Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisoryfedorasoftware updateFedora 44 rust-reqsign-tencent-cos Breaking Change Advisory 2026-b8b59dcf44
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-tencent-cos Product : Fedora 44 Version : 3.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-tencent-cos Summary : Tencent Cloud COS signing implementation for reqsign Description : Tencent Cloud COS signing implementation for reqsign. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 3.0.0-1 - Update to version 3.0.0; Fixes RHBZ#2432779 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for rust-reqsign-tencent-cos in Fedora 44 addresses network changes impacting TLS certificates.. rust reqsign tencent cos update, Fedora security advisory, python uv build, networking stack update. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
89
security advisoryfedoranetwork changeFedora 44 rust-reqsign-core 2026-b8b59dcf44 Breaking Network Changes
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-core Product : Fedora 44 Version : 3.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-core Summary : Signing API requests without effort Description : Signing API requests without effort. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18 fixed min/max protocol selection fallback forvery old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 3.0.0-1 - Update to version 3.0.0; Fixes RHBZ#2432769 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 -rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update of rust-reqsign-core in Fedora 44 introduces networking stack changes impacting certificate trust.. Fedora 44 rust-reqsign-core update, networking stack changes, certificate trust issues. . LinuxSecurity.com Team
Mar 28, 2026
Fedora
89
security advisorysecurity updatefedoraFedora 44 rust-reqsign-http-send-reqwest Update Advisory 2026-b8b59dcf44
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-http-send-reqwest Product : Fedora 44 Version : 4.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-http-send-reqwest Summary : Reqwest-based HTTP client implementation for reqsign Description : Reqwest-based HTTP client implementation for reqsign. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side.Version 0.2.18 fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 4.0.0-1 - Update to version 4.0.0; Fixes RHBZ#2432772 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update required for rust-reqsign-http-send-reqwest due to potential certificate rejection after networking stack changes.. HTTP Client Update, Fedora Security Advisory, Certificate Management. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
89
security advisoryfedoraimportantFedora 44 rust-reqsign-google Important Networking Changes 2026-b8b59dcf44
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-google Product : Fedora 44 Version : 3.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-google Summary : Google Cloud Platform signing implementation for reqsign Description : Google Cloud Platform signing implementation for reqsign. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 3.0.0-1 - Update to version 3.0.0; Fixes RHBZ#2432773 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical updates for Fedora 44 rust-reqsign-google. Changes might impact TLS certificate trust.. Fedora 44, rust-reqsign-google, certificate trust updates, networking fixes. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
89
security advisoryfedoranetworkingFedora 44 rust-ambient-id Update 0.11.2 Critical Certificate Trust Issue
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-ambient-id Product : Fedora 44 Version : 0.0.11 Release : 1.fc44 URL : https://crates.io/crates/ambient-id Summary : Detects ambient OIDC credentials in a variety of environments Description : Detects ambient OIDC credentials in a variety of environments. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version0.2.18 fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 0.0.11-1 - Update to version 0.0.11; Fixes RHBZ#2436289 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update rust-ambient-id and python-uv-build to address networking stack changes impacting certificate trust.. rust ambient id, python uv build, Fedora updates, networking stack. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
89
security advisoryfedoraimportantFedora 44 rust-openssl-probe Version 0.2.1 Features Key Networking Updates
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-openssl-probe Product : Fedora 44 Version : 0.2.1 Release : 1.fc44 URL : https://crates.io/crates/openssl-probe Summary : Find system-wide root certificate locations based on typical OpenSSL paths Description : A library for helping to find system-wide trust anchor ("root") certificate locations based on paths typically used by `openssl`. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgradedopenssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18 fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 25 2026 Benjamin A. Beasley - 0.2.1-1 - Update to version 0.2.1; Fixes RHBZ#2425802 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 -rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical Fedora update addresses changes to rust-openssl-probe affecting certificate verification and networking stack.. rust-openssl-probe update,Fedora update,certificate verification. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
89
security advisoryfedorapython-uv-buildFedora 44 python-uv-build 0.11.2 Update Important Breaking Change Notice
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : python-uv-build Product : Fedora 44 Version : 0.11.2 Release : 1.fc44 URL : https://pypi.org/project/uv-build Summary : The uv build backend Description : This package is a slimmed down version of uv containing only the build backend. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18 fixed min/maxprotocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Benjamin A. Beasley - 0.11.2-1 - Update to 0.11.2 (close RHBZ#2450541) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug#2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 44 brings python-uv-build 0.11.2 to enhance networking stack, potentially impacting certificate trust.. Fedora Update, python-uv-build, network security update, TLS changes, build backend. . Severity: Informational. LinuxSecurity.com Team
Mar 28, 2026
•Informational
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!