Alerts This Week
Warning Icon 1 654
Alerts This Week
Warning Icon 1 654

Fedora 43 restic Update Denial of Service Issues 2026-e6094447f0

fedora
Calendar Grey June 18, 2026
Dist Fedora Esm H88
Update restic on Fedora 43 addresses multiple serious issues. Apply the updates for enhanced security now.
Update to 0.19.0

Summary

Fast, secure, efficient backup program.

restic supports the following backends for storing backups natively:

* Local directory

* sftp server (via SSH)

* HTTP REST server (protocol, rest-server)

* Amazon S3 (either from Amazon or using the Minio server)

* OpenStack Swift

* BackBlaze B2

* Microsoft Azure Blob Storage

* Google Cloud Storage

* And many other services via the rclone Backend

Update Information:

Update to 0.19.0

Topics%20covered

Topics Covered

security advisory denial of service fedora administrative access restic unauthenticated execution

Change Log

* Wed Jun 10 2026 Mikel Olasagasti Uranga - 0.19.0-1 - Update to 0.19.0 - Closes rhbz#2487290 * Tue Feb 3 2026 Maxwell G - 0.18.1-3 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Sat Jan 17 2026 Fedora Release Engineering - 0.18.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References


[ 1 ] Bug #2455673 - CVE-2026-34986 restic: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455673 [ 2 ] Bug #2464136 - CVE-2026-41179 restic: Rclone: Unauthenticated local command execution via exposed RC endpoint [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2464136 [ 3 ] Bug #2464140 - CVE-2026-41176 restic: Rclone: Unauthorized access to administrative functions through unauthenticated Remote Control endpoint. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2464140 [ 4 ] Bug #2486238 - CVE-2026-45287 restic: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486238

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e6094447f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: restic
Product: Fedora 43
Version: 0.19.0
Release: 1.fc43
URL: https://github.com/restic/restic
Summary: Fast, secure, efficient backup program

Topics%20covered

Topics Covered

security advisory denial of service fedora administrative access restic unauthenticated execution

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here