Fedora 42 Update: vim-9.1.2146-1.fc42
Fedora 42 Update: p11-kit-0.26.2-1.fc42
Fedora 42 Update: gnutls-3.8.11-3.fc42
[SECURITY] Fedora 42 Update: vim-9.1.2146-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f4563b100f
2026-02-16 01:30:23.666221+00:00
--------------------------------------------------------------------------------
Name : vim
Product : Fedora 42
Version : 9.1.2146
Release : 1.fc42
URL : https://www.vim.org/
Summary : The VIM editor
Description :
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.
--------------------------------------------------------------------------------
Update Information:
patchlevel 2146
Security fix for CVE-2026-25749
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 13 2026 Zdenek Dohnal [zdohnal@redhat.com] - 2:9.1.2146-1
- patchlevel 2146
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2437843 - CVE-2026-25749 vim: Vim: Arbitrary code execution via 'helpfile' option processing
https://bugzilla.redhat.com/show_bug.cgi?id=2437843
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f4563b100f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: p11-kit-0.26.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-7982f70f74
2026-02-16 01:30:23.666216+00:00
--------------------------------------------------------------------------------
Name : p11-kit
Product : Fedora 42
Version : 0.26.2
Release : 1.fc42
URL : http://p11-glue.freedesktop.org/p11-kit.html
Summary : Library for loading and sharing PKCS#11 modules
Description :
p11-kit provides a way to load and enumerate PKCS#11 modules, as well
as a standard configuration setup for installing PKCS#11 modules in
such a way that they're discoverable.
--------------------------------------------------------------------------------
Update Information:
Notable changes from the rebase:
* pkcs11: Update PKCS11 headers to version 3.2
* rpc: fix NULL dereference via C_DeriveKey with specific NULL parameters
(CVE-2026-2100)
* trust: Lookup DNs in reverse order (RFC4514 section 2.1)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 10 2026 Packit [hello@packit.dev] - 0.26.2-1
- Update to 0.26.2 upstream release
- Resolves: rhbz#2394340
* Tue Feb 10 2026 Zoltan Fridrich [zfridric@redhat.com] - 0.25.8-3
- Migrate STI tests to TMT
* Tue Feb 10 2026 Zoltan Fridrich [zfridric@redhat.com] - 0.25.8-2
- Fix test trust-anchor-complains-about-invalid-attribute-and
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2383011 - p11-kit: STI tests will no longer be run in F43
https://bugzilla.redhat.com/show_bug.cgi?id=2383011
[ 2 ] Bug #2394340 - p11-kit-0.26.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2394340
[ 3 ] Bug #2437309 - CVE-2026-2100 p11-kit: p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2437309
[ 4 ] Bug #2437310 - CVE-2026-2100 p11-kit: p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2437310
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-7982f70f74' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: gnutls-3.8.11-3.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2b6035ee2b
2026-02-16 01:30:23.666218+00:00
--------------------------------------------------------------------------------
Name : gnutls
Product : Fedora 42
Version : 3.8.11
Release : 3.fc42
URL : http://www.gnutls.org/
Summary : A TLS protocol implementation
Description :
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
--------------------------------------------------------------------------------
Update Information:
This backports fixes for a couple CVEs:
** libgnutls: Fix NULL pointer dereference in PSK binder verification A TLS 1.3
resumption attempt with an invalid PSK binder value in ClientHello could lead to
a denial of service attack via crashing the server. The updated code guards
against the problematic dereference. Reported by Jaehun Lee. [Fixes: GNUTLS-
SA-2026-02-09-1, CVSS: high] [CVE-2026-1584]
** libgnutls: Fix name constraint processing performance issue Verifying
certificates with pathological amounts of name constraints could lead to a
denial of service attack via resource exhaustion. Reworked processing algorithms
exhibit better performance characteristics. Reported by Tim Scheckenbach.
[Fixes: GNUTLS-SA-2026-02-09-2, CVSS: medium] [CVE-2025-14831]
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 10 2026 Alexander Sosedkin [asosedkin@redhat.com] - 3.8.11-3
- Backport fixes for CVE-2025-9820, CVE-2025-14831
- Fix name constraint processing performance issue (CVE-2025-14831)
- Fix NULL pointer dereference in PSK binder verification (CVE-2026-1584)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2437986 - CVE-2025-14831 gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2437986
[ 2 ] Bug #2437988 - CVE-2026-1584 gnutls: gnutls: Remote Denial of Service via crafted ClientHello with invalid PSK binder [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2437988
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2b6035ee2b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
