Rust, Kernel, Dnsmasq, and more updates for Fedora

Fedora Linux 9355 Published by

Fedora 42, 43, and 44 just received a wave of critical security updates that address multiple vulnerabilities across the system. A large chunk of these releases focus on rebuilding Rust libraries to patch dangerous flaws in the openssl crate, while other tools like dnsmasq and python-pysam get direct fixes for buffer overflows and input validation weaknesses. The Linux kernel packages also see important changes, including network scheduler corrections and new mitigations for fragnesia code paths across all three distribution versions. System administrators should run the standard dnf upgrade command to apply these patches before attackers can exploit the unpatched vulnerabilities.

Fedora 43 Update: rust-rpki-0.18.6-4.fc43
Fedora 43 Update: kernel-7.0.9-102.fc43
Fedora 43 Update: keylime-agent-rust-0.2.9-2.fc43
Fedora 43 Update: rust-cargo-vendor-filterer-0.5.18-5.fc43
Fedora 43 Update: rust-oo7-cli-0.4.3-5.fc43
Fedora 43 Update: rust-ingredients-0.2.2-4.fc43
Fedora 43 Update: rust-tealdeer-1.7.3-2.fc43
Fedora 43 Update: rust-sevctl-0.6.2-7.fc43
Fedora 43 Update: perl-Net-CIDR-Lite-0.24-1.fc43
Fedora 44 Update: kernel-7.0.9-202.fc44
Fedora 44 Update: python-urllib3-2.7.0-1.fc44
Fedora 44 Update: rust-rpki-0.18.6-4.fc44
Fedora 44 Update: keylime-agent-rust-0.2.9-2.fc44
Fedora 44 Update: rust-cargo-vendor-filterer-0.5.18-5.fc44
Fedora 44 Update: rust-oo7-cli-0.4.3-5.fc44
Fedora 44 Update: rust-ingredients-0.2.2-4.fc44
Fedora 44 Update: rust-tealdeer-1.7.3-2.fc44
Fedora 44 Update: rust-sevctl-0.6.2-7.fc44
Fedora 44 Update: python-pysam-0.24.0-1.fc44
Fedora 43 Update: dnsmasq-2.92rel2-2.fc43
Fedora 42 Update: kernel-6.19.14-106.fc42




[SECURITY] Fedora 43 Update: rust-rpki-0.18.6-4.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f55df93b17
2026-05-19 16:00:44.522724+00:00
--------------------------------------------------------------------------------

Name : rust-rpki
Product : Fedora 43
Version : 0.18.6
Release : 4.fc43
URL : https://crates.io/crates/rpki
Summary : Library for validating and creating RPKI data
Description :
A library for validating and creating RPKI data.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.18.6-4
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.18.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f55df93b17' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: kernel-7.0.9-102.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-88a1fb9418
2026-05-19 16:00:44.522731+00:00
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 43
Version : 7.0.9
Release : 102.fc43
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 7.0.9-102/202 stable kernel builds contain additional mitigations for new
code paths in fragnesia, and a couple of other security updates without fancy
names or CVEs assigned yet.
The 7.0.9 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 18 2026 Justin M. Forbes [jforbes@fedoraproject.org] [7.0.9-0]
- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta)
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim)
- Revert fragnesia for so I can replace it with the newer one (Justin M. Forbes)
- net/sched: act_pedit: extend the writable skb range per key (Zhang Cen)
* Sun May 17 2026 Justin M. Forbes [jforbes@fedoraproject.org] [7.0.9-0]
- Turn on XFS_ONLINE_REPAIR for Fedora (Justin M. Forbes)
- Enable SND_DESIGNWARE for Fedora x86 (Justin M. Forbes)
- Enable HID_SENSOR_PROX for Fedora x86 (Justin M. Forbes)
- drm/i915/dp_tunnel: Don't update tunnel state during system resume (Imre Deak)
- Linux v7.0.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2478149 - xfs metadata repair facility is not available
https://bugzilla.redhat.com/show_bug.cgi?id=2478149
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-88a1fb9418' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: keylime-agent-rust-0.2.9-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-30a8b60b25
2026-05-19 16:00:44.522720+00:00
--------------------------------------------------------------------------------

Name : keylime-agent-rust
Product : Fedora 43
Version : 0.2.9
Release : 2.fc43
URL : https://github.com/keylime/rust-keylime/
Summary : The Keylime agent
Description :
The Keylime agent

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.9-2
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-30a8b60b25' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-cargo-vendor-filterer-0.5.18-5.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-813872cbff
2026-05-19 16:00:44.522716+00:00
--------------------------------------------------------------------------------

Name : rust-cargo-vendor-filterer
Product : Fedora 43
Version : 0.5.18
Release : 5.fc43
URL : https://crates.io/crates/cargo-vendor-filterer
Summary : Cargo vendor, but with filtering for platforms and more
Description :
`cargo vendor`, but with filtering for platforms and more.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.5.18-5
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-813872cbff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-oo7-cli-0.4.3-5.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9695dd338f
2026-05-19 16:00:44.522708+00:00
--------------------------------------------------------------------------------

Name : rust-oo7-cli
Product : Fedora 43
Version : 0.4.3
Release : 5.fc43
URL : https://crates.io/crates/oo7-cli
Summary : System keyring access from the terminal
Description :
System keyring access from the terminal.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.4.3-5
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9695dd338f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-ingredients-0.2.2-4.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ba5710ebd0
2026-05-19 16:00:44.522705+00:00
--------------------------------------------------------------------------------

Name : rust-ingredients
Product : Fedora 43
Version : 0.2.2
Release : 4.fc43
URL : https://crates.io/crates/ingredients
Summary : Check ingredients of published Rust crates
Description :
Check ingredients of published Rust crates.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.2-4
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ba5710ebd0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-tealdeer-1.7.3-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-95cc69e19a
2026-05-19 16:00:44.522712+00:00
--------------------------------------------------------------------------------

Name : rust-tealdeer
Product : Fedora 43
Version : 1.7.3
Release : 2.fc43
URL : https://crates.io/crates/tealdeer
Summary : Fetch and show tldr help pages for many CLI commands
Description :
Fetch and show tldr help pages for many CLI commands. Full featured
offline client with caching support.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 1.7.3-2
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-95cc69e19a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-sevctl-0.6.2-7.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-72a1f0b109
2026-05-19 16:00:44.522701+00:00
--------------------------------------------------------------------------------

Name : rust-sevctl
Product : Fedora 43
Version : 0.6.2
Release : 7.fc43
URL : https://crates.io/crates/sevctl
Summary : Administrative utility for AMD SEV
Description :
Administrative utility for AMD SEV.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.6.2-7
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-72a1f0b109' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: perl-Net-CIDR-Lite-0.24-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9e783d6aa1
2026-05-19 16:00:44.522643+00:00
--------------------------------------------------------------------------------

Name : perl-Net-CIDR-Lite
Product : Fedora 43
Version : 0.24
Release : 1.fc43
URL : https://metacpan.org/release/Net-CIDR-Lite
Summary : Perl extension for merging IPv4 or IPv6 CIDR addresses
Description :
Faster alternative to Net::CIDR when merging a large number of CIDR address
ranges. Works for IPv4 and IPv6 addresses.

--------------------------------------------------------------------------------
Update Information:

This update addresses some input validation issues:
Reject Unicode digits and trailing newlines in parser inputs (CVE-2026-45190)
Reject zero-padded CIDR masks (CVE-2026-45191)
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Paul Howarth - 0.24-1
- Update to 0.24
- Reject Unicode digits and trailing newlines in parser inputs
(CVE-2026-45190)
- Reject zero-padded CIDR masks (CVE-2026-45191)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9e783d6aa1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: kernel-7.0.9-202.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-346fbec5d5
2026-05-19 16:18:59.081731+00:00
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 44
Version : 7.0.9
Release : 202.fc44
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 7.0.9-102/202 stable kernel builds contain additional mitigations for new
code paths in fragnesia, and a couple of other security updates without fancy
names or CVEs assigned yet.
The 7.0.9 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 18 2026 Justin M. Forbes [jforbes@fedoraproject.org] [7.0.9-0]
- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta)
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim)
- Revert fragnesia for so I can replace it with the newer one (Justin M. Forbes)
- net/sched: act_pedit: extend the writable skb range per key (Zhang Cen)
* Sun May 17 2026 Justin M. Forbes [jforbes@fedoraproject.org] [7.0.9-0]
- Turn on XFS_ONLINE_REPAIR for Fedora (Justin M. Forbes)
- Enable SND_DESIGNWARE for Fedora x86 (Justin M. Forbes)
- Enable HID_SENSOR_PROX for Fedora x86 (Justin M. Forbes)
- drm/i915/dp_tunnel: Don't update tunnel state during system resume (Imre Deak)
- Linux v7.0.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2478149 - xfs metadata repair facility is not available
https://bugzilla.redhat.com/show_bug.cgi?id=2478149
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-346fbec5d5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python-urllib3-2.7.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-48989df336
2026-05-19 16:18:59.081722+00:00
--------------------------------------------------------------------------------

Name : python-urllib3
Product : Fedora 44
Version : 2.7.0
Release : 1.fc44
URL : https://github.com/urllib3/urllib3
Summary : HTTP library with thread-safe connection pooling, file post, and more
Description :
urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings
many critical features that are missing from the Python standard libraries:

??? Thread safety.
??? Connection pooling.
??? Client-side SSL/TLS verification.
??? File uploads with multipart encoding.
??? Helpers for retrying requests and dealing with HTTP redirects.
??? Support for gzip, deflate, brotli, and zstd encoding.
??? Proxy support for HTTP and SOCKS.
??? 100% test coverage.

--------------------------------------------------------------------------------
Update Information:

Update to 2.7.0 (rhbz#2467787)
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 12 2026 Lumir Balhar [lbalhar@redhat.com] - 2.7.0-1
- Update to 2.7.0 (rhbz#2467787)
* Wed Apr 8 2026 Miro Hron??ok [miro@hroncok.cz] - 2.6.3-3
- Allow building with setuptools-scm 10+
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2467787 - python-urllib3-2.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2467787
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-48989df336' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 44 Update: rust-rpki-0.18.6-4.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-aac0adf7f7
2026-05-19 16:18:59.081706+00:00
--------------------------------------------------------------------------------

Name : rust-rpki
Product : Fedora 44
Version : 0.18.6
Release : 4.fc44
URL : https://crates.io/crates/rpki
Summary : Library for validating and creating RPKI data
Description :
A library for validating and creating RPKI data.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.18.6-4
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-aac0adf7f7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: keylime-agent-rust-0.2.9-2.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9002354692
2026-05-19 16:18:59.081704+00:00
--------------------------------------------------------------------------------

Name : keylime-agent-rust
Product : Fedora 44
Version : 0.2.9
Release : 2.fc44
URL : https://github.com/keylime/rust-keylime/
Summary : The Keylime agent
Description :
The Keylime agent

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.9-2
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9002354692' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-cargo-vendor-filterer-0.5.18-5.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b631ccd99a
2026-05-19 16:18:59.081702+00:00
--------------------------------------------------------------------------------

Name : rust-cargo-vendor-filterer
Product : Fedora 44
Version : 0.5.18
Release : 5.fc44
URL : https://crates.io/crates/cargo-vendor-filterer
Summary : Cargo vendor, but with filtering for platforms and more
Description :
`cargo vendor`, but with filtering for platforms and more.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.5.18-5
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b631ccd99a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-oo7-cli-0.4.3-5.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-8e53f4aa95
2026-05-19 16:18:59.081698+00:00
--------------------------------------------------------------------------------

Name : rust-oo7-cli
Product : Fedora 44
Version : 0.4.3
Release : 5.fc44
URL : https://crates.io/crates/oo7-cli
Summary : System keyring access from the terminal
Description :
System keyring access from the terminal.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.4.3-5
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-8e53f4aa95' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-ingredients-0.2.2-4.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-6b01755e7d
2026-05-19 16:18:59.081695+00:00
--------------------------------------------------------------------------------

Name : rust-ingredients
Product : Fedora 44
Version : 0.2.2
Release : 4.fc44
URL : https://crates.io/crates/ingredients
Summary : Check ingredients of published Rust crates
Description :
Check ingredients of published Rust crates.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.2-4
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-6b01755e7d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-tealdeer-1.7.3-2.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-acda6951c6
2026-05-19 16:18:59.081700+00:00
--------------------------------------------------------------------------------

Name : rust-tealdeer
Product : Fedora 44
Version : 1.7.3
Release : 2.fc44
URL : https://crates.io/crates/tealdeer
Summary : Fetch and show tldr help pages for many CLI commands
Description :
Fetch and show tldr help pages for many CLI commands. Full featured
offline client with caching support.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 1.7.3-2
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-acda6951c6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: rust-sevctl-0.6.2-7.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-941244e8ee
2026-05-19 16:18:59.081693+00:00
--------------------------------------------------------------------------------

Name : rust-sevctl
Product : Fedora 44
Version : 0.6.2
Release : 7.fc44
URL : https://crates.io/crates/sevctl
Summary : Administrative utility for AMD SEV
Description :
Administrative utility for AMD SEV.

--------------------------------------------------------------------------------
Update Information:

Rebuild with version 0.10.79 of the openssl crate which includes fixes for the
following security issues:
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
CVE-2026-41898 / GHSA-hppc-g8h3-xhp3
CVE-2026-42327 / GHSA-xp3w-r5p5-63rr
CVE-2026-44662 / GHSA-xv59-967r-8726
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 11 2026 Fabio Valentini [decathorpe@gmail.com] - 0.6.2-7
- Rebuild for rust-openssl
CVE-2026-{41676,41677,41678,41681,41898,42327,44662}
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-941244e8ee' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: python-pysam-0.24.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-28858c383e
2026-05-19 16:18:59.081639+00:00
--------------------------------------------------------------------------------

Name : python-pysam
Product : Fedora 44
Version : 0.24.0
Release : 1.fc44
URL : https://github.com/pysam-developers/pysam
Summary : pysam
Description :
pysam - a python module for reading, manipulating and writing genomic data
sets.pysam is a lightweight wrapper of the htslib C-API and provides facilities
to read and write SAM/BAM/VCF/BCF/BED/GFF/GTF/FASTA/FASTQ files as well as
access to the command line functionality of the samtools and bcftools packages.
The module supports compression and random access through indexing.

--------------------------------------------------------------------------------
Update Information:

Update pysam
Resolves CVE issues
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 9 2026 David Bold [davidsch@fedoraproject.org] - 0.24.0-1
- Update to 0.24.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2448875 - CVE-2026-31970 python-pysam: HTSlib: BGZF index file reader has a heap buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448875
[ 2 ] Bug #2448878 - CVE-2026-31968 python-pysam: HTSlib: Buffer overflow in CRAM decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448878
[ 3 ] Bug #2448885 - CVE-2026-31966 python-pysam: htslib: Information disclosure and denial of service due to insufficient CRAM feature data validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448885
[ 4 ] Bug #2448887 - CVE-2026-31967 python-pysam: HTSlib: Information disclosure and Denial of Service via unvalidated CRAM mate reference ID [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448887
[ 5 ] Bug #2448888 - CVE-2026-31971 python-pysam: HTSlib: CRAM decoder vulnerable to buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448888
[ 6 ] Bug #2448889 - CVE-2026-31969 python-pysam: HTSlib: CRAM decoder has a heap buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448889
[ 7 ] Bug #2448890 - CVE-2026-31967 python-pysam: HTSlib: Information disclosure and Denial of Service via unvalidated CRAM mate reference ID [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448890
[ 8 ] Bug #2448891 - CVE-2026-31967 python-pysam: HTSlib: Information disclosure and Denial of Service via unvalidated CRAM mate reference ID [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448891
[ 9 ] Bug #2448892 - CVE-2026-31971 python-pysam: HTSlib: CRAM decoder vulnerable to buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448892
[ 10 ] Bug #2449264 - CVE-2026-31972 python-pysam: SAMtools: Information Disclosure and Denial of Service via use-after-free vulnerability in mpileup command [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2449264
[ 11 ] Bug #2463224 - python-pysam-0.24.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2463224
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-28858c383e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: dnsmasq-2.92rel2-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-6384a3cf14
2026-05-20 01:01:45.966554+00:00
--------------------------------------------------------------------------------

Name : dnsmasq
Product : Fedora 43
Version : 2.92rel2
Release : 2.fc43
URL : http://www.thekelleys.org.uk/dnsmasq/
Summary : A lightweight DHCP/caching DNS server
Description :
Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network.
It can serve the names of local machines which are not in the global
DNS. The DHCP server integrates with the DNS server and allows machines
with DHCP-allocated addresses to appear in the DNS with names configured
either in each host or in a central configuration file. Dnsmasq supports
static and dynamic DHCP leases and BOOTP for network booting of disk-less
machines.

--------------------------------------------------------------------------------
Update Information:

Update to 2.92rel2
2.92 point release incorporating fixes for:
CVE-2026-2291
CVE-2026-4890
CVE-2026-4891
CVE-2026-4892
CVE-2026-4893
CVE-2026-5172
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 12 2026 Petr Men????k [pemensik@redhat.com] - 2.92rel2-9
- Update to 2.92rel2 (rhbz#2469245)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2459196 - CVE-2026-6507 dnsmasq: dnsmasq: Denial of Service due to out-of-bounds write in DHCP BOOTREPLY processing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2459196
[ 2 ] Bug #2469245 - dnsmasq-2.92rel2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2469245
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-6384a3cf14' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: kernel-6.19.14-106.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-db3618772b
2026-05-19 18:21:15.523108+00:00
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 42
Version : 6.19.14
Release : 106.fc42
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.19.14-106 kernel build contains additional mitigations for new code paths
in fragnesia, and a couple of other security updates without fancy names or CVEs
assigned yet.
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 18 2026 Justin M. Forbes [jforbes@fedoraproject.org] [6.19.14-106]
- Revert "redhat/kernel.spec.template: Fix indentation of uki-virt generation code" (Justin M. Forbes)
- Revert "redhat/kernel.spec.template: Simplify uki-virt signing" (Justin M. Forbes)
- Revert "redhat/kernel.spec.template: Add kernel-uki-dtbloader sub-package" (Justin M. Forbes)
- Revert "redhat/kernel.spec.template: Make -uki-dtbloader provide kernel-core-uname-r" (Justin M. Forbes)
* Mon May 18 2026 Justin M. Forbes [jforbes@fedoraproject.org] [6.19.14-6]
- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta)
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim)
- Revert fragnesia v4 in favor of v5 (Justin M. Forbes)
- net/sched: act_pedit: extend the writable skb range per key (Zhang Cen)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-db3618772b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new


Kernel, Apache 2, GnuTLS updates for Debian

LibPNG, Ruby, Rsync, and more updates for Oracle Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...