Fedora Security Advisories

libpng-1.6.56-1.fc44

Fedora Security Advisories
11 hours 40 minutes ago
FEDORA-2026-c6c617fe35 Packages in this update:
  • libpng-1.6.56-1.fc44
Update description:

1.6.56 is release fixes for the following two security vulnerabilities:

  • CVE-2026-33416 (high severity): Use-after-free memory bug in the transparency and palette-handling code. Similar to its predecessor CVE-2026-25646, this latent bug has existed for 25 years. Both Halil Oktay and Ryo Shimada discovered it within days of one another.

  • CVE-2026-33636 (high severity): Out-of-bounds read and write vulnerability in the ARM Neon palette-expansion code. This one was found and fixed by Taegu Ha and has existed since 1.6.36.

The images that trigger these bugs are valid. Users are encouraged to update immediately.

libpng-1.6.56-1.fc43

Fedora Security Advisories
11 hours 41 minutes ago
FEDORA-2026-67c20bfb74 Packages in this update:
  • libpng-1.6.56-1.fc43
Update description:

1.6.56 is release fixes for the following two security vulnerabilities:

  • CVE-2026-33416 (high severity): Use-after-free memory bug in the transparency and palette-handling code. Similar to its predecessor CVE-2026-25646, this latent bug has existed for 25 years. Both Halil Oktay and Ryo Shimada discovered it within days of one another.

  • CVE-2026-33636 (high severity): Out-of-bounds read and write vulnerability in the ARM Neon palette-expansion code. This one was found and fixed by Taegu Ha and has existed since 1.6.36.

The images that trigger these bugs are valid. Users are encouraged to update immediately.

libpng-1.6.56-1.fc42

Fedora Security Advisories
11 hours 42 minutes ago
FEDORA-2026-ba18a54554 Packages in this update:
  • libpng-1.6.56-1.fc42
Update description:

1.6.56 is release fixes for the following two security vulnerabilities:

  • CVE-2026-33416 (high severity): Use-after-free memory bug in the transparency and palette-handling code. Similar to its predecessor CVE-2026-25646, this latent bug has existed for 25 years. Both Halil Oktay and Ryo Shimada discovered it within days of one another.

  • CVE-2026-33636 (high severity): Out-of-bounds read and write vulnerability in the ARM Neon palette-expansion code. This one was found and fixed by Taegu Ha and has existed since 1.6.36.

The images that trigger these bugs are valid. Users are encouraged to update immediately.

usd-26.03-2.fc45

Fedora Security Advisories
1 day 3 hours ago
FEDORA-2026-abd4c1829d Packages in this update:
  • usd-26.03-2.fc45
Update description:

Automatic update for usd-26.03-2.fc45.

Changelog * Mon Apr 6 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 26.03-2 - Backport fix for CVE-2026-34544 in OpenEXRCore - Fixes RHBZ#2454226

NetworkManager-ssh-1.4.3-1.fc45

Fedora Security Advisories
3 days 15 hours ago
FEDORA-2026-87e30fe05b Packages in this update:
  • NetworkManager-ssh-1.4.3-1.fc45
Update description:

Automatic update for NetworkManager-ssh-1.4.3-1.fc45.

Changelog * Fri Apr 3 2026 Dan Fruehauf <malkodan@gmail.com> - 1.4.3-1 - Always run autoreconf -fvi - Fix file access for private key and known hosts (rhbz#2428396) - Fix pkg-config macro - Move D-Bus policy file to /usr/share/dbus-1/system.d/
Checked
30 minutes 16 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security