VIM, Libopenmpt, Rust, and more updates for Fedora

Fedora Linux 9292 Published by

New security updates are available for Fedora Linux. The updates address vulnerabilities within popular packages like vim and python-cryptography as well as multiple Rust libraries. While the majority of changes focus on Fedora 43, distinct updates exist for both version 42 and the newer 44 release. System stability depends on applying this batch of corrections to avoid potential exploitation of known flaws.

Fedora 43 Update: vim-9.2.240-1.fc43
Fedora 43 Update: libopenmpt-0.8.6-1.fc43
Fedora 43 Update: rust-wycheproof-0.6.0-1.fc43
Fedora 43 Update: rust-asn1_derive-0.22.0-1.fc43
Fedora 43 Update: rubygem-json-2.13.2-2.fc43
Fedora 43 Update: rust-cryptoki-sys-0.5.0-2.fc43
Fedora 43 Update: rust-cryptoki-0.12.0-2.fc43
Fedora 43 Update: python-cryptography-46.0.5-1.fc43
Fedora 43 Update: rust-asn1-0.22.0-1.fc43
Fedora 43 Update: pyOpenSSL-26.0.0-1.fc43
Fedora 43 Update: kryoptic-1.5.0-2.fc43
Fedora 43 Update: headscale-0.28.0-1.fc43
Fedora 43 Update: fontforge-20230101-20.fc43
Fedora 43 Update: vtk-9.2.6-44.fc43
Fedora 42 Update: fontforge-20230101-19.fc42
Fedora 42 Update: vtk-9.2.6-38.fc42
Fedora 44 Update: libopenmpt-0.8.6-1.fc44
Fedora 44 Update: headscale-0.28.0-1.fc44




[SECURITY] Fedora 43 Update: vim-9.2.240-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-a05ac070cd
2026-03-27 01:16:52.247680+00:00
--------------------------------------------------------------------------------

Name : vim
Product : Fedora 43
Version : 9.2.240
Release : 1.fc43
URL : https://www.vim.org/
Summary : The VIM editor
Description :
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.

--------------------------------------------------------------------------------
Update Information:

patchlevel 240
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 25 2026 Zdenek Dohnal [zdohnal@redhat.com] - 2:9.2.240-1
- patchlevel 240
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2450907 - CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function
https://bugzilla.redhat.com/show_bug.cgi?id=2450907
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-a05ac070cd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: libopenmpt-0.8.6-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f9d2152328
2026-03-27 01:16:52.247675+00:00
--------------------------------------------------------------------------------

Name : libopenmpt
Product : Fedora 43
Version : 0.8.6
Release : 1.fc43
URL : https://lib.openmpt.org/libopenmpt/
Summary : C/C++ library to decode tracker music module (MOD) files
Description :
libopenmpt is a cross-platform C++ and C library to decode tracked music
files (modules) into a raw PCM audio stream.

libopenmpt is based on the player code of the OpenMPT project (Open
ModPlug Tracker). In order to avoid code base fragmentation, libopenmpt is
developed in the same source code repository as OpenMPT.

--------------------------------------------------------------------------------
Update Information:

Update from 0.8.5 to 0.8.6 to fix regression:
https://lib.openmpt.org/libopenmpt/2026/03/24/security-
updates-0.8.6-0.7.19-0.6.28-0.5.42-0.4.54/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2026 Michael Schwendt [mschwendt@fedoraproject.org] - 0.8.6-1
- update to 0.8.6 which fixes regression in 0.8.5
* Sun Mar 22 2026 Michael Schwendt [mschwendt@fedoraproject.org] - 0.8.5-1
- update to 0.8.5
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.8.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f9d2152328' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-wycheproof-0.6.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : rust-wycheproof
Product : Fedora 43
Version : 0.6.0
Release : 1.fc43
URL : https://crates.io/crates/wycheproof
Summary : Wycheproof test vectors
Description :
Wycheproof test vectors.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2026 Jakub Jelen [jjelen@redhat.com] - 0.6.0-1
- First Fedora release (#2432331)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-asn1_derive-0.22.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : rust-asn1_derive
Product : Fedora 43
Version : 0.22.0
Release : 1.fc43
URL : https://crates.io/crates/asn1_derive
Summary : #[derive] support for asn1
Description :

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 22 2026 Jeremy Cline [jeremycline@linux.microsoft.com] - 0.22.0-1
- Update to v0.22.0
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.21.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rubygem-json-2.13.2-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-8c07fcde49
2026-03-27 01:16:52.247657+00:00
--------------------------------------------------------------------------------

Name : rubygem-json
Product : Fedora 43
Version : 2.13.2
Release : 2.fc43
URL : https://github.com/flori/json
Summary : A JSON implementation in Ruby
Description :
This is a implementation of the JSON specification according
to RFC 4627 in Ruby.
You can think of it as a low fat alternative to XML,
if you want to store data to disk or transmit it over
a network rather than use a verbose markup language.

--------------------------------------------------------------------------------
Update Information:

This new updates backports a fix for a format string injection vulnerability in
JSON.parse, which is now assigned as CVE-2026-33210
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2026 Mamoru TASAKA [mtasaka@fedoraproject.org] - 2.13.2-2
- Backport upstream fix for format string injection vulnerability in JSON.parse
(CVE-2026-33210)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-8c07fcde49' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-cryptoki-sys-0.5.0-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : rust-cryptoki-sys
Product : Fedora 43
Version : 0.5.0
Release : 2.fc43
URL : https://crates.io/crates/cryptoki-sys
Summary : FFI wrapper around the PKCS #11 API
Description :
FFI wrapper around the PKCS #11 API.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jan 7 2026 Jakub Jelen [jjelen@redhat.com] - 0.5.0-1
- cryptoki-sys-0.5.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-cryptoki-0.12.0-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : rust-cryptoki
Product : Fedora 43
Version : 0.12.0
Release : 2.fc43
URL : https://crates.io/crates/cryptoki
Summary : Rust-native wrapper around the PKCS #11 API
Description :
Rust-native wrapper around the PKCS #11 API.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2026 Jakub Jelen [jjelen@redhat.com] - 0.12.0-2
- Replace softhsm with kryoptic in tests
* Mon Jan 26 2026 Jakub Jelen [jjelen@redhat.com] - 0.12.0-1
- 0.12.0-1 (#2432035)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.11.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Jan 7 2026 Jakub Jelen [jjelen@redhat.com] - 0.11.0-1
- rust-cryptoki-0.11.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: python-cryptography-46.0.5-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : python-cryptography
Product : Fedora 43
Version : 46.0.5
Release : 1.fc43
URL : https://cryptography.io/en/latest/
Summary : PyCA's cryptography library
Description :
cryptography is a package designed to expose cryptographic primitives and
recipes to Python developers.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 10 2026 Jeremy Cline [jeremycline@linux.microsoft.com] - 46.0.5-1
- Update to v46.0.5
* Thu Jan 22 2026 Jeremy Cline [jeremycline@linux.microsoft.com] - 46.0.3-1
- Update to v46.0.3
- Removed the deprecated get_attribute_for_oid method on
CertificateSigningRequest. Users should use get_attribute_for_oid()
instead.
- Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the
cipher module. These are still available in Decrepit cryptography.
- In X.509, when performing a PSS signature with a SHA-3 hash, it is now
encoded with the official NIST SHA3 OID.
- Added support for free-threaded Python 3.14.
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 45.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Oct 22 2025 Peter Robinson [pbrobinson@gmail.com] - 45.0.4-5
- Drop pytz test req, only needed for py < 3.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: rust-asn1-0.22.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : rust-asn1
Product : Fedora 43
Version : 0.22.0
Release : 1.fc43
URL : https://crates.io/crates/asn1
Summary : ASN.1 (DER) parser and writer for Rust
Description :
ASN.1 (DER) parser and writer for Rust.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 22 2026 Jeremy Cline [jeremycline@linux.microsoft.com] - 0.22.0-1
- Update to v0.22.0
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.21.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: pyOpenSSL-26.0.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : pyOpenSSL
Product : Fedora 43
Version : 26.0.0
Release : 1.fc43
URL : https://pyopenssl.readthedocs.org/
Summary : Python wrapper module around the OpenSSL library
Description :
High-level wrapper around a subset of the OpenSSL library, includes among others
* SSL.Connection objects, wrapping the methods of Python's portable
sockets
* Callbacks written in Python
* Extensive error-handling mechanism, mirroring OpenSSL's error codes

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2026 Jeremy Cline [jeremycline@microsoft.com] - 26.0.0-1
- Update to v26.0.0
- Added support for using aws-lc instead of OpenSSL.
- Properly raise an error if a DTLS cookie callback returned a cookie
longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a
buffer-overflow. Credit to dark_haxor for reporting the issue.
CVE-2026-27459
- Added OpenSSL.SSL.Connection.get_group_name to determine which group name
was negotiated.
- Context.set_tlsext_servername_callback now handles exceptions raised in
the callback by calling sys.excepthook and returning a fatal TLS alert.
Previously, exceptions were silently swallowed and the handshake would
proceed as if the callback had succeeded. Credit to Leury Castillo for
reporting this issue. CVE-2026-27448
* Thu Jan 22 2026 Jeremy Cline [jeremycline@linux.microsoft.com] - 25.3.0-1
- Update to 25.3.0
- pyOpenSSL now sets SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER on connections by
default, matching CPython???s behavior.
- Added OpenSSL.SSL.Context.clear_mode.
- Added OpenSSL.SSL.Context.set_tls13_ciphersuites to set the allowed TLS
1.3 ciphers.
- Added OpenSSL.SSL.Connection.set_info_callback
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 25.1.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 43 Update: kryoptic-1.5.0-2.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9d5b9f45ec
2026-03-27 01:16:52.247652+00:00
--------------------------------------------------------------------------------

Name : kryoptic
Product : Fedora 43
Version : 1.5.0
Release : 2.fc43
URL : https://github.com/latchset/kryoptic
Summary : PKCS #11 software token written in Rust
Description :
A PKCS #11 software token written in Rust.

--------------------------------------------------------------------------------
Update Information:

Update pyOpenSSL to v26.0.0 (security update)
Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26)
Update rust-asn1 to 0.22 (dependency of python-cryptography)
Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22)
The security status of this update is only for pyOpenSSL.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 4 2026 Jakub Jelen [jjelen@redhat.com] - 1.5.0-1
- Rebase to 1.5.0
* Mon Feb 2 2026 Jakub Jelen [jjelen@redhat.com] - 1.4.0-8
- Update to asn1-0.22 as available in Fedora
* Mon Feb 2 2026 Jakub Jelen [jjelen@redhat.com] - 1.4.0-7
- Require cryptoki-0.12.0 as currently in Fedora
* Thu Jan 29 2026 Fabio Valentini [decathorpe@gmail.com] - 1.4.0-6
- Bump bindgen dependency to 0.72 for compatibility with LLVM 22
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.4.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2433650
[ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2447727
[ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2448652
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: headscale-0.28.0-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c3c02ffe75
2026-03-27 01:16:52.247595+00:00
--------------------------------------------------------------------------------

Name : headscale
Product : Fedora 43
Version : 0.28.0
Release : 1.fc43
URL : https://github.com/juanfont/headscale
Summary : Self-hosted implementation of the Tailscale control server
Description :
An open source, self-hosted implementation of the Tailscale control server.

--------------------------------------------------------------------------------
Update Information:

update to 0.28.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2026 Jonathan Wright [jonathan@almalinux.org] - 0.28.0-1
- Update to 0.28.0
* Tue Feb 3 2026 Maxwell G [maxwell@gtmx.me] - 0.26.1-8
- Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.26.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 0.26.1-6
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2408299 - CVE-2025-58189 headscale: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408299
[ 2 ] Bug #2408721 - CVE-2025-61725 headscale: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408721
[ 3 ] Bug #2409772 - CVE-2025-61723 headscale: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409772
[ 4 ] Bug #2410722 - CVE-2025-58185 headscale: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410722
[ 5 ] Bug #2411618 - CVE-2025-58188 headscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411618
[ 6 ] Bug #2412709 - CVE-2025-58183 headscale: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412709
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c3c02ffe75' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: fontforge-20230101-20.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-4f7402837e
2026-03-27 01:16:52.247548+00:00
--------------------------------------------------------------------------------

Name : fontforge
Product : Fedora 43
Version : 20230101
Release : 20.fc43
URL : http://fontforge.github.io/
Summary : Outline and bitmap font editor
Description :
FontForge (former PfaEdit) is a font editor for outline and bitmap
fonts. It supports a range of font formats, including PostScript
(ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType
(Type2) and CID-keyed fonts.

--------------------------------------------------------------------------------
Update Information:

Resolves: CVE-2025-15270
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2026 Parag Nemade - 20230101-20
- Resolves: CVE-2025-15270
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2426580 - CVE-2025-15270 fontforge: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2426580
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-4f7402837e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 43 Update: vtk-9.2.6-44.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-55f82da186
2026-03-27 01:16:52.247545+00:00
--------------------------------------------------------------------------------

Name : vtk
Product : Fedora 43
Version : 9.2.6
Release : 44.fc43
URL : https://vtk.org/
Summary : The Visualization Toolkit - A high level 3D visualization library
Description :
VTK is an open-source software system for image processing, 3D
graphics, volume rendering and visualization. VTK includes many
advanced algorithms (e.g., surface reconstruction, implicit modeling,
decimation) and rendering techniques (e.g., hardware-accelerated
volume rendering, LOD control).

NOTE: The version in this package has NOT been compiled with MPI support.

Install the vtk-mpich package to get a version compiled with mpich.

--------------------------------------------------------------------------------
Update Information:

Add patch to fix integer overflow on 32-bit in KissFFT (CVE-2025-34297)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 17 2026 Orion Poplawski [orion@nwra.com] - 9.2.6-44
- Add patch to fix integer overflow on 32-bit in KissFFT (CVE-2025-34297)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418144 - CVE-2025-34297 vtk: KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418144
[ 2 ] Bug #2418147 - CVE-2025-34297 vtk: KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2418147
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-55f82da186' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 42 Update: fontforge-20230101-19.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3dbd8c4b89
2026-03-27 00:49:16.797769+00:00
--------------------------------------------------------------------------------

Name : fontforge
Product : Fedora 42
Version : 20230101
Release : 19.fc42
URL : http://fontforge.github.io/
Summary : Outline and bitmap font editor
Description :
FontForge (former PfaEdit) is a font editor for outline and bitmap
fonts. It supports a range of font formats, including PostScript
(ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType
(Type2) and CID-keyed fonts.

--------------------------------------------------------------------------------
Update Information:

Resolves: CVE-2025-15270
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2026 Parag Nemade - 20230101-19
- Resolves: CVE-2025-15270
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2426579 - CVE-2025-15270 fontforge: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2426579
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3dbd8c4b89' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 42 Update: vtk-9.2.6-38.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-ff768f8e37
2026-03-27 00:49:16.797766+00:00
--------------------------------------------------------------------------------

Name : vtk
Product : Fedora 42
Version : 9.2.6
Release : 38.fc42
URL : https://vtk.org/
Summary : The Visualization Toolkit - A high level 3D visualization library
Description :
VTK is an open-source software system for image processing, 3D
graphics, volume rendering and visualization. VTK includes many
advanced algorithms (e.g., surface reconstruction, implicit modeling,
decimation) and rendering techniques (e.g., hardware-accelerated
volume rendering, LOD control).

NOTE: The version in this package has NOT been compiled with MPI support.

Install the vtk-mpich package to get a version compiled with mpich.

--------------------------------------------------------------------------------
Update Information:

Add patch to fix integer overflow on 32-bit in KissFFT (CVE-2025-34297)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 17 2026 Orion Poplawski [orion@nwra.com] - 9.2.6-38
- Add patch to fix integer overflow on 32-bit in KissFFT (CVE-2025-34297)
* Sun Mar 2 2025 Christoph Junghans [junghans@votca.org] - 9.2.6-37
- Remove obsolete FindHDF5.cmake
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418144 - CVE-2025-34297 vtk: KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418144
[ 2 ] Bug #2418147 - CVE-2025-34297 vtk: KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2418147
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-ff768f8e37' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: libopenmpt-0.8.6-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b58c5b3cc0
2026-03-27 00:14:48.799149+00:00
--------------------------------------------------------------------------------

Name : libopenmpt
Product : Fedora 44
Version : 0.8.6
Release : 1.fc44
URL : https://lib.openmpt.org/libopenmpt/
Summary : C/C++ library to decode tracker music module (MOD) files
Description :
libopenmpt is a cross-platform C++ and C library to decode tracked music
files (modules) into a raw PCM audio stream.

libopenmpt is based on the player code of the OpenMPT project (Open
ModPlug Tracker). In order to avoid code base fragmentation, libopenmpt is
developed in the same source code repository as OpenMPT.

--------------------------------------------------------------------------------
Update Information:

Update from 0.8.5 to 0.8.6 to fix regression:
https://lib.openmpt.org/libopenmpt/2026/03/24/security-
updates-0.8.6-0.7.19-0.6.28-0.5.42-0.4.54/
Potential security fix plus bug-fixes in 0.8.5:
https://lib.openmpt.org/libopenmpt/2026/03/22/security-
updates-0.8.5-0.7.18-0.6.27-0.5.41-0.4.53/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2026 Michael Schwendt [mschwendt@fedoraproject.org] - 0.8.6-1
- update to 0.8.6 which fixes regression in 0.8.5
* Sun Mar 22 2026 Michael Schwendt [mschwendt@fedoraproject.org] - 0.8.5-1
- update to 0.8.5
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b58c5b3cc0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new



[SECURITY] Fedora 44 Update: headscale-0.28.0-1.fc44


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-76033f35ea
2026-03-27 00:14:48.799072+00:00
--------------------------------------------------------------------------------

Name : headscale
Product : Fedora 44
Version : 0.28.0
Release : 1.fc44
URL : https://github.com/juanfont/headscale
Summary : Self-hosted implementation of the Tailscale control server
Description :
An open source, self-hosted implementation of the Tailscale control server.

--------------------------------------------------------------------------------
Update Information:

update to 0.28.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 18 2026 Jonathan Wright [jonathan@almalinux.org] - 0.28.0-1
- Update to 0.28.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2408299 - CVE-2025-58189 headscale: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408299
[ 2 ] Bug #2408721 - CVE-2025-61725 headscale: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408721
[ 3 ] Bug #2409772 - CVE-2025-61723 headscale: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409772
[ 4 ] Bug #2410722 - CVE-2025-58185 headscale: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410722
[ 5 ] Bug #2411618 - CVE-2025-58188 headscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411618
[ 6 ] Bug #2412709 - CVE-2025-58183 headscale: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412709
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-76033f35ea' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new


Thunderbird, Firefox-ESR, Ruby-Rack updates for Debian

Go, FreeRPD, Ncurses, MySQL updates for Oracle Linux

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...