Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 42 rust-sevctl Important Time Crate Denial of Service CVE-2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6388b28850 2026-02-11 00:58:02.841951+00:00 -------------------------------------------------------------------------------- Name : rust-sevctl Product : Fedora 42 Version : 0.6.2 Release : 6.fc42 URL : https://crates.io/crates/sevctl Summary : Administrative utility for AMD SEV Description : Administrative utility for AMD SEV. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 7 2026 Fabio Valentini - 0.6.2-6 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 * Sat Jan 17 2026 Fedora Release Engineering - 0.6.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jul 25 2025 Fedora Release Engineering - 0.6.2-4 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437465 - CVE-2026-25537 rust-jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437465 [ 2 ] Bug #2437467 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437467 [ 3 ] Bug #2438046 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438046 [ 4 ] Bug #2438075 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438075 [ 5 ] Bug #2438077 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438077 [ 6 ] Bug #2438086 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438086 [ 7 ] Bug #2438091 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438091 [ 8 ] Bug #2438097 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438097 [ 9 ] Bug #2438098 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438098 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6388b28850' at thecommand line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . This update for rust-sevctl addresses important dependencies and mitigates stack exhaustion risks linked to time crate vulnerabilities.. rust-sevctl updates, fedora security, time crate patches, stack exhaustion risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 11, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 42 Glycin Important Denial of Service Threat CVE-2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6388b28850 2026-02-11 00:58:02.841951+00:00 -------------------------------------------------------------------------------- Name : glycin Product : Fedora 42 Version : 1.2.3 Release : 6.fc42 URL : Summary : Sandboxed image rendering Description : Sandboxed and extendable image decoding. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 7 2026 Fabio Valentini - 1.2.3-6 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437465 - CVE-2026-25537 rust-jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437465 [ 2 ] Bug #2437467 - CVE-2026-25537 uv: jsonwebtoken has TypeConfusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437467 [ 3 ] Bug #2438046 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438046 [ 4 ] Bug #2438075 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438075 [ 5 ] Bug #2438077 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438077 [ 6 ] Bug #2438086 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438086 [ 7 ] Bug #2438091 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438091 [ 8 ] Bug #2438097 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438097 [ 9 ] Bug #2438098 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438098 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6388b28850' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Stay updated on Fedora 42 with critical fixes for glycin and associated crates affecting security and performance.. Fedora Update, glycin package, security fixes, Rust crates, CVE-2026-25537. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 11, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 42 ntpd-rs Serious Authorization Bypass Denial of Service 2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6388b28850 2026-02-11 00:58:02.841951+00:00 -------------------------------------------------------------------------------- Name : ntpd-rs Product : Fedora 42 Version : 1.6.2 Release : 3.fc42 URL : https://github.com/pendulum-project/ntpd-rs Summary : Full-featured implementation of NTP with NTS support Description : Full-featured implementation of NTP with NTS support. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 7 2026 Fabio Valentini - 1.6.2-3 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 * Fri Jan 16 2026 Fedora Release Engineering - 1.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437465 - CVE-2026-25537 rust-jsonwebtoken:jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437465 [ 2 ] Bug #2437467 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437467 [ 3 ] Bug #2438046 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438046 [ 4 ] Bug #2438075 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438075 [ 5 ] Bug #2438077 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438077 [ 6 ] Bug #2438086 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438086 [ 7 ] Bug #2438091 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438091 [ 8 ] Bug #2438097 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438097 [ 9 ] Bug #2438098 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438098 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6388b28850' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPGkey. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical updates in Fedora address NTP service issues including time crate enhancements and security vulnerabilities.. Fedora 42 advisory,time crate,ntpd-rs,authorization bypass,denial of service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 11, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorathreat

Fedora 43 rust-eif_build Important Stack Exhaustion DoS CVE-2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f400579a21 2026-02-10 01:31:32.937525+00:00 -------------------------------------------------------------------------------- Name : rust-eif_build Product : Fedora 43 Version : 0.2.1 Release : 6.fc43 URL : https://crates.io/crates/eif_build Summary : CLI tool to create EIF files for AWS Nitro Enclaves Description : This CLI tool provides a low level path to assemble an enclave image format (EIF) file used in AWS Nitro Enclaves. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 7 2026 Fabio Valentini - 0.2.1-6 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 * Sat Jan 17 2026 Fedora Release Engineering - 0.2.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437470 - CVE-2026-25537 rust-jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437470 [ 2 ] Bug #2437472 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437472 [ 3 ] Bug #2438104 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438104 [ 4 ] Bug #2438135 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438135 [ 5 ] Bug #2438138 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438138 [ 6 ] Bug #2438149 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438149 [ 7 ] Bug #2438158 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438158 [ 8 ] Bug #2438164 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438164 [ 9 ] Bug #2438165 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438165 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f400579a21' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 rust-eif_build updates critical components for security and performance enhancements against vulnerabilities.. Fedora Security Update time crate CVE rust-eif_build. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 10, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraDoS

Fedora 43 rust-ambient-id Security Update RUSTSEC 2026-f400579a21 DoS Fix

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f400579a21 2026-02-10 01:31:32.937525+00:00 -------------------------------------------------------------------------------- Name : rust-ambient-id Product : Fedora 43 Version : 0.0.8 Release : 1.fc43 URL : https://crates.io/crates/ambient-id Summary : Detects ambient OIDC credentials in a variety of environments Description : Detects ambient OIDC credentials in a variety of environments. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 3 2026 Benjamin A. Beasley - 0.0.8-1 - Update to version 0.0.8 * Sat Jan 17 2026 Fedora Release Engineering - 0.0.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437470 - CVE-2026-25537 rust-jsonwebtoken: jsonwebtoken hasType Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437470 [ 2 ] Bug #2437472 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437472 [ 3 ] Bug #2438104 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438104 [ 4 ] Bug #2438135 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438135 [ 5 ] Bug #2438138 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438138 [ 6 ] Bug #2438149 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438149 [ 7 ] Bug #2438158 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438158 [ 8 ] Bug #2438164 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438164 [ 9 ] Bug #2438165 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438165 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f400579a21' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Rust ambient-id in Fedora 43 with critical fixes for security issues including DoS attacks.. Rust Ambient ID Update, Fedora Security Patch, Security Advisory, RUSTSEC, Time Crate Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 10, 2026 Important Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here