nuclei-3.8.0-1.fc43
FEDORA-2026-32260bab12
Packages in this update:
- nuclei-3.8.0-1.fc43
Update to nuclei 3.8.0 to patch CVE-2026-5160.
Fedora Security Advisories
binaryen-126-1.fc43
FEDORA-2026-fb3e461878
Packages in this update:
- binaryen-126-1.fc43
Fixes CVE-2025-14956 .
binaryen-126-1.fc42
FEDORA-2026-3831e11232
Packages in this update:
- binaryen-126-1.fc42
Fixes CVE-2025-14956 .
nuclei-3.8.0-1.fc44
FEDORA-2026-2ba1fcb195
Packages in this update:
- nuclei-3.8.0-1.fc44
Update to nuclei 3.8.0 to patch CVE-2026-5160.
miniupnpd-2.3.10-1.fc42
FEDORA-2026-2e8a8fd35b
Packages in this update:
- miniupnpd-2.3.10-1.fc42
2026/03/24: fix missing fclose and potential double free in option file parsing
2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders() minixml.c: fix buffer read overflow
2026/02/05: Rewrite permission line parser
2025/05/26: Fix false negative filtered STUN CGNAT test result for unsupported servers #825
2025/05/24: Fix Mac OS X 10.9 build
2025/05/15: build: teststun executable
2025/04/28: pf: fix delete_pinhole for openbsd. Was broken since miniupnpd 2.3.7
2025/04/26 Fix parsing of interfaces names starting with a digit nftables: add counter for DNAT rule (ENABLE_NFT_RULE_COUNTER in config.h) nftables: improve scripts to support already existing tables
miniupnpd-2.3.10-1.fc43
FEDORA-2026-5f908cb040
Packages in this update:
- miniupnpd-2.3.10-1.fc43
2026/03/24: fix missing fclose and potential double free in option file parsing
2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders() minixml.c: fix buffer read overflow
2026/02/05: Rewrite permission line parser
2025/05/26: Fix false negative filtered STUN CGNAT test result for unsupported servers #825
2025/05/24: Fix Mac OS X 10.9 build
2025/05/15: build: teststun executable
2025/04/28: pf: fix delete_pinhole for openbsd. Was broken since miniupnpd 2.3.7
2025/04/26 Fix parsing of interfaces names starting with a digit nftables: add counter for DNAT rule (ENABLE_NFT_RULE_COUNTER in config.h) nftables: improve scripts to support already existing tables
ngtcp2-1.22.1-1.el9
FEDORA-EPEL-2026-fca0ff7545
Packages in this update:
- ngtcp2-1.22.1-1.el9
- Fixes CVE-2026-40170
ngtcp2-1.22.1-1.el10_3
FEDORA-EPEL-2026-146c20fe60
Packages in this update:
- ngtcp2-1.22.1-1.el10_3
- Fixes CVE-2026-40170
ngtcp2-1.22.1-1.fc43
FEDORA-2026-a0f25484e9
Packages in this update:
- ngtcp2-1.22.1-1.fc43
- Fixes CVE-2026-40170
ngtcp2-1.22.1-1.fc44
FEDORA-2026-705eb9cf95
Packages in this update:
- ngtcp2-1.22.1-1.fc44
- Fixes CVE-2026-40170
miniupnpd-2.3.10-1.fc44
FEDORA-2026-f933979509
Packages in this update:
- miniupnpd-2.3.10-1.fc44
2026/03/24: fix missing fclose and potential double free in option file parsing
2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders() minixml.c: fix buffer read overflow
2026/02/05: Rewrite permission line parser
2025/05/26: Fix false negative filtered STUN CGNAT test result for unsupported servers #825
2025/05/24: Fix Mac OS X 10.9 build
2025/05/15: build: teststun executable
2025/04/28: pf: fix delete_pinhole for openbsd. Was broken since miniupnpd 2.3.7
2025/04/26 Fix parsing of interfaces names starting with a digit nftables: add counter for DNAT rule (ENABLE_NFT_RULE_COUNTER in config.h) nftables: improve scripts to support already existing tables
openssh-9.9p1-14.fc42
FEDORA-2026-d08c298940
Packages in this update:
- openssh-9.9p1-14.fc42
Fixes high severity CVE: - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode
openssh-10.2p1-8.fc44
FEDORA-2026-93679cc7c2
Packages in this update:
- openssh-10.2p1-8.fc44
- CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode
- CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions
- CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys
- CVE-2026-35414: Fix mishandling of authorized_keys principals option
- CVE-2026-35386: Add validation rules to usernames and hostnames set for ProxyJump/-J on the commandline
openssh-10.0p1-9.fc43
FEDORA-2026-2cedc95af8
Packages in this update:
- openssh-10.0p1-9.fc43
- CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode
- CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions
- CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys
- CVE-2026-35414: Fix mishandling of authorized_keys principals option
- CVE-2026-35386: Add validation rules to usernames and hostnames set for ProxyJump/-J on the commandline
sudo-1.9.17-7.p2.fc43
FEDORA-2026-e860be4db8
Packages in this update:
- sudo-1.9.17-7.p2.fc43
Fix CVE-2026-35535
sudo-1.9.17-8.p2.fc44
FEDORA-2026-6894ade78f
Packages in this update:
- sudo-1.9.17-8.p2.fc44
Fix CVE-2026-35535
botan3-3.9.0-3.el10_3
FEDORA-EPEL-2026-a0842eadb1
Packages in this update:
- botan3-3.9.0-3.el10_3
Fix security vulnerabilities CVE-2026-32877,CVE-2026-32883,CVE-2026-32884,CVE-2026-34580,CVE-2026-34582
botan3-3.9.0-6.fc44
FEDORA-2026-bd25e30303
Packages in this update:
- botan3-3.9.0-6.fc44
Fix security vulnerabilities CVE-2026-32877,CVE-2026-32883,CVE-2026-32884,CVE-2026-34580,CVE-2026-34582
python3.14-3.14.4-2.fc42
FEDORA-2026-1fd21102d1
Packages in this update:
- python3.14-3.14.4-2.fc42
Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100
New minor version of the alternate Python interpreter
python3.14-3.14.4-2.fc43
FEDORA-2026-97a8eb204a
Packages in this update:
- python3.14-3.14.4-2.fc43
Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100