Fedora Security Advisories

sssd-2.12.0-3.fc43

1 hour 16 minutes ago
FEDORA-2026-9ab663dcd4 Packages in this update:
  • sssd-2.12.0-3.fc43
Update description:

CVE fixes: CVE-2026-12610 CVE-2026-14474 CVE-2026-14476 - rhbz#2494777: CVE-2026-12610 sssd: Use-after-free crash in SSSD' 'sssd_pam' process - rhbz#2497650: CVE-2026-14476 sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass - rhbz#2497651: CVE-2026-14474 sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation

sssd-2.13.1-2.fc44

2 hours 12 minutes ago
FEDORA-2026-5acfb0243b Packages in this update:
  • sssd-2.13.1-2.fc44
Update description:

CVE fixes: CVE-2026-12610 CVE-2026-14474 CVE-2026-14476 - rhbz#2494777: CVE-2026-12610 sssd: Use-after-free crash in SSSD' 'sssd_pam' process - rhbz#2497650: CVE-2026-14476 sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass - rhbz#2497651: CVE-2026-14474 sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation

ruby-3.4.10-31.fc43

7 hours 18 minutes ago
FEDORA-2026-7b7c2b373e Packages in this update:
  • ruby-3.4.10-31.fc43
Update description:

Ruby 3.4.10 is released. This new version contains severay security bug fixes in zlib, net-imap and erb..

attr-2.6.0-1.fc45

9 hours 46 minutes ago
FEDORA-2026-c7aafa6056 Packages in this update:
  • attr-2.6.0-1.fc45
Update description:

Automatic update for attr-2.6.0-1.fc45.

Changelog * Thu Jul 9 2026 Lukáš Zaoral <lzaoral@redhat.com> - 2.6.0-1 - rebase to the latest upstream release (rhbz#2494157) - CVE-2026-54371 - Symlink Traversal Privilege Escalation via getfattr (rhbz#2494172) - remove a long-overdue workaround for /usr/include/attr/xattr.h

acl-2.4.0-1.fc44

11 hours 20 minutes ago
FEDORA-2026-6b9a652463 Packages in this update:
  • acl-2.4.0-1.fc44
Update description:
  • rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370

Resolves: CVE-2026-54369 Resolves: CVE-2026-54370

acl-2.4.0-1.fc43

11 hours 20 minutes ago
FEDORA-2026-67504c329b Packages in this update:
  • acl-2.4.0-1.fc43
Update description:
  • rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370

Resolves: CVE-2026-54369 Resolves: CVE-2026-54370

rust-cargo-rpmstatus-0.2.5-2.fc43

1 day 6 hours ago
FEDORA-2026-6d5a7be3b9 Packages in this update:
  • rust-cargo-rpmstatus-0.2.5-2.fc43
Update description:

Update to 0.2.5 (with dependency updates only), and further update some dependencies. Particularly, quick-xml 0.41 fixes RUSTSEC-2026-0194 and RUSTSEC-2026-0195.

rust-cargo-rpmstatus-0.2.5-2.fc44

1 day 8 hours ago
FEDORA-2026-08f5aab9ed Packages in this update:
  • rust-cargo-rpmstatus-0.2.5-2.fc44
Update description:

Update to 0.2.5 (with dependency updates only), and further update some dependencies. Particularly, quick-xml 0.41 fixes RUSTSEC-2026-0194 and RUSTSEC-2026-0195.

Checked
13 minutes 59 seconds ago