Aggregator

Version:next-20260128 (linux-next) Released:2026-01-28

FEDORA-EPEL-2026-d12ea63356 Packages in this update:

• xrdp-0.10.5-1.el9

Update description:

Release notes for xrdp v0.10.5 (2026/01/27)

Security fixes

• CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow

New features

• It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
• TLS pre-master secrets can now be recorded for packet captures (#3617)
• Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
• Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
• Updated Xorg paths in sesman.ini to include more recent distros (#3663)
• Add Slovenian keyboard (#3668 #3670)
• xrdpapi: Add a way to monitor connect/disconnect events (#3693)

Bug fixes

• Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
• Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
• Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
• Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
• A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
• Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
• Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
• Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
• Do not overwrite a VNC port set by the user when not using sesman (#3674)
• Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
• Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
• getgrouplist() now compiles on MacOS (#3575)
• Various Coverity warnings have been addressed (#3656)
• Documentation improvements (#3665)

Internal changes

• An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)

FEDORA-2026-b409dad73e Packages in this update:

• xrdp-0.10.5-1.fc42

Update description:

Release notes for xrdp v0.10.5 (2026/01/27)

Security fixes

• CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow

New features

• It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
• TLS pre-master secrets can now be recorded for packet captures (#3617)
• Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
• Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
• Updated Xorg paths in sesman.ini to include more recent distros (#3663)
• Add Slovenian keyboard (#3668 #3670)
• xrdpapi: Add a way to monitor connect/disconnect events (#3693)

Bug fixes

• Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
• Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
• Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
• Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
• A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
• Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
• Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
• Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
• Do not overwrite a VNC port set by the user when not using sesman (#3674)
• Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
• Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
• getgrouplist() now compiles on MacOS (#3575)
• Various Coverity warnings have been addressed (#3656)
• Documentation improvements (#3665)

Internal changes

• An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)

FEDORA-EPEL-2026-5c626357f7 Packages in this update:

• xrdp-0.10.5-1.el8

Update description:

Release notes for xrdp v0.10.5 (2026/01/27)

Security fixes

• CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow

New features

• It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
• TLS pre-master secrets can now be recorded for packet captures (#3617)
• Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
• Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
• Updated Xorg paths in sesman.ini to include more recent distros (#3663)
• Add Slovenian keyboard (#3668 #3670)
• xrdpapi: Add a way to monitor connect/disconnect events (#3693)

Bug fixes

• Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
• Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
• Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
• Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
• A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
• Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
• Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
• Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
• Do not overwrite a VNC port set by the user when not using sesman (#3674)
• Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
• Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
• getgrouplist() now compiles on MacOS (#3575)
• Various Coverity warnings have been addressed (#3656)
• Documentation improvements (#3665)

Internal changes

• An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)

FEDORA-2026-febea89ac3 Packages in this update:

• xrdp-0.10.5-1.fc43

Update description:

Release notes for xrdp v0.10.5 (2026/01/27)

Security fixes

• CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow

New features

• It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
• TLS pre-master secrets can now be recorded for packet captures (#3617)
• Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
• Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
• Updated Xorg paths in sesman.ini to include more recent distros (#3663)
• Add Slovenian keyboard (#3668 #3670)
• xrdpapi: Add a way to monitor connect/disconnect events (#3693)

Bug fixes

• Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
• Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
• Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
• Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
• A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
• Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
• Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
• Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
• Do not overwrite a VNC port set by the user when not using sesman (#3674)
• Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
• Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
• getgrouplist() now compiles on MacOS (#3575)
• Various Coverity warnings have been addressed (#3656)
• Documentation improvements (#3665)

Internal changes

• An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)

FEDORA-EPEL-2026-f9b1069f42 Packages in this update:

• python-python-multipart-0.0.20-2.el9

Update description:

Backport the fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg: drop directory path from filename in File.

It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-59728) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-59731, CVE-2025-59732) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-59733) It was discovered that FFmpeg did not correctly handle certain integer arithmetic operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-63757)

USN-7980-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2025-68160 for openssl and openssl1.0, CVE-2025-69418 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS, CVE-2025-69419 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS, CVE-2025-69420 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS, CVE-2025-69421 for openssl and openssl1.0, CVE-2026-22795 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS, and CVE-2026-22796 for openssl and openssl1.0. Original advisory details: Stanislav Fort, Petr Šimeček, and Hamza discovered that OpenSSL incorrectly validated PBMAC1 parameters when doing PKCS#12 MAC verification. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-11187) Stanislav Fort discovered that OpenSSL incorrectly parsed CMS AuthEnvelopedData messages. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-15467) Stanislav Fort discovered that OpenSSL incorrectly handled memory in the SSL_CIPHER_find() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-15468) Stanislav Fort discovered that the OpenSSL "openssl dgst" command line tool incorrectly truncated data to 16MB. An attacker could posibly use this issue to hide unauthenticated data beyond the 16MB limit. This issue only affected Ubuntu 25.10. (CVE-2025-15469) Tomas Dulka and Stanislav Fort discovered that OpenSSL incorrectly handled memory with TLS 1.3 connections using certificate compression. An attacker could possibly use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-66199) Petr Simecek and Stanislav Fort discovered that OpenSSL incorrectly handled memory when writing large data into a BIO chain. An attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2025-68160) Stanislav Fort discovered that the OpenSSL OCB API could incorrectly leave final partial blocks unencrypted and unauthenticated. An attacker could possibly use this issue to read or tamper with the affected final bytes. (CVE-2025-69418) Stanislav Fort discovered that OpenSSL incorrectly handled the PKCS12_get_friendlyname() utf-8 conversion. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69419) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in the TS_RESP_verify_response() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69420) Luigino Camastra discovered that OpenSSL incorrectly handled memory in the PKCS12_item_decrypt_d2i_ex function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69421) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in PKCS#12 parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22795) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in the PKCS7_digest_from_attributes() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22796)

FEDORA-2026-84de1534b1 Packages in this update:

• openqa-5^20250711git28a0214-4.fc42

Update description:

This update bumps the bundled lodash to 4.17.23 to ensure openQA is protected against CVE-2025-13465. It likely was not vulnerable in any case, though, as I don't believe the vulnerable codepaths were exposed by openQA's use of lodash.

It was discovered that wlc did not correctly handle SSL verification. An attacker could possibly use this issue to access sensitive resources. (CVE-2026-22250) It was discovered that wlc did not correctly handle API keys. An attacker could possibly use this issue to leak API keys to a malicious server. (CVE-2026-22251)

Stanislav Fort, Petr Šimeček, and Hamza discovered that OpenSSL incorrectly validated PBMAC1 parameters when doing PKCS#12 MAC verification. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-11187) Stanislav Fort discovered that OpenSSL incorrectly parsed CMS AuthEnvelopedData messages. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-15467) Stanislav Fort discovered that OpenSSL incorrectly handled memory in the SSL_CIPHER_find() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-15468) Stanislav Fort discovered that the OpenSSL "openssl dgst" command line tool incorrectly truncated data to 16MB. An attacker could posibly use this issue to hide unauthenticated data beyond the 16MB limit. This issue only affected Ubuntu 25.10. (CVE-2025-15469) Tomas Dulka and Stanislav Fort discovered that OpenSSL incorrectly handled memory with TLS 1.3 connections using certificate compression. An attacker could possibly use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-66199) Petr Simecek and Stanislav Fort discovered that OpenSSL incorrectly handled memory when writing large data into a BIO chain. An attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2025-68160) Stanislav Fort discovered that the OpenSSL OCB API could incorrectly leave final partial blocks unencrypted and unauthenticated. An attacker could possibly use this issue to read or tamper with the affected final bytes. (CVE-2025-69418) Stanislav Fort discovered that OpenSSL incorrectly handled the PKCS12_get_friendlyname() utf-8 conversion. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69419) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in the TS_RESP_verify_response() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69420) Luigino Camastra discovered that OpenSSL incorrectly handled memory in the PKCS12_item_decrypt_d2i_ex function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-69421) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in PKCS#12 parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22795) Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE validation in the PKCS7_digest_from_attributes() function. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22796)

Version:next-20260127 (linux-next) Released:2026-01-27

FEDORA-2026-9bb4c555f1 Packages in this update:

• openssl-3.2.6-3.fc42

Update description:

Don't crash on parsing PKCS#12 without MAC Resolves: CVE-2025-11187 Resolves: CVE-2025-15467 Resolves: CVE-2025-69419

FEDORA-2026-5f7d0a5656 Packages in this update:

• openssl-3.5.4-2.fc43

Update description:

Resolves: CVE-2025-15467 Resolves: CVE-2025-15468 Resolves: CVE-2025-15469 Resolves: CVE-2025-66199 Resolves: CVE-2025-68160 Resolves: CVE-2025-69418 Resolves: CVE-2025-69420 Resolves: CVE-2025-69421 Resolves: CVE-2025-69419 Resolves: CVE-2026-22795 Resolves: CVE-2026-22796 Resolves: CVE-2025-11187

FEDORA-EPEL-2026-58d7d41403 Packages in this update:

• java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el8

Update description:

January 2026 annual updates

FEDORA-EPEL-2026-5e00b7a772 Packages in this update:

• java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el10_2
• java-latest-openjdk-portable-26.0.0.0.32-0.1.ea.rolling.el8

Update description:

January 2026 annual updates

FEDORA-EPEL-2026-a6d429d59c Packages in this update:

• java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el9

Update description:

January 2026 annual updates

FEDORA-2026-5c70cd99f4 Packages in this update:

• java-21-openjdk-21.0.10.0.7-2.fc43
• java-25-openjdk-25.0.2.0.10-2.fc43
• java-latest-openjdk-26.0.0.0.32-0.0.1.ea.fc43

Update description:

January 2026 annual updates

January 2026 security update