Fedora Security Advisories

pie-1.4.1-1.fc42

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-2026-3b2063832d Packages in this update:
  • pie-1.4.1-1.fc42
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

pie-1.4.1-1.el10_3

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-EPEL-2026-7812671be8 Packages in this update:
  • pie-1.4.1-1.el10_3
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

pie-1.4.1-1.el10_1

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-EPEL-2026-f0077847e2 Packages in this update:
  • pie-1.4.1-1.el10_1
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

pie-1.4.1-1.el10_2

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-EPEL-2026-128f171ef6 Packages in this update:
  • pie-1.4.1-1.el10_2
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

pie-1.4.1-1.fc44

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-2026-7acc0ad1fc Packages in this update:
  • pie-1.4.1-1.fc44
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

pie-1.4.1-1.fc43

Fedora Security Advisories
5 hours 19 minutes ago
FEDORA-2026-3f4283f831 Packages in this update:
  • pie-1.4.1-1.fc43
Update description:

Version 1.4.1

  • Update bundled Composer to 2.9.7
Version 1.4.0

New features!

  • Prompt to install missing system dependencies
  • Prompt to install build toolchain
  • Support pre-packaged-binary for download-url-method
  • Support INSTALL_ROOT environment variable to override destination

For more information, see Upstream annoucenement

curl-8.11.1-8.fc42

Fedora Security Advisories
5 hours 51 minutes ago
FEDORA-2026-907bbf2a13 Packages in this update:
  • curl-8.11.1-8.fc42
Update description:
  • fix bad reuse of HTTP Negotiate connection (CVE-2026-1965)
  • fix token leak with redirect and netrc (CVE-2026-3783)
  • fix wrong proxy connection reuse with credentials (CVE-2026-3784)
  • fix use after free in SMB connection reuse (CVE-2026-3805)

composer-2.9.7-1.el10_3

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-EPEL-2026-de8ec2aa2e Packages in this update:
  • composer-2.9.7-1.el10_3
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.el9

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-EPEL-2026-a47812ee6c Packages in this update:
  • composer-2.9.7-1.el9
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.fc44

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-2026-1140c02041 Packages in this update:
  • composer-2.9.7-1.fc44
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.el10_2

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-EPEL-2026-7babf884c7 Packages in this update:
  • composer-2.9.7-1.el10_2
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.fc42

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-2026-d91f313a63 Packages in this update:
  • composer-2.9.7-1.fc42
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.fc43

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-2026-02c1f66b6a Packages in this update:
  • composer-2.9.7-1.fc43
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

composer-2.9.7-1.el10_1

Fedora Security Advisories
6 hours 38 minutes ago
FEDORA-EPEL-2026-e7a666ddb5 Packages in this update:
  • composer-2.9.7-1.el10_1
Update description: Version 2.9.7 - 2026-04-14
  • Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)
Version 2.9.6 - 2026-04-14
  • Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
  • Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
  • Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3d)
  • Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77e)
  • Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc088)
  • Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c764)
  • Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
  • Fixed GitHub API authentication errors not being visible to the user (#12737)
  • Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
  • Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

pgadmin4-9.14-3.fc44

Fedora Security Advisories
10 hours 9 minutes ago
FEDORA-2026-34c2bf6df4 Packages in this update:
  • pgadmin4-9.14-3.fc44
Update description:

Update axios to 1.15.0, fixes CVE-2026-40175 and CVE-2025-62718.

Update to pgadmin4-9.14.

pgadmin4-9.14-3.fc43

Fedora Security Advisories
10 hours 9 minutes ago
FEDORA-2026-e9ecdd44c4 Packages in this update:
  • pgadmin4-9.14-3.fc43
Update description:

Update axios to 1.15.0, fixes CVE-2026-40175 and CVE-2025-62718.

Update to pgadmin4-9.14.

pgadmin4-9.14-3.fc42

Fedora Security Advisories
10 hours 9 minutes ago
FEDORA-2026-b4633cbe23 Packages in this update:
  • pgadmin4-9.14-3.fc42
Update description:

Update axios to 1.15.0, fixes CVE-2026-40175 and CVE-2025-62718.

Update to pgadmin4-9.14.

Checked
42 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security