Stay Secure with the Latest Linux Advisories

security advisoryfedoraupdate

Fedora 43 Openbao 2.5.4 Critical Security Updates for CVE-2026-46358

Update to upstream-2.5.4, including fixes for CVE-2026-46358, CVE-2026-46405, and CVE-2026-45808. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d4e8f0a731 2026-05-29 01:26:24.644274+00:00 -------------------------------------------------------------------------------- Name : openbao Product : Fedora 43 Version : 2.5.4 Release : 1.fc43 URL : https://openbao.org Summary : A tool for securely accessing secrets Description : Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more. -------------------------------------------------------------------------------- Update Information: Update to upstream-2.5.4, including fixes for CVE-2026-46358, CVE-2026-46405, and CVE-2026-45808 -------------------------------------------------------------------------------- ChangeLog: * Wed May 20 2026 Dave Dykstra - 2.5.4-1 - update to upstream 2.5.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2480200 - openbao-2.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2480200 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d4e8f0a731' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Openbao 2.5.4 available for Fedora 43 with fixes for critical security issues related to secrets management.. Openbao update Fedora secrets management access control security. . Severity: Important. LinuxSecurity.com Team

May 29, 2026 •Important Fedora