 prometheus-podman-exporter: OpenTelemetry-Go: Denial of Service due to file descriptor leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486201
[ 6 ] Bug #2486270 - CVE-2026-45287 prometheus-podman-exporter: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486270
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3c6643b33a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
