Fedora 44 Hugo Moderate Risk of Information Exposure Buffer Vulnerability

fedora
Calendar Grey June 15, 2026
Dist Fedora Esm H88
Hugo update in Fedora 44 addresses information disclosure and markdown link issues with moderate severity.
Update to 0.162.1 (rhbz#2455512)

Summary

The world’s fastest framework for building websites.

Update Information:

Update to 0.162.1 (rhbz#2455512)

Topics%20covered

Topics Covered

security advisory moderate fedora information disclosure hugo content manipulation

Change Log

* Sun Jun 7 2026 W. Michael Petullo - 0.162.1-1 - Update to 0.162.1 (rhbz#2455512) * Sun Jun 7 2026 W. Michael Petullo - 0.160.1-2 - Remove obsolete patches * Sun Jun 7 2026 Packit - 0.160.1-1 - Update to 0.160.1 upstream release - Resolves: rhbz#2451668 * Sun Jun 7 2026 W. Michael Petullo - 0.159.0-3 - Skip check that fails on ppc64le * Sun Jun 7 2026 Mikel Olasagasti Uranga - 0.159.0-2 - Update spec - Update to go2rpm 1.19.0 template - Set `askalono` as license detector - Drop invopop/yaml to oasdiff/yaml module change - Use GO_BUILDTAGS & GO_LDFLAGS - Use gocheck2 and skip individual tests - Drop extra documentation

References


[ 1 ] Bug #2455512 - CVE-2026-35166 hugo: github.com/gohugoio/hugo: Hugo: Information disclosure and content manipulation via improper markdown link escaping https://bugzilla.redhat.com/show_bug.cgi?id=2455512

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7fe2bb8a08' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
moderate
Lowest
Low
Medium
High
Critical

Name: hugo
Product: Fedora 44
Version: 0.162.1
Release: 1.fc44
URL: https://github.com/gohugoio/hugo
Summary: The world’s fastest framework for building websites

Topics%20covered

Topics Covered

security advisory moderate fedora information disclosure hugo content manipulation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here