Fedora Linux 9411 Published by

Fedora 43 and 44 deploy essential security patches addressing critical flaws across multiple packages. OpenSSH updates eliminate double-free errors, heap out-of-bounds reads, and man-in-the-middle attack vectors. The opkssh release mitigates denial-of-service risks and security bypasses, while perl-CSS-Minifier-XS corrects memory leaks. Updates for jiter, pendulum, and nh3 integrate PyO3 0.29 to resolve Rust security advisories, and the upower package addresses potential leaks and memory corruption risks.

Fedora 43 Update: perl-CSS-Minifier-XS-0.15-1.fc43
Fedora 43 Update: opkssh-0.15.0-2.fc43
Fedora 43 Update: rust-jiter-0.16.0-1.fc43
Fedora 43 Update: python-jiter-0.16.0-1.fc43
Fedora 44 Update: openssh-10.2p1-12.fc44
Fedora 44 Update: upower-1.91.3-1.fc44
Fedora 44 Update: opkssh-0.15.0-2.fc44
Fedora 44 Update: perl-CSS-Minifier-XS-0.15-1.fc44
Fedora 44 Update: python-pendulum-3.2.0-1.fc44
Fedora 44 Update: python-nh3-0.3.6-1.fc44
Fedora 44 Update: rust-jiter-0.16.0-1.fc44
Fedora 44 Update: python-jiter-0.16.0-1.fc44




[SECURITY] Fedora 43 Update: perl-CSS-Minifier-XS-0.15-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-abc468979d
2026-07-09 01:07:23.887028+00:00
--------------------------------------------------------------------------------

Name : perl-CSS-Minifier-XS
Product : Fedora 43
Version : 0.15
Release : 1.fc43
URL : https://metacpan.org/release/CSS-Minifier-XS
Summary : XS based CSS minifier
Description :
'CSS::Minifier::XS' is a CSS "minifier". It's designed to remove
unnecessary white-space and comments from CSS files, while also
*not* breaking the CSS. 'CSS::Minifier::XS' is similar in function
to 'CSS::Minifier', but is substantially faster as it's written
in XS and not just pure Perl.

--------------------------------------------------------------------------------
Update Information:

This package contains the Perl module CSS::Minifier::XS.
Versions of the module before 0.14 have a memory leak when the entire document
is minified away (CVE-2026-13593).
This update brings version 0.15 which fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Emmanuel Seyman [emmanuel@seyman.fr] - 0.15-1
- Update to 0.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494733 - CVE-2026-13593 perl-CSS-Minifier-XS: CSS::Minifier::XS: Memory leak via crafted input leading to Denial of Service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494733
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-abc468979d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: opkssh-0.15.0-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-387cf555e7
2026-07-09 01:07:23.887030+00:00
--------------------------------------------------------------------------------

Name : opkssh
Product : Fedora 43
Version : 0.15.0
Release : 2.fc43
URL : https://github.com/openpubkey/opkssh
Summary : OpenPubkey SSH
Description :
OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect
allowing SSH access to be managed via identities like alice@example.com instead
of long-lived SSH keys.

--------------------------------------------------------------------------------
Update Information:

Update to opkssh 0.15.0.
This release fixes several CVEs in bundled/vendored dependencies:
CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public
key with excessive parameters
CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
certificate
CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced
key confirmation
CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing
of DNS SAN entries (fixed via the Go toolchain used to build this package)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 2 2026 Till Hofmann [thofmann@fedoraproject.org] - 0.15.0-2
- Drop obsolete golang.org/x/crypto override
* Thu Jul 2 2026 Till Hofmann [thofmann@fedoraproject.org] - 0.15.0-1
- Update to 0.15.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2490078 - CVE-2026-39829 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2490078
[ 2 ] Bug #2492509 - opkssh-0.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2492509
[ 3 ] Bug #2493536 - CVE-2026-39835 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2493536
[ 4 ] Bug #2494282 - CVE-2026-27145 opkssh: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494282
[ 5 ] Bug #2494472 - CVE-2026-39833 opkssh: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494472
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-387cf555e7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-jiter-0.16.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f774d1a878
2026-07-09 01:07:23.886973+00:00
--------------------------------------------------------------------------------

Name : rust-jiter
Product : Fedora 43
Version : 0.16.0
Release : 1.fc43
URL : https://crates.io/crates/jiter
Summary : Fast Iterable JSON parser
Description :
Fast Iterable JSON parser.

--------------------------------------------------------------------------------
Update Information:

Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update
python-jiter to match. Both packages now use PyO3 0.29, with fixes for
RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.16.0-1
- Update to version 0.16.0; Fixes RHBZ#2494428
* Sat Jun 20 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.15.0-2
- Update to PyO3 0.29
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494427 - python-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494427
[ 2 ] Bug #2494428 - rust-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494428
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f774d1a878' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: python-jiter-0.16.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f774d1a878
2026-07-09 01:07:23.886973+00:00
--------------------------------------------------------------------------------

Name : python-jiter
Product : Fedora 43
Version : 0.16.0
Release : 1.fc43
URL : https://github.com/pydantic/jiter
Summary : Fast iterable JSON parser
Description :
Fast iterable JSON parser.

--------------------------------------------------------------------------------
Update Information:

Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update
python-jiter to match. Both packages now use PyO3 0.29, with fixes for
RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.16.0-1
- Update to 0.16.0 upstream release
- Resolves: rhbz#2494427
* Sat Jun 20 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.15.0-3
- Update to PyO3 0.29
* Wed Jun 3 2026 Python Maint - 0.15.0-2
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494427 - python-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494427
[ 2 ] Bug #2494428 - rust-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494428
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f774d1a878' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: openssh-10.2p1-12.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a80275b42d
2026-07-09 00:54:37.609381+00:00
--------------------------------------------------------------------------------

Name : openssh
Product : Fedora 44
Version : 10.2p1
Release : 12.fc44
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol version 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

--------------------------------------------------------------------------------
Update Information:

Improve GSS KEX algorithms documentation
CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-
group validation that leads to client-side denial of service
CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due
to missing NULL terminator
CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 7 2026 Dmitry Belyavskiy [dbelyavs@redhat.com] - 10.2p1-12
- Improve GSS KEX algorithms documentation
Patches are submitted by xspielinbox+redhat@protonmail.com
Resolves: rhbz#2241564
* Tue Jul 7 2026 Zoltan Fridrich [zfridric@redhat.com] - 10.2p1-11
- CVE-2026-55653: Fix double free in openssh DH-GEX client path during
FIPS known-group validation that leads to client-side denial of service
- CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator
cleanup due to missing NULL terminator
- CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket
pre-binding
- Remove duplicate manpage entries from ssh(1)
Resolves: rhbz#2442505
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2241564 - KexAlgorithms accepts gss-* algorithms in certain cases, but it is completely unclear what this does
https://bugzilla.redhat.com/show_bug.cgi?id=2241564
[ 2 ] Bug #2442505 - 0043-openssh-8.7p1-ssh-manpage.patch introduces duplicates in documentation
https://bugzilla.redhat.com/show_bug.cgi?id=2442505
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a80275b42d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: upower-1.91.3-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-e5305cffc2
2026-07-09 00:54:37.609376+00:00
--------------------------------------------------------------------------------

Name : upower
Product : Fedora 44
Version : 1.91.3
Release : 1.fc44
URL : https://upower.freedesktop.org/
Summary : Power Management Service
Description :
UPower (formerly DeviceKit-power) provides a daemon, API and command
line tools for managing power devices attached to the system.

--------------------------------------------------------------------------------
Update Information:

upower 1.91.3:
Feature: up-device-battery: Prefer "Standard" over "Fast" charging (!316
(merged), #344 (closed))
Fix: Resolve potential leaks (!327 (merged))
Fix: Potential out-of-bound access (!328 (merged))
Fix: Improve access control (!326 (merged))
Fix: Remove unused codes (!329 (merged))
Fix: Fix for Asus Battery Charge Threshold Detection (!330 (merged), #347
(closed))
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 7 2026 Peter Robinson [pbrobinson@gmail.com] - 1.91.3-1
- Update to 1.91.3 (fixes rhbz#2496407 rhbz#2414589)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2414589 - Settings > Power > Battery Charging: "Preserve Battery Health" can't be set persistently when BIOS Admin Password (a.k.a Setup Password) is set.
https://bugzilla.redhat.com/show_bug.cgi?id=2414589
[ 2 ] Bug #2496407 - upower-1.91.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2496407
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-e5305cffc2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: opkssh-0.15.0-2.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a7570524a7
2026-07-09 00:54:37.609359+00:00
--------------------------------------------------------------------------------

Name : opkssh
Product : Fedora 44
Version : 0.15.0
Release : 2.fc44
URL : https://github.com/openpubkey/opkssh
Summary : OpenPubkey SSH
Description :
OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect
allowing SSH access to be managed via identities like alice@example.com instead
of long-lived SSH keys.

--------------------------------------------------------------------------------
Update Information:

Update to opkssh 0.15.0.
This release fixes several CVEs in bundled/vendored dependencies:
CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public
key with excessive parameters
CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
certificate
CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced
key confirmation
CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing
of DNS SAN entries (fixed via the Go toolchain used to build this package)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 2 2026 Till Hofmann [thofmann@fedoraproject.org] - 0.15.0-2
- Drop obsolete golang.org/x/crypto override
* Thu Jul 2 2026 Till Hofmann [thofmann@fedoraproject.org] - 0.15.0-1
- Update to 0.15.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2490078 - CVE-2026-39829 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2490078
[ 2 ] Bug #2492509 - opkssh-0.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2492509
[ 3 ] Bug #2493536 - CVE-2026-39835 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2493536
[ 4 ] Bug #2494282 - CVE-2026-27145 opkssh: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494282
[ 5 ] Bug #2494472 - CVE-2026-39833 opkssh: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494472
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a7570524a7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: perl-CSS-Minifier-XS-0.15-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9f14575d85
2026-07-09 00:54:37.609348+00:00
--------------------------------------------------------------------------------

Name : perl-CSS-Minifier-XS
Product : Fedora 44
Version : 0.15
Release : 1.fc44
URL : https://metacpan.org/release/CSS-Minifier-XS
Summary : XS based CSS minifier
Description :
'CSS::Minifier::XS' is a CSS "minifier". It's designed to remove
unnecessary white-space and comments from CSS files, while also
*not* breaking the CSS. 'CSS::Minifier::XS' is similar in function
to 'CSS::Minifier', but is substantially faster as it's written
in XS and not just pure Perl.

--------------------------------------------------------------------------------
Update Information:

This package contains the Perl module CSS::Minifier::XS.
Versions of the module before 0.14 have a memory leak when the entire document
is minified away (CVE-2026-13593).
This update brings version 0.15 which fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Emmanuel Seyman [emmanuel@seyman.fr] - 0.15-1
- Update to 0.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494733 - CVE-2026-13593 perl-CSS-Minifier-XS: CSS::Minifier::XS: Memory leak via crafted input leading to Denial of Service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494733
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9f14575d85' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python-pendulum-3.2.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2559684e58
2026-07-09 00:54:37.609345+00:00
--------------------------------------------------------------------------------

Name : python-pendulum
Product : Fedora 44
Version : 3.2.0
Release : 1.fc44
URL : https://pendulum.eustace.io
Summary : Python datetimes made easy
Description :
Unlike other datetime libraries for Python, Pendulum is a drop-in replacement
for the standard datetime class (it inherits from it), so, basically, you can
replace all your datetime instances by DateTime instances in you code.

It also removes the notion of naive datetimes: each Pendulum instance is
timezone-aware and by default in UTC for ease of use.

--------------------------------------------------------------------------------
Update Information:

Update to 3.2.0 (final). Update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and
RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 3.2.0-1
- Update to 3.2.0 (final); Fixes RHBZ#2435482
- Update PyO3 to 0.29 (fixes RUSTSEC-2026-0176, RUSTSEC-2026-0177)
* Thu Jun 4 2026 Python Maint - 3.2.0~dev0^20251024git628fd85-3
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2435482 - python-pendulum-3.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2435482
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2559684e58' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python-nh3-0.3.6-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-5ebb12f543
2026-07-09 00:54:37.609316+00:00
--------------------------------------------------------------------------------

Name : python-nh3
Product : Fedora 44
Version : 0.3.6
Release : 1.fc44
URL : https://github.com/messense/nh3
Summary : Python binding to Ammonia HTML sanitizer Rust crate
Description :
Python binding to Ammonia HTML sanitizer Rust crate.

--------------------------------------------------------------------------------
Update Information:

Update to 0.3.6; this includes an update to PyO3 0.29, which fixes
RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.3.6-1
- Update to 0.3.6 (close RHBZ#2491252)
- Update `License` expression
* Wed Jun 3 2026 Python Maint - 0.3.5-2
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2491252 - python-nh3-0.3.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2491252
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-5ebb12f543' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-jiter-0.16.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a7f46c285f
2026-07-09 00:54:37.609269+00:00
--------------------------------------------------------------------------------

Name : rust-jiter
Product : Fedora 44
Version : 0.16.0
Release : 1.fc44
URL : https://crates.io/crates/jiter
Summary : Fast Iterable JSON parser
Description :
Fast Iterable JSON parser.

--------------------------------------------------------------------------------
Update Information:

Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update
python-jiter to match. Both packages now use PyO3 0.29, with fixes for
RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.16.0-1
- Update to version 0.16.0; Fixes RHBZ#2494428
* Sat Jun 20 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.15.0-2
- Update to PyO3 0.29
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494427 - python-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494427
[ 2 ] Bug #2494428 - rust-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494428
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a7f46c285f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python-jiter-0.16.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a7f46c285f
2026-07-09 00:54:37.609269+00:00
--------------------------------------------------------------------------------

Name : python-jiter
Product : Fedora 44
Version : 0.16.0
Release : 1.fc44
URL : https://github.com/pydantic/jiter
Summary : Fast iterable JSON parser
Description :
Fast iterable JSON parser.

--------------------------------------------------------------------------------
Update Information:

Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update
python-jiter to match. Both packages now use PyO3 0.29, with fixes for
RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.16.0-1
- Update to 0.16.0 upstream release
- Resolves: rhbz#2494427
* Sat Jun 20 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0.15.0-3
- Update to PyO3 0.29
* Wed Jun 3 2026 Python Maint - 0.15.0-2
- Rebuilt for Python 3.15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2494427 - python-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494427
[ 2 ] Bug #2494428 - rust-jiter-0.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2494428
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a7f46c285f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new