Stay Secure with the Latest Linux Advisories

security advisoryfedoracritical

Fedora 44 SentencePiece Memory Access Issue Advisory 2026-314504fd18

Update to 0.2.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-314504fd18 2026-06-09 01:21:40.783727+00:00 -------------------------------------------------------------------------------- Name : sentencepiece Product : Fedora 44 Version : 0.2.1 Release : 1.fc44 URL : https://github.com/google/sentencepiece Summary : An unsupervised text tokenizer for Neural Network-based text generation Description : The SentencePiece is an unsupervised text tokenizer for Neural Network-based text generation. It is an unsupervised text tokenizer and detokenizer mainly for Neural Network-based text generation systems where the vocabulary size is predetermined prior to the neural model training. SentencePiece implements subword units and unigram language model with the extension of direct training from raw sentences. SentencePiece allows us to make a purely end-to-end system that does not depend on language-specific pre/post-processing. -------------------------------------------------------------------------------- Update Information: Update to 0.2.1 -------------------------------------------------------------------------------- ChangeLog: * Tue May 19 2026 Peter Robinson - 0.2.1-1 - Update to 0.2.1 - Fixes CVE-2026-1260 (rhbz#2432139 rhbz#2432139) - Minor package updates for new rev -------------------------------------------------------------------------------- References: [ 1 ] Bug #2432139 - CVE-2026-1260 sentencepiece: Sentencepiece: Invalid memory access leading to potential arbitrary code execution via a crafted model file. [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2432139 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-314504fd18' at the command line. For more information, refer to the dnf documentationavailable at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to Fedora 44 for SentencePiece addressing critical memory access issues. Upgrade to prevent arbitrary execution risks.. Fedora Security, SentencePiece Exploit, Unsupervised Text Tokenizer. . Severity: Critical. LinuxSecurity.com Team

Jun 09, 2026 •Critical Fedora