Fedora Security Advisories

FEDORA-2026-41926fe792 Packages in this update:

• PackageKit-1.3.4-3.fc42

Update description:

Backport fix for race condition leading to root compromise (GHSA-f55j-vvr9-69xv)

FEDORA-2026-7463cd3c32 Packages in this update:

• PackageKit-1.3.4-3.fc43

Update description:

Backport fix for race condition leading to root compromise (GHSA-f55j-vvr9-69xv)

FEDORA-2026-6c121b3d4c Packages in this update:

• PackageKit-1.3.4-3.fc44

Update description:

Backport fix for race condition leading to root compromise (GHSA-f55j-vvr9-69xv)

FEDORA-EPEL-2026-b5304cc714 Packages in this update:

• jfrog-cli-2.98.0-1.el9

Update description:

Upstream 2.98.0 release. https://github.com/jfrog/jfrog-cli/releases/tag/v2.98.0

FEDORA-2026-6b87863841 Packages in this update:

• jfrog-cli-2.98.0-1.fc44

Update description:

Upstream release 2.98.0. https://github.com/jfrog/jfrog-cli/releases/tag/v2.98.0

Resolves the following security issues: CVE-2025-11579 CVE-2025-66564 CVE-2026-23831 CVE-2026-23991 CVE-2026-23992 CVE-2026-24117 CVE-2026-24137 CVE-2026-24686 CVE-2026-32285 CVE-2026-33762 CVE-2026-34165 CVE-2026-34986

FEDORA-EPEL-2026-634a86a46c Packages in this update:

• openbao-2.5.3-1.el10_2

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-EPEL-2026-2ec1b552ed Packages in this update:

• openbao-2.5.3-1.el9

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-EPEL-2026-87bd2ef01e Packages in this update:

• openbao-2.5.3-1.el10_1

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-2026-c7450bfed6 Packages in this update:

• openbao-2.5.3-1.fc44

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-2026-c008e6a5da Packages in this update:

• openbao-2.5.3-1.fc42

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-2026-41918b2b57 Packages in this update:

• openbao-2.5.3-1.fc43

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-EPEL-2026-775ee5b1af Packages in this update:

• openbao-2.5.3-1.el10_3

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-EPEL-2026-fb3934bee2 Packages in this update:

• openbao-2.5.3-1.el8

Update description:

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

FEDORA-2026-4a8ed954a6 Packages in this update:

• pyp2spec-0.14.1-1.fc44

Update description:

Added sanitization of inputs of the metadata fields.

FEDORA-2026-1f68c09a18 Packages in this update:

• pyp2spec-0.14.1-1.fc43

Update description:

Added sanitization of inputs of the metadata fields.

FEDORA-2026-e1d2833798 Packages in this update:

• dotnet9.0-9.0.116-1.fc44

Update description:

Update to .NET SDK 9.0.116 and Runtime 9.0.15

Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.116.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.15.md

FEDORA-2026-97fbaaef10 Packages in this update:

• dotnet9.0-9.0.116-1.fc43

Update description:

Update to .NET SDK 9.0.116 and Runtime 9.0.15

Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.116.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.15.md

FEDORA-2026-ac43e01af9 Packages in this update:

• dotnet9.0-9.0.116-1.fc42

Update description:

Update to .NET SDK 9.0.116 and Runtime 9.0.15

Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.116.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.15/9.0.15.md

FEDORA-2026-91671b8061 Packages in this update:

• pyp2spec-0.14.1-1.fc42

Update description:

Automatic update for pyp2spec-0.14.1-1.fc42.

Changelog for pyp2spec * Tue Apr 21 2026 Packit <hello@packit.dev> - 0.14.1-1 - Update to 0.14.1 upstream release - Resolves: rhbz#2460051 - Resolves: rhbz#2449892 * Sat Jan 17 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Sep 19 2025 Python Maint <python-maint@redhat.com> - 0.13.0-3 - Rebuilt for Python 3.14.0rc3 bytecode * Fri Aug 15 2025 Python Maint <python-maint@redhat.com> - 0.13.0-2 - Rebuilt for Python 3.14.0rc2 bytecode

FEDORA-2026-edca75e401 Packages in this update:

• dotnet8.0-8.0.126-1.fc44

Update description:

Update to .NET SDK 8.0.126 and Runtime 8.0.26

Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.26/8.0.126.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.26/8.0.26.md