Aggregator
next-20260128: linux-next
Version:next-20260128 (linux-next)
Released:2026-01-28
xrdp-0.10.5-1.el9
FEDORA-EPEL-2026-d12ea63356
Packages in this update:
- xrdp-0.10.5-1.el9
Release notes for xrdp v0.10.5 (2026/01/27)
Security fixes
- CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow
New features
- It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
- TLS pre-master secrets can now be recorded for packet captures (#3617)
- Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
- Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
- Updated Xorg paths in sesman.ini to include more recent distros (#3663)
- Add Slovenian keyboard (#3668 #3670)
- xrdpapi: Add a way to monitor connect/disconnect events (#3693)
Bug fixes
- Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
- Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
- Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
- Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
- A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
- Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
- Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
- Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
- Do not overwrite a VNC port set by the user when not using sesman (#3674)
- Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
- Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
- getgrouplist() now compiles on MacOS (#3575)
- Various Coverity warnings have been addressed (#3656)
- Documentation improvements (#3665)
Internal changes
- An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)
xrdp-0.10.5-1.fc42
FEDORA-2026-b409dad73e
Packages in this update:
- xrdp-0.10.5-1.fc42
Release notes for xrdp v0.10.5 (2026/01/27)
Security fixes
- CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow
New features
- It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
- TLS pre-master secrets can now be recorded for packet captures (#3617)
- Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
- Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
- Updated Xorg paths in sesman.ini to include more recent distros (#3663)
- Add Slovenian keyboard (#3668 #3670)
- xrdpapi: Add a way to monitor connect/disconnect events (#3693)
Bug fixes
- Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
- Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
- Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
- Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
- A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
- Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
- Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
- Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
- Do not overwrite a VNC port set by the user when not using sesman (#3674)
- Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
- Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
- getgrouplist() now compiles on MacOS (#3575)
- Various Coverity warnings have been addressed (#3656)
- Documentation improvements (#3665)
Internal changes
- An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)
xrdp-0.10.5-1.el8
FEDORA-EPEL-2026-5c626357f7
Packages in this update:
- xrdp-0.10.5-1.el8
Release notes for xrdp v0.10.5 (2026/01/27)
Security fixes
- CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow
New features
- It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
- TLS pre-master secrets can now be recorded for packet captures (#3617)
- Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
- Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
- Updated Xorg paths in sesman.ini to include more recent distros (#3663)
- Add Slovenian keyboard (#3668 #3670)
- xrdpapi: Add a way to monitor connect/disconnect events (#3693)
Bug fixes
- Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
- Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
- Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
- Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
- A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
- Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
- Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
- Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
- Do not overwrite a VNC port set by the user when not using sesman (#3674)
- Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
- Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
- getgrouplist() now compiles on MacOS (#3575)
- Various Coverity warnings have been addressed (#3656)
- Documentation improvements (#3665)
Internal changes
- An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)
xrdp-0.10.5-1.fc43
FEDORA-2026-febea89ac3
Packages in this update:
- xrdp-0.10.5-1.fc43
Release notes for xrdp v0.10.5 (2026/01/27)
Security fixes
- CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based Buffer Overflow
New features
- It is now possible to start the xrdp daemon entirely unprivileged from the service manager (#3599 #3603). If you do this certain restrictions will apply. See https://github.com/neutrinolabs/xrdp/wiki/Running-the-xrdp-process-as-non-root for details.
- TLS pre-master secrets can now be recorded for packet captures (#3617)
- Add a FuseRootReportMaxFree to work around 'no free space' issues with some file managers (#3639)
- Alternate shell names can now be passed to startwm.sh in an environment variable for more system management control (#3624 #3651)
- Updated Xorg paths in sesman.ini to include more recent distros (#3663)
- Add Slovenian keyboard (#3668 #3670)
- xrdpapi: Add a way to monitor connect/disconnect events (#3693)
Bug fixes
- Allow an empty X11 UTF8_STRING to be pasted to the clipboard (#3580 #3582)
- Fix a regression introduced in v0.10.x, where it became impossible to connect to a VNC server which did not support the ExtendedDesktopSize encoding (#3540 #3584)
- Fix a regression introduced in v0.10.x related to PAM groups handling (#3594)
- Inconsistencies with [MS-RDPBCGR] have been addressed (#3608)
- A reference to uninitialised data within the verify_user_pam_userpass.c module has been fixed (#3638)
- Prevent some possible crashes when the RFX encoder is resized (#3590 #3644)
- Fixes a regression introduced by GFX development which prevented the JPEG encoder from working correctly (#3649)
- Fixes a regression introduced by #2974 which resulted in the xrdp PID file being deleted unexpectedly (#3650)
- Do not overwrite a VNC port set by the user when not using sesman (#3674)
- Fix regression from 0.9.x when freerdp client uses /workarea (#3618 #3676)
- Fixes a crash where a resize is attempted with drdynvc disabled (#3672 #3680)
- getgrouplist() now compiles on MacOS (#3575)
- Various Coverity warnings have been addressed (#3656)
- Documentation improvements (#3665)
Internal changes
- An unnecessary include of sys/signal.h causing a compile warning on MUSL-C has been removed (#3679)
python-python-multipart-0.0.20-2.el9
FEDORA-EPEL-2026-f9b1069f42
Packages in this update:
- python-python-multipart-0.0.20-2.el9
Backport the fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg: drop directory path from filename in File.
DSA-6114-1 pyasn1 - security update
USN-7982-1: FFmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10.
(CVE-2025-59728)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-59731,
CVE-2025-59732)
It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS
and Ubuntu 25.10. (CVE-2025-59733)
It was discovered that FFmpeg did not correctly handle certain integer
arithmetic operations. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2025-63757)
USN-7980-2: OpenSSL vulnerabilities
USN-7980-1 fixed vulnerabilities in OpenSSL. This update provides the
corresponding updates for CVE-2025-68160 for openssl and openssl1.0,
CVE-2025-69418 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS,
CVE-2025-69419 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS,
CVE-2025-69420 for openssl on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS,
CVE-2025-69421 for openssl and openssl1.0, CVE-2026-22795 for openssl on
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS, and CVE-2026-22796 for openssl and
openssl1.0.
Original advisory details:
Stanislav Fort, Petr Šimeček, and Hamza discovered that OpenSSL
incorrectly validated PBMAC1 parameters when doing PKCS#12 MAC
verification. An attacker could possibly use this issue to cause OpenSSL
to crash, resulting in a denial of service. This issue only affected
Ubuntu 25.10. (CVE-2025-11187)
Stanislav Fort discovered that OpenSSL incorrectly parsed CMS
AuthEnvelopedData messages. An attacker could possibly use this issue to
cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-15467)
Stanislav Fort discovered that OpenSSL incorrectly handled memory in the
SSL_CIPHER_find() function. An attacker could possibly use this issue to
cause OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 25.10. (CVE-2025-15468)
Stanislav Fort discovered that the OpenSSL "openssl dgst" command line
tool incorrectly truncated data to 16MB. An attacker could posibly use
this issue to hide unauthenticated data beyond the 16MB limit. This issue
only affected Ubuntu 25.10. (CVE-2025-15469)
Tomas Dulka and Stanislav Fort discovered that OpenSSL incorrectly handled
memory with TLS 1.3 connections using certificate compression. An attacker
could possibly use this issue to consume resources, leading to a denial of
service. This issue only affected Ubuntu 25.10. (CVE-2025-66199)
Petr Simecek and Stanislav Fort discovered that OpenSSL incorrectly
handled memory when writing large data into a BIO chain. An attacker could
possibly use this issue to consume resources, leading to a denial of
service. (CVE-2025-68160)
Stanislav Fort discovered that the OpenSSL OCB API could incorrectly leave
final partial blocks unencrypted and unauthenticated. An attacker could
possibly use this issue to read or tamper with the affected final bytes.
(CVE-2025-69418)
Stanislav Fort discovered that OpenSSL incorrectly handled the
PKCS12_get_friendlyname() utf-8 conversion. An attacker could possibly use
this issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2025-69419)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in the TS_RESP_verify_response() function. An attacker could
possibly use this issue to cause OpenSSL to crash, resulting in a denial
of service. (CVE-2025-69420)
Luigino Camastra discovered that OpenSSL incorrectly handled memory in the
PKCS12_item_decrypt_d2i_ex function. An attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2025-69421)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in PKCS#12 parsing. An attacker could possibly use this issue
to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2026-22795)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in the PKCS7_digest_from_attributes() function. An attacker
could possibly use this issue to cause OpenSSL to crash, resulting in a
denial of service. (CVE-2026-22796)
openqa-5^20250711git28a0214-4.fc42
FEDORA-2026-84de1534b1
Packages in this update:
- openqa-5^20250711git28a0214-4.fc42
This update bumps the bundled lodash to 4.17.23 to ensure openQA is protected against CVE-2025-13465. It likely was not vulnerable in any case, though, as I don't believe the vulnerable codepaths were exposed by openQA's use of lodash.
USN-7981-1: wlc vulnerabilities
It was discovered that wlc did not correctly handle SSL verification. An
attacker could possibly use this issue to access sensitive resources.
(CVE-2026-22250)
It was discovered that wlc did not correctly handle API keys. An attacker
could possibly use this issue to leak API keys to a malicious server.
(CVE-2026-22251)
USN-7980-1: OpenSSL vulnerabilities
Stanislav Fort, Petr Šimeček, and Hamza discovered that OpenSSL
incorrectly validated PBMAC1 parameters when doing PKCS#12 MAC
verification. An attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service. This issue only affected Ubuntu
25.10. (CVE-2025-11187)
Stanislav Fort discovered that OpenSSL incorrectly parsed CMS
AuthEnvelopedData messages. An attacker could possibly use this issue to
cause OpenSSL to crash, resulting in a denial of service. (CVE-2025-15467)
Stanislav Fort discovered that OpenSSL incorrectly handled memory in the
SSL_CIPHER_find() function. An attacker could possibly use this issue to
cause OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 25.10. (CVE-2025-15468)
Stanislav Fort discovered that the OpenSSL "openssl dgst" command line
tool incorrectly truncated data to 16MB. An attacker could posibly use this
issue to hide unauthenticated data beyond the 16MB limit. This issue only
affected Ubuntu 25.10. (CVE-2025-15469)
Tomas Dulka and Stanislav Fort discovered that OpenSSL incorrectly handled
memory with TLS 1.3 connections using certificate compression. An attacker
could possibly use this issue to consume resources, leading to a denial of
service. This issue only affected Ubuntu 25.10. (CVE-2025-66199)
Petr Simecek and Stanislav Fort discovered that OpenSSL incorrectly handled
memory when writing large data into a BIO chain. An attacker could possibly
use this issue to consume resources, leading to a denial of service.
(CVE-2025-68160)
Stanislav Fort discovered that the OpenSSL OCB API could incorrectly leave
final partial blocks unencrypted and unauthenticated. An attacker could
possibly use this issue to read or tamper with the affected final bytes.
(CVE-2025-69418)
Stanislav Fort discovered that OpenSSL incorrectly handled the
PKCS12_get_friendlyname() utf-8 conversion. An attacker could possibly use
this issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2025-69419)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in the TS_RESP_verify_response() function. An attacker could
possibly use this issue to cause OpenSSL to crash, resulting in a denial of
service. (CVE-2025-69420)
Luigino Camastra discovered that OpenSSL incorrectly handled memory in the
PKCS12_item_decrypt_d2i_ex function. An attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2025-69421)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in PKCS#12 parsing. An attacker could possibly use this issue to
cause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22795)
Luigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE
validation in the PKCS7_digest_from_attributes() function. An attacker
could possibly use this issue to cause OpenSSL to crash, resulting in a
denial of service. (CVE-2026-22796)
next-20260127: linux-next
Version:next-20260127 (linux-next)
Released:2026-01-27
openssl-3.2.6-3.fc42
FEDORA-2026-9bb4c555f1
Packages in this update:
- openssl-3.2.6-3.fc42
Don't crash on parsing PKCS#12 without MAC Resolves: CVE-2025-11187 Resolves: CVE-2025-15467 Resolves: CVE-2025-69419
openssl-3.5.4-2.fc43
FEDORA-2026-5f7d0a5656
Packages in this update:
- openssl-3.5.4-2.fc43
Resolves: CVE-2025-15467 Resolves: CVE-2025-15468 Resolves: CVE-2025-15469 Resolves: CVE-2025-66199 Resolves: CVE-2025-68160 Resolves: CVE-2025-69418 Resolves: CVE-2025-69420 Resolves: CVE-2025-69421 Resolves: CVE-2025-69419 Resolves: CVE-2026-22795 Resolves: CVE-2026-22796 Resolves: CVE-2025-11187
java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el8
FEDORA-EPEL-2026-58d7d41403
Packages in this update:
- java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el8
January 2026 annual updates
java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el10_2 java-latest-openjdk-portable-26.0.0.0.32-0.1.ea.rolling.el8
FEDORA-EPEL-2026-5e00b7a772
Packages in this update:
- java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el10_2
- java-latest-openjdk-portable-26.0.0.0.32-0.1.ea.rolling.el8
January 2026 annual updates
java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el9
FEDORA-EPEL-2026-a6d429d59c
Packages in this update:
- java-latest-openjdk-26.0.0.0.32-0.0.1.ea.el9
January 2026 annual updates
java-21-openjdk-21.0.10.0.7-2.fc43 java-25-openjdk-25.0.2.0.10-2.fc43 java-latest-openjdk-26.0.0.0.32-0.0.1.ea.fc43
FEDORA-2026-5c70cd99f4
Packages in this update:
- java-21-openjdk-21.0.10.0.7-2.fc43
- java-25-openjdk-25.0.2.0.10-2.fc43
- java-latest-openjdk-26.0.0.0.32-0.0.1.ea.fc43
January 2026 annual updates
January 2026 security update