Fedora Security Advisories

yt-dlp-2026.06.09-1.fc43

Fedora Security Advisories
4 hours 40 minutes ago
FEDORA-2026-03f87de373 Packages in this update:
  • yt-dlp-2026.06.09-1.fc43
Update description:
  • Update to 2026.06.09. Fixes rhbz#2487407.
  • Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574

yt-dlp-2026.06.09-1.fc44

Fedora Security Advisories
4 hours 40 minutes ago
FEDORA-2026-bb702c613b Packages in this update:
  • yt-dlp-2026.06.09-1.fc44
Update description:
  • Update to 2026.06.09. Fixes rhbz#2487407.
  • Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574

haveged-1.9.23-2.el8

Fedora Security Advisories
4 hours 40 minutes ago
FEDORA-EPEL-2026-20c6017771 Packages in this update:
  • haveged-1.9.23-2.el8
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el10_3

Fedora Security Advisories
4 hours 41 minutes ago
FEDORA-EPEL-2026-94647282a7 Packages in this update:
  • haveged-1.9.23-2.el10_3
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el10_2

Fedora Security Advisories
4 hours 50 minutes ago
FEDORA-EPEL-2026-0a509be2eb Packages in this update:
  • haveged-1.9.23-2.el10_2
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.el9

Fedora Security Advisories
4 hours 50 minutes ago
FEDORA-EPEL-2026-ca98e0cf9b Packages in this update:
  • haveged-1.9.23-2.el9
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-2.fc43

Fedora Security Advisories
4 hours 53 minutes ago
FEDORA-2026-f59528a390 Packages in this update:
  • haveged-1.9.23-2.fc43
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

Update to 1.9.23 — security hardening: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

haveged-1.9.23-3.fc44

Fedora Security Advisories
4 hours 53 minutes ago
FEDORA-2026-7fc612a04e Packages in this update:
  • haveged-1.9.23-3.fc44
Update description:

Update to 1.9.23-2: - Add SELinux policy module to allow semaphore creation in /dev/shm - Add rpminspect.yaml to waive pre-existing annocheck false positive

Security fixes in 1.9.23-1: - Use O_EXCL with sem_open to prevent semaphore pre-planting attacks - Fix OOB memory access in safein()/safeout() on socket errors - Reject command socket connections from different user namespaces - Use O_NOFOLLOW for PID file to prevent symlink attacks - Open random device with O_CLOEXEC, restrict semaphore to 0600 - Fix stale semaphore recovery after SIGKILL - Fix compilation when NO_COMMAND_MODE is defined

python-mistune-3.2.1-1.fc45

Fedora Security Advisories
10 hours 56 minutes ago
FEDORA-2026-182b5d52c9 Packages in this update:
  • python-mistune-3.2.1-1.fc45
Update description:

Automatic update for python-mistune-3.2.1-1.fc45.

Changelog * Thu Jun 18 2026 Miro Hrončok <miro@hroncok.cz> - 3.2.1-1 - Update to 3.2.1 - Security fix for CVE-2026-44898 - Fixes: rhbz#2424578 - Fixes: rhbz#2489782

rust-bon-3.9.3-1.fc45 rust-bon-macros-3.9.3-1.fc45 rust-openssl-0.10.81-1.fc45 rust-openssl-sys-0.9.117-1.fc45 rust-zeroize-1.9.0-1.fc45 rust-zeroize_derive-1.5.0-1.fc45

Fedora Security Advisories
14 hours 25 minutes ago
FEDORA-2026-14941c1cf3 Packages in this update:
  • rust-bon-3.9.3-1.fc45
  • rust-bon-macros-3.9.3-1.fc45
  • rust-openssl-0.10.81-1.fc45
  • rust-openssl-sys-0.9.117-1.fc45
  • rust-zeroize-1.9.0-1.fc45
  • rust-zeroize_derive-1.5.0-1.fc45
Update description:
  • Update the openssl crate to version 0.10.81 and the openssl-sys crate to version 0.9.117.
  • Update the zeroize crate to version 1.9.0 and the zeroize_derive crate to version 1.5.0.
  • Update the bon and bon-macros crates to version 3.9.3.

docker-buildx-0.35.0-1.fc43

Fedora Security Advisories
15 hours 52 minutes ago
FEDORA-2026-3cca6f41d4 Packages in this update:
  • docker-buildx-0.35.0-1.fc43
Update description:
  • Update to release v0.35.0
  • Resolves: rhbz#2487819
  • Resolves CVE-2026-39828: rhbz#2489918, rhbz#2490102
  • Upstream enhancements, new features, and fixes

docker-buildkit-0.31.0-1.fc43

Fedora Security Advisories
16 hours 17 minutes ago
FEDORA-2026-1a714d39b0 Packages in this update:
  • docker-buildkit-0.31.0-1.fc43
Update description:
  • Update to release v0.31.0
  • Resolve CVE-2026-39829: rhbz#2489939, rhbz#2490056
  • Upstream new features and fixes

docker-buildx-0.35.0-1.fc44

Fedora Security Advisories
16 hours 18 minutes ago
FEDORA-2026-105f7df940 Packages in this update:
  • docker-buildx-0.35.0-1.fc44
Update description:
  • Update to release v0.35.0
  • Resolves: rhbz#2487819
  • Resolves CVE-2026-39828: rhbz#2489918, rhbz#2490102
  • Upstream enhancements, new features, and fixes
Checked
11 minutes 55 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security