Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Ubuntu 22.04 wx Important Patch 3.45.1 Server Disruption 1028-cf31ae4bcf2

fedora
Calendar Grey March 7, 2026
Dist Fedora Esm H88
Update for GitHub CLI gh addresses critical issues in Fedora 42 with upgraded version 2.87.3. Discover the latest fixes and enhancements.
Update to 2.87.3

Summary

A command-line interface to GitHub for use in your terminal or your scripts.

gh is a tool designed to enhance your workflow when working with GitHub. It

provides a seamless way to interact with GitHub repositories and perform various

actions right from the command line, eliminating the need to switch between your

terminal and the GitHub website.

Update Information:

Update to 2.87.3

Topics%20covered

Topics Covered

security advisory denial of service fedora critical command line GitHub

Change Log

* Mon Feb 23 2026 Packit - 2.87.3-1 - Update to 2.87.3 upstream release - Resolves: rhbz#2441488 * Wed Feb 18 2026 Mikel Olasagasti Uranga - 2.87.0-2 - Drop patch included in 2.87.0 * Wed Feb 18 2026 Packit - 2.87.0-1 - Update to 2.87.0 upstream release - Resolves: rhbz#2440729 * Mon Feb 2 2026 Maxwell G - 2.86.0-3 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Wed Jan 21 2026 Mikel Olasagasti Uranga - 2.86.0-2 - Fix test build * Wed Jan 21 2026 Packit - 2.86.0-1 - Update to 2.86.0 upstream release - Resolves: rhbz#2431732 * Fri Jan 16 2026 Fedora Release Engineering - 2.85.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jan 15 2026 Mikel Olasagasti Uranga - 2.85.0-1 - Update 2.85.0 - Closes rhbz#2429758 * Wed Dec 10 2025 Packit - 2.83.2-1 - Update to 2.83.2 upstream release - Resolves: rhbz#2414900 * Tue Nov 4 2025 Packit - 2.83.0-1 - Update to 2.83.0 upstream release - Resolves: rhbz#2397664 * Fri Oct 10 2025 Alejandro Sez - 2.79.0-2 - rebuild

References


[ 1 ] Bug #2398688 - CVE-2025-47910 gh: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398688 [ 2 ] Bug #2399369 - CVE-2025-47906 gh: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399369 [ 3 ] Bug #2407892 - CVE-2025-58189 gh: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2407892 [ 4 ] Bug #2408644 - CVE-2025-61725 gh: Excessive CPU consumption in ParseAddress in net/mail [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408644 [ 5 ] Bug #2409361 - CVE-2025-61723 gh: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409361 [ 6 ] Bug #2410311 - CVE-2025-58185 gh: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https:...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-de52e7caa1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: gh
Product: Fedora 42
Version: 2.87.3
Release: 1.fc42
URL: https://github.com/cli/cli
Summary: GitHub's official command line tool

Topics%20covered

Topics Covered

security advisory denial of service fedora critical command line GitHub

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here