Explore top 10 tips to secure your open-source projects now. Read More
×
fdf6afc update to 3.7b fixes rhbz#2498485 CHANGES FROM 3.7a TO 3.7b Fix so that the end of a synchronized update again triggers a redraw. CHANGES FROM 3.7 TO 3.7a Fix crash in break-pane when no name is provided.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7fa12630d5 2026-07-12 00:58:35.903707+00:00 -------------------------------------------------------------------------------- Name : tmux Product : Fedora 43 Version : 3.7b Release : 3.fc43 URL : https://tmux.github.io/ Summary : A terminal multiplexer Description : tmux is a "terminal multiplexer." It enables a number of terminals (or windows) to be accessed and controlled from a single terminal. tmux is intended to be a simple, modern, BSD-licensed alternative to programs such as GNU Screen. -------------------------------------------------------------------------------- Update Information: fdf6afc update to 3.7b fixes rhbz#2498485 CHANGES FROM 3.7a TO 3.7b Fix so that the end of a synchronized update again triggers a redraw. CHANGES FROM 3.7 TO 3.7a Fix crash in break-pane when no name is provided. Scrollbar options are now cached rather than being looked up for every redraw (issue 5298). Only forbid #( in names, allow #[, empty names, : and . -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Filipe Rosset - 3.7b-3 - RPMAUTOSPEC: unresolvable merge -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487530 - CVE-2026-11623 tmux: tmux: Use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487530 [ 2 ] Bug #2498485 - update to 3.7b https://bugzilla.redhat.com/show_bug.cgi?id=2498485 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c'dnf upgrade --advisory FEDORA-2026-7fa12630d5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
fdf6afc update to 3.7b fixes rhbz#2498485 CHANGES FROM 3.7a TO 3.7b Fix so that the end of a synchronized update again triggers a redraw. CHANGES FROM 3.7 TO 3.7a Fix crash in break-pane when no name is provided.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f5dd9fb83f 2026-07-11 01:06:30.201379+00:00 -------------------------------------------------------------------------------- Name : tmux Product : Fedora 44 Version : 3.7b Release : 2.fc44 URL : https://tmux.github.io/ Summary : A terminal multiplexer Description : tmux is a "terminal multiplexer." It enables a number of terminals (or windows) to be accessed and controlled from a single terminal. tmux is intended to be a simple, modern, BSD-licensed alternative to programs such as GNU Screen. -------------------------------------------------------------------------------- Update Information: fdf6afc update to 3.7b fixes rhbz#2498485 CHANGES FROM 3.7a TO 3.7b Fix so that the end of a synchronized update again triggers a redraw. CHANGES FROM 3.7 TO 3.7a Fix crash in break-pane when no name is provided. Scrollbar options are now cached rather than being looked up for every redraw (issue 5298). Only forbid #( in names, allow #[, empty names, : and . -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Filipe Rosset - 3.7b-2 - fix 3.7b build * Thu Jul 9 2026 Filipe Rosset - 3.7b-1 - update to 3.7b fixes rhbz#2498485 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487530 - CVE-2026-11623 tmux: tmux: Use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487530 [ 2 ] Bug #2498485 - update to 3.7b https://bugzilla.redhat.com/show_bug.cgi?id=2498485 -------------------------------------------------------------------------------- Thisupdate can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f5dd9fb83f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Frameworks 6.25.0 + KDE Plasma 6.6.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe3d8d4767 2026-04-16 23:40:54.273526+00:00 -------------------------------------------------------------------------------- Name : kf6-krunner Product : Fedora 44 Version : 6.25.0 Release : 1.fc44 URL : https://invent.kde.org/frameworks/krunner Summary : KDE Frameworks 6 Tier 3 solution with parallelized query system Description : KRunner provides a parallelized query system extendable via plugins. -------------------------------------------------------------------------------- Update Information: Frameworks 6.25.0 + KDE Plasma 6.6.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Steve Cossette - 6.25.0-1 - 6.25.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455469 - Configuring WifI network via Network pane appears to not work https://bugzilla.redhat.com/show_bug.cgi?id=2455469 [ 2 ] Bug #2457573 - FE: KDE Frameworks 6.25.0 + Plasma 6.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=2457573 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe3d8d4767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
MGAA-2026-0001 - Updated crypto-policies packages fix bug. MGAA-2026-0001 - Updated crypto-policies packages fix bug Publication date: 02 Jan 2026 URL: https://advisories.mageia.org/MGAA-2026-0001.html Type: bugfix Affected Mageia releases: 9 Description: Some recent systems refuse to connect to a ssh server running on mageia 9. This update fixes the issue. References: - https://bugs.mageia.org/show_bug.cgi?id=34914 - https://www.openssh.org/pq.html SRPMS: - 9/core/crypto-policies-20221110-2.1.mga9 . Fixes connection issues with ssh server on Mageia 9 related to updated crypto-policies, enhancing system stability.. Mageia Security Update,Crypto Policies Bug Fix,SSH Connection Issues,Mageia 9 Advisory. . Severity: Informational. LinuxSecurity.com Team
Backport fix for CVE-2025-6075. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5058925e1c 2025-12-02 00:48:12.507331+00:00 -------------------------------------------------------------------------------- Name : mingw-python3 Product : Fedora 43 Version : 3.11.14 Release : 3.fc43 URL : https://www.python.org/ Summary : MinGW Windows python3 Description : MinGW Windows python3 -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2025-6075 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 23 2025 Sandro Mani - 3.11.14-3 - Backport fix for CVE-2025-6075 * Sun Oct 12 2025 Sandro Mani - 3.11.14-2 - Rebuild (tcl9) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413053 - CVE-2025-6075 mingw-python3: Quadratic complexity in os.path.expandvars() with user-controlled template [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2413053 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5058925e1c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
MGAA-2025-0102 - Updated python-sslyze & python-nassl packages fix bug. MGAA-2025-0102 - Updated python-sslyze & python-nassl packages fix bug Publication date: 01 Dec 2025 URL: https://advisories.mageia.org/MGAA-2025-0102.html Type: bugfix Affected Mageia releases: 9 Description: The current version of python3-sslyze crash, these packages fixes the reported issue References: - https://bugs.mageia.org/show_bug.cgi?id=34769 SRPMS: - 9/core/python-sslyze-5.1.0-1.mga9 - 9/core/python-nassl-5.3.1-1.mga9 . Updated python-sslyze and python-nassl packages in Mageia address a crashing issue reported in earlier versions.. Mageia, python-sslyze, python-nassl, bug fix, security advisory. . Severity: Informational. LinuxSecurity.com Team
* bsc#1245509 * bsc#1247315 Cross-References: * CVE-2025-38089 . # Security update for kernel-livepatch-MICRO-6-0_Update_8 Announcement ID: SUSE-SU-2025:20811-1 Release Date: 2025-10-07T15:38:23Z Rating: important References: * bsc#1245509 * bsc#1247315 Cross-References: * CVE-2025-38089 * CVE-2025-38477 CVSS scores: * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues: * CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509) * CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-156=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-6-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-6-1.2 * kernel-livepatch-6_4_0-30-default-debuginfo-6-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://bugzilla.suse.com/show_bug.cgi?id=1245509 * https://bugzilla.suse.com/show_bug.cgi?id=1247315 . Critical security issues in SUSE Linux Micro kernel-livepatch require immediate updates to prevent system exploitation. . SUSE Linux Micro, kernel-livepatch,security advisory, DoS, important update. . Severity: Important. LinuxSecurity.com Team
Update to 8.6.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6ecd8d4f9b 2025-09-26 01:08:57.941191+00:00 -------------------------------------------------------------------------------- Name : python-orderly-set Product : Fedora 42 Version : 5.5.0 Release : 2.fc42 URL : https://github.com/seperman/orderly-set Summary : A package containing multiple implementations of Ordered Set Description : Orderly Set is a package containing multiple implementations of Ordered Set. -------------------------------------------------------------------------------- Update Information: Update to 8.6.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 15 2025 Python Maint - 5.5.0-2 - Rebuilt for Python 3.14.0rc2 bytecode * Fri Jul 25 2025 Romain Geissler - 5.5.0-1 - Update to upstream version 5.5.0 (rhbz#2377959). * Fri Jul 25 2025 Fedora Release Engineering - 5.4.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jun 2 2025 Python Maint - 5.4.1-2 - Rebuilt for Python 3.14 * Wed May 7 2025 Romain Geissler - 5.4.1-1 - Update to upstream version 5.4.1. * Mon Mar 31 2025 Romain Geissler - 5.3.0-1 - Update to upstream version 5.3.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2393899 - CVE-2025-58367 python-deepdiff: DeepDiff class pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2393899 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6ecd8d4f9b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key.More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.