Explore top 10 tips to secure your open-source projects now. Read More
×Security update. Publication date: 12 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0045.html Type: bugfix Affected Mageia releases: 10 Description: This is a normal update to the last version of opencpn that couldn't be done during Cauldron FREEZE This last version brings improvement useful for sailors' safety References: - https://bugs.mageia.org/show_bug.cgi?id=35821 SRPMS: - 10/core/opencpn-5.14.0-1.mga10 . Mageia releases security update for opencpn improving sailors' safety with new features and bugfixes.. Mageia Opencpn Update Safety Bugfix. . LinuxSecurity.com Team
Security update. Publication date: 12 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0044.html Type: bugfix Affected Mageia releases: 10 Description: These are ordinary updates to the last versions of these plugins that couldn't be submitted during Cauldron FREEZE. References: - https://bugs.mageia.org/show_bug.cgi?id=35822 SRPMS: - 10/core/opencpn-climatology-plugin-1.6.36.1-1.git20260510.mga10 - 10/core/opencpn-dashboardsk-plugin-0.3.5-1.mga10 - 10/core/opencpn-iacfleet-plugin-0.33.1-1.mga10 - 10/core/opencpn-meteovache-plugin-1.6.8-1.1.mga10 - 10/core/opencpn-polar-plugin-1.2.38.0-1.mga10 - 10/core/opencpn-radar-plugin-5.7.0-1.mga10 - 10/core/opencpn-sar-plugin-4.4.0-1.mga10 - 10/core/opencpn-watchdog-plugin-2.5.4.0-1.mga10 - 10/core/opencpn-weatherfax-plugin-1.10.18.0-1.mga10 . Stay updated with security fixes in Mageia's latest plugins and improve your system's stability and reliability.. Mageia Updates, Plugin Security, Bugfix Advisory, Mageia Security, System Stability. . LinuxSecurity.com Team
Security update. Publication date: 12 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0043.html Type: bugfix Affected Mageia releases: 10 Description: Normal update to the last version of opencpn-o-charts-plugin (this couldn't be done during Cauldron FREEZE) References: - https://bugs.mageia.org/show_bug.cgi?id=35823 SRPMS: - 10/nonfree/opencpn-o-charts-plugin-2.1.17-1.mga10.nonfree . Update for opencpn-o-charts-plugin on Mageia addresses recent bugs to enhance security and performance.. Mageia security, opencpn-o-charts-plugin update, bugfix Mageia. . LinuxSecurity.com Team
Security update. Publication date: 12 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0042.html Type: bugfix Affected Mageia releases: 10 Description: This is a normal update to the last version of qsampler that couldn't be submitted because of Cauldron FREEZE References: - https://bugs.mageia.org/show_bug.cgi?id=35825 SRPMS: - 10/core/qsampler-1.0.2-1.mga10 . Mageia 10 issues security update for qsampler to address prior bugs with important fixes.. Mageia security update, qsampler bugfix, Mageia advisory 2026-0042. . LinuxSecurity.com Team
1.2.9, CVE fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fbd55e52fb 2026-07-12 01:10:38.798647+00:00 -------------------------------------------------------------------------------- Name : python-dulwich Product : Fedora 44 Version : 1.2.9 Release : 1.fc44 URL : https://www.dulwich.io/ Summary : Python implementation of the Git file formats and protocols Description : Dulwich is a Python implementation of the Git file formats and protocols. The project is named after the village in which Mr. and Mrs. Git live in the Monty Python sketch. -------------------------------------------------------------------------------- Update Information: 1.2.9, CVE fixes -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Gwyn Ciesla - 1.2.9-1 - 1.2.9 * Mon Jul 6 2026 Gwyn Ciesla - 1.2.8-1 - 1.2.8 * Tue Jun 30 2026 Gwyn Ciesla - 1.2.7-1 - 1.2.7 * Tue Jun 30 2026 Benjamin A. Beasley - 1.2.6-3 - Allow PyO3 0.29 - Update the `License` expression * Thu Jun 4 2026 Python Maint - 1.2.6-2 - Rebuilt for Python 3.15 * Tue Jun 2 2026 Gwyn Ciesla - 1.2.6-1 - 1.2.6 * Fri May 29 2026 Gwyn Ciesla - 1.2.5-1 - 1.2.5 * Thu May 21 2026 Gwyn Ciesla - 1.2.3-1 - 1.2.3 * Wed Apr 29 2026 Gwyn Ciesla - 1.2.1-1 - 1.2.1 * Thu Apr 23 2026 Gwyn Ciesla - 1.2.0-1 - 1.2.0 * Wed Feb 18 2026 Gwyn Ciesla - 1.1.0-1 - 1.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487904 - CVE-2026-47712 python-dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487904 [ 2 ] Bug #2487907 - CVE-2026-47734 python-dulwich: Dulwich: Denial of Service via crafted Git thin pack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487907 [ 3 ] Bug #2498479 -CVE-2026-42305 python-dulwich: Dulwich: Remote Code Execution via Malicious Git Repository [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498479 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fbd55e52fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Fire scrollend event for instant programmatic scrolls. Increase network idle connection timeout to 115 seconds. Fix several crashes and rendering issues. Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712,. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3bc4b3ccb3 2026-07-12 01:10:38.798641+00:00 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 44 Version : 2.52.5 Release : 1.fc44 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Fire scrollend event for instant programmatic scrolls. Increase network idle connection timeout to 115 seconds. Fix several crashes and rendering issues. Fix CVE-2024-4367, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676, CVE-2026-43699, CVE-2026-43701, CVE-2026-43705, CVE-2026-43707, CVE-2026-43712, CVE-2026-43713, CVE-2026-43715, CVE-2026-43716, CVE-2026-43720, CVE-2026-43721, CVE-2026-43725, CVE-2026-43726, CVE-2026-43727, CVE-2026-43731, CVE-2026-43732, CVE-2026-43734, CVE-2026-43740, CVE-2026-43742, CVE-2026-43745 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Michael Catanzaro - 2.52.5-1 - Update to 2.52.5 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3bc4b3ccb3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757) fixed confusing error message when trying to store an existing cert with trust anchor fixed assert when parsing p11-kit files with value ("). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-695fd36daa 2026-07-12 01:10:38.798644+00:00 -------------------------------------------------------------------------------- Name : p11-kit Product : Fedora 44 Version : 0.26.4 Release : 1.fc44 URL : http://p11-glue.freedesktop.org/p11-kit.html Summary : Library for loading and sharing PKCS#11 modules Description : p11-kit provides a way to load and enumerate PKCS#11 modules, as well as a standard configuration setup for installing PKCS#11 modules in such a way that they're discoverable. -------------------------------------------------------------------------------- Update Information: server: fixed stack exhaustion via unbounded recursion in RPC attribute parsing by enforcing a recursion depth limit (CVE-2026-13757) fixed confusing error message when trying to store an existing cert with trust anchor fixed assert when parsing p11-kit files with value (") fixed numerous memory management issues Build and test fixes Updated translations -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 10 2026 Packit - 0.26.4-1 - Update to 0.26.4 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494560 - CVE-2026-13757 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494560 [ 2 ] Bug #2498946 - p11-kit-0.26.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2498946 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-695fd36daa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-822c07add4 2026-07-12 01:10:38.798638+00:00 -------------------------------------------------------------------------------- Name : python-idna Product : Fedora 44 Version : 3.18 Release : 1.fc44 URL : https://github.com/kjd/idna Summary : Internationalized Domain Names in Applications (IDNA) Description : A library to support the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891 . This version of the protocol is often referred to as "IDNA2008" and can produce different results from the earlier standard from 2003. The library is also intended to act as a suitable drop-in replacement for the "encodings.idna" module that comes with the Python standard library but currently only supports the older 2003 specification. -------------------------------------------------------------------------------- Update Information: Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2026 Lumir Balhar - 3.18-1 - Update to 3.18 (rhbz#2483976) * Wed Jun 3 2026 Python Maint - 3.17-2 - Rebuilt for Python 3.15 * Sun May 31 2026 Lumir Balhar - 3.17-1 - Update to 3.17 (rhbz#2480667) * Wed May 13 2026 Lumir Balhar - 3.15-1 - Update to 3.15 (rhbz#2476912) * Mon May 11 2026 Lumir Balhar - 3.14-1 - Update to 3.14 (rhbz#2468686) * Thu Apr 23 2026 Lumir Balhar - 3.13-1 - Update to 3.13 (rhbz#2460821) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2498560 - CVE-2026-45409 python-idna: idna: Denial of Service via specially crafted long inputs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498560 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-822c07add4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.