Explore top 10 tips to secure your open-source projects now. Read More
×
Update PyO3 to 0.29; addresses RUSTSEC-2026-0176 and RUSTSEC-2026-0177. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-65b6511854 2026-07-16 01:19:18.912130+00:00 -------------------------------------------------------------------------------- Name : python-bcrypt Product : Fedora 44 Version : 4.3.0 Release : 14.fc44 URL : https://pypi.python.org/pypi/bcrypt Summary : Modern password hashing for your software and your servers Description : Modern password hashing for your software and your servers. -------------------------------------------------------------------------------- Update Information: Update PyO3 to 0.29; addresses RUSTSEC-2026-0176 and RUSTSEC-2026-0177 -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Benjamin A. Beasley - 4.3.0-14 - Update PyO3 to 0.29; addresses RUSTSEC-2026-0176 and RUSTSEC-2026-0177 * Tue Jul 7 2026 Benjamin A. Beasley - 4.3.0-13 - Replace BuildRequires: rust-packaging with cargo-rpm-macros * Tue Jul 7 2026 Benjamin A. Beasley - 4.3.0-12 - Drop manual BuildRequires on python3-devel * Tue Jul 7 2026 Benjamin A. Beasley - 4.3.0-10 - Switch URL from HTTP to HTTPS * Wed Jun 3 2026 Python Maint - 4.3.0-8 - Rebuilt for Python 3.15 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-65b6511854' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-35892 http://linux.oracle.com/errata/ELSA-2026-35892.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm aarch64: nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.src.rpm RelatedCVEs: CVE-2026-6733 CVE-2026-9678 CVE-2026-11525 CVE-2026-12151 CVE-2026-42338 CVE-2026-48615 CVE-2026-48618 CVE-2026-48619 CVE-2026-48928 CVE-2026-48930 CVE-2026-48933 CVE-2026-48934 CVE-2026-48935 Description of changes: nodejs [1:22.23.1-1] - Update to version 22.23.1 Resolves: RHEL-186622 RHEL-185998 RHEL-183669 Fixes: CVE-2026-12151 CVE-2026-48618 CVE-2026-48933 CVE-2026-48937 CVE-2026-48930 CVE-2026-48619 CVE-2026-48615 CVE-2026-48934 CVE-2026-48928 CVE-2026-48617 CVE-2026-48931 CVE-2026-48935 CVE-2026-42338 nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 - Resolves: CVE-2022-25883 [2.0.20-2] - Patch bundled glob-parent - Resolves: CVE-2021-35065 [2.0.20-1] - Rebase to 2.0.20 Resolves: CVE-2022-3517 [2.0.15-1] - Resolves: RHBZ#2005419 - Resolves CVE-2020-28469 - Rebase to newest version - Change source to npmjs.com nodejs-packaging [2021.06-6] - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-120511 [2021.06-5] - nodejs.req to properly detect bundled deps _______________________________________________ El-errata mailing list
Security update. Publication date: 06 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0039.html Type: bugfix Affected Mageia releases: 10 Description: These updated packages enable building for Mageia 10 stable. References: - https://bugs.mageia.org/show_bug.cgi?id=35788 - https://github.com/rpm-software-management/mock/ SRPMS: - 10/core/distribution-gpg-keys-1.119-1.mga10 - 10/core/mock-core-configs-44.4-1.mga10 - 10/core/mock-mageia-configs-10-4.1.mga10 . A security update for Mageia 10 enhancing the building capabilities with mock and relevant packages.. Mageia security update, mock application, package management, system stability. . Severity: Important. LinuxSecurity.com Team
Update quick-xml for two security advisories, rebuild dependents, and update sandogasa to the latest https://rustsec.org/advisories/RUSTSEC-2026-0194.html https://rustsec.org/advisories/RUSTSEC-2026-0195.html sandogasa. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ffaebbf2f0 2026-07-06 15:09:07.087500+00:00 -------------------------------------------------------------------------------- Name : rust-inferno Product : Fedora 43 Version : 0.12.6 Release : 3.fc43 URL : https://crates.io/crates/inferno Summary : Rust port of the FlameGraph performance profiling tool suite Description : Rust port of the FlameGraph performance profiling tool suite. -------------------------------------------------------------------------------- Update Information: Update quick-xml for two security advisories, rebuild dependents, and update sandogasa to the latest https://rustsec.org/advisories/RUSTSEC-2026-0194.html https://rustsec.org/advisories/RUSTSEC-2026-0195.html sandogasa v0.15.3 ebranch base-distro guard — resolve/file-requests now know EPEL must not replace RHEL/CentOS Stream packages: deps present in the base at a too-old version are blocked with clear options (alternate package via --override, or lower the requirement) instead of becoming CANTFIX branch requests; file-requests re-checks the base before filing New sandogasa-sourcehut crate — sr.ht GraphQL client; sandogasa-report gains a Sourcehut section (patches, tickets, commits split yours vs third-party, git_emails attribution) ebranch check-crate — human report on stderr alongside --koji/--copr machine output, so build scripts stay pipeable dbranch rebuild — creates debian/gbp.conf when the Debian branch has none and handles the modern single-line salsa-ci.yml Robustness: 120s HTTP timeout on every client; --version on every tool; quick-xml bumped to 0.41 for RUSTSEC-2026-0194/-0195 sandogasa-report: consistent commit detail levelsacross forges Full details: https://github.com/slopfest/sandogasa/blob/v0.15.3/CHANGELOG.md#v0153 v0.15.2 New sandogasa-review crate — shared keep/explain/remove resolution for reviewer-curated findings; adopted by fedora-review-digest, ebranch check-update, and fedora-cve-triage New sandogasa-forgejo crate — Forgejo/Gitea REST API client (PR activity issue filing); powers sandogasa-report's Forgejo accounting ebranch check-update overhaul — condensed output (counts + version grouping), reviewer curation of blocking findings before karma, branch inference for Fedora side tags (EPEL still needs -b al9 -r @epel), plus fixes for stale-side-tag and rich-dep installability false positives and large-update performance fedora-cve-triage — per-bug keep/explain/remove review before closing detected false positives sandogasa-report — Forgejo PR-merge and issue accounting Full details: https://github.com/slopfest/sandogasa/blob/v0.15.2/CHANGELOG.md#v0152 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 3 2026 Michel Lind - 0.12.6-3 - Allow building against quick-xml 0.41 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494601 - rust-quick-xml-0.41.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494601 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ffaebbf2f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Apply critical updates for rust-inferno on Fedora 43 to protectagainst identified security issues and vulnerabilities.. Fedora Rust Inferno Update Security Issues Advisory. . Severity: Important. LinuxSecurity.com Team
Update to 1.74.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6145ae14ca 2026-07-02 01:05:29.983954+00:00 -------------------------------------------------------------------------------- Name : rclone Product : Fedora 44 Version : 1.74.3 Release : 1.fc44 URL : https://github.com/rclone/rclone Summary : Rsync for cloud storage Description : "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files. -------------------------------------------------------------------------------- Update Information: Update to 1.74.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 6 2026 Packit - 1.74.3-1 - Update to 1.74.3 upstream release - Resolves: rhbz#2485621 * Sat May 23 2026 Packit - 1.74.2-1 - Update to 1.74.2 upstream release - Resolves: rhbz#2468412 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2486295 - CVE-2026-45287 rclone: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486295 [ 2 ] Bug #2489905 - CVE-2026-39828 rclone: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489905 [ 3 ] Bug #2490091 - CVE-2026-39829 rclone: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490091 [ 4 ] Bug #2490402 - CVE-2026-39830 rclone: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490402 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6145ae14ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-28922 http://linux.oracle.com/errata/ELSA-2026-28922.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: autocorr-af-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-bg-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ca-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-cs-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-da-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-de-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-en-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-es-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-fa-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-fi-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-fr-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ga-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-hr-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-hu-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-is-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-it-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ja-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ko-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-lb-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-lt-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-mn-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-nl-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-pl-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-pt-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ro-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-ru-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-sk-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-sl-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-sr-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-sv-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-tr-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-vi-6.4.7.2-20.0.1.el8_10.noarch.rpm autocorr-zh-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-base-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-calc-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-core-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-data-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-draw-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-emailmerge-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-filters-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-gdb-debug-support-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-graphicfilter-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-gtk3-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ar-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-bg-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-bn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ca-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-cs-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-da-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-de-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-dz-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-el-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-en-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-es-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-et-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-eu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-fi-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-fr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-gl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-gu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-he-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-hi-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-hr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-hu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-id-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-it-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ja-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ko-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-lt-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-lv-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-nb-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-nl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-nn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-pl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-pt-BR-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-pt-PT-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ro-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ru-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-si-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-sk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-sl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-sv-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-ta-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-tr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-uk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-zh-Hans-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-help-zh-Hant-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-impress-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-af-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ar-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-as-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-bg-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-bn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-br-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ca-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-cs-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-cy-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-da-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-de-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-dz-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-el-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-en-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-es-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-et-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-eu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-fa-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-fi-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-fr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ga-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-gl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-gu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-he-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-hi-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-hr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-hu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-id-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-it-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ja-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-kk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-kn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ko-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-lt-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-lv-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-mai-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ml-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-mr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-nb-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-nl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-nn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-nr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-nso-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-or-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-pa-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-pl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-pt-BR-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-pt-PT-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ro-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ru-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-si-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-sk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-sl-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-sr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ss-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-st-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-sv-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ta-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-te-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-th-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-tn-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-tr-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ts-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-uk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-ve-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-xh-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-zh-Hans-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-zh-Hant-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-langpack-zu-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-math-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-ogltrans-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-opensymbol-fonts-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-pdfimport-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-pyuno-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-sdk-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-sdk-doc-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-ure-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-ure-common-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-wiki-publisher-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-writer-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-x11-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreoffice-xsltfilter-6.4.7.2-20.0.1.el8_10.x86_64.rpm libreofficekit-6.4.7.2-20.0.1.el8_10.x86_64.rpm aarch64: autocorr-en-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-calc-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-core-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-data-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-graphicfilter-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-help-en-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-impress-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-langpack-en-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-ogltrans-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-opensymbol-fonts-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-pdfimport-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-pyuno-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-ure-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-ure-common-6.4.7.2-20.0.1.el8_10.noarch.rpm libreoffice-writer-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-sdk-6.4.7.2-20.0.1.el8_10.aarch64.rpm libreoffice-sdk-doc-6.4.7.2-20.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libreoffice-6.4.7.2-20.0.1.el8_10.src.rpm Related CVEs: CVE-2026-4430 Description ofchanges: [1:6.4.7.2-20.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor="Oracle America, Inc." - Added the --with-hamcrest option to configure. [1:6.4.7.2-20] - Fix CVE-2026-4430 Conform AlignEngine parsing to what section 2.3.4.10 of the spec has - Resolves: RHEL-176575 _______________________________________________ El-errata mailing list
An update that solves four vulnerabilities can now be installed.. # Security update for containerd Announcement ID: SUSE-SU-2026:2639-1 Release Date: 2026-06-26T07:06:05Z Rating: important References: * bsc#1260296 * bsc#1262948 * bsc#1265794 * bsc#1266640 Cross-References: * CVE-2026-33186 * CVE-2026-33814 * CVE-2026-34986 * CVE-2026-39821 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux EnterpriseMicro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for containerd fixes the following issues * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header (bsc#1260296). * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265794). * CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262948). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2639=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2639=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2639=1 * Containers Module 15-SP7 zypper in -tpatch SUSE-SLE-Module-Containers-15-SP7-2026-2639=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2639=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2639=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2639=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2639=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2639=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2639=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2639=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2639=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2639=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2639=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2639=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2639=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2639=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4(aarch64 x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * containerd-1.7.29-150000.137.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * containerd-devel-1.7.29-150000.137.1 * containerd-ctr-1.7.29-150000.137.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.137.1 *containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.137.1 * containerd-devel-1.7.29-150000.137.1 * containerd-1.7.29-150000.137.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://bugzilla.suse.com/show_bug.cgi?id=1260296 * https://bugzilla.suse.com/show_bug.cgi?id=1262948 * https://bugzilla.suse.com/show_bug.cgi?id=1265794 * https://bugzilla.suse.com/show_bug.cgi?id=1266640 . A security update for containerd addresses four important vulnerabilities affecting SUSE systems.. SUSE containerd security update important denial of service authorization bypass. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-25220 http://linux.oracle.com/errata/ELSA-2026-25220.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm aspnetcore-runtime-dbg-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm aspnetcore-targeting-pack-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-apphost-pack-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-hostfxr-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-runtime-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-runtime-dbg-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-sdk-8.0-8.0.128-1.0.1.el9_8.x86_64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.128-1.0.1.el9_8.x86_64.rpm dotnet-sdk-dbg-8.0-8.0.128-1.0.1.el9_8.x86_64.rpm dotnet-targeting-pack-8.0-8.0.28-1.0.1.el9_8.x86_64.rpm dotnet-templates-8.0-8.0.128-1.0.1.el9_8.x86_64.rpm aarch64: aspnetcore-runtime-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm aspnetcore-runtime-dbg-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm aspnetcore-targeting-pack-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-apphost-pack-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-hostfxr-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-runtime-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-runtime-dbg-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-sdk-8.0-8.0.128-1.0.1.el9_8.aarch64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.128-1.0.1.el9_8.aarch64.rpm dotnet-sdk-dbg-8.0-8.0.128-1.0.1.el9_8.aarch64.rpm dotnet-targeting-pack-8.0-8.0.28-1.0.1.el9_8.aarch64.rpm dotnet-templates-8.0-8.0.128-1.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/dotnet8.0-8.0.128-1.0.1.el9_8.src.rpm Related CVEs: CVE-2026-45491 CVE-2026-45591 Description of changes: [8.0.128-1.0.1] - Add support for Oracle Linux [8.0.128-1] - Update to .NET SDK 8.0.128 and Runtime 8.0.28 - Resolves: RHEL-181055 [8.0.127-1] - Update to .NET SDK 8.0.127 and Runtime 8.0.27 - Resolves:RHEL-173923 _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.