Explore top 10 tips to secure your open-source projects now. Read More
×
Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.27/8.0.127.md. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3e509b1444 2026-05-23 15:47:52.432953+00:00 -------------------------------------------------------------------------------- Name : dotnet8.0 Product : Fedora 43 Version : 8.0.127 Release : 1.fc43 URL : https://github.com/dotnet/ Summary : .NET Runtime and SDK Description : .NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. -------------------------------------------------------------------------------- Update Information: Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.27/8.0.127.md Runtime: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.27/8.0.27.md -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Omair Majid - 8.0.127-1 - Update to .NET SDK 8.0.127 and Runtime 8.0.27 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3e509b1444' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed withthe Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Frameworks 6.25.0 + KDE Plasma 6.6.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe3d8d4767 2026-04-16 23:40:54.273526+00:00 -------------------------------------------------------------------------------- Name : kf6-kpeople Product : Fedora 44 Version : 6.25.0 Release : 1.fc44 URL : https://invent.kde.org/frameworks/kpeople Summary : KDE Frameworks 6 Tier 3 library for contact and people aggregation Description : KDE Frameworks 6 Tier 3 library for interaction with XML RPC services. -------------------------------------------------------------------------------- Update Information: Frameworks 6.25.0 + KDE Plasma 6.6.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Steve Cossette - 6.25.0-1 - 6.25.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455469 - Configuring WifI network via Network pane appears to not work https://bugzilla.redhat.com/show_bug.cgi?id=2455469 [ 2 ] Bug #2457573 - FE: KDE Frameworks 6.25.0 + Plasma 6.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=2457573 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe3d8d4767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e77ad9d792 2026-04-01 00:56:24.864678+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-doc Product : Fedora 43 Version : 1.26.11 Release : 1.fc43 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer documentation Description : GStreamer documentation. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e77ad9d792' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
New version 4.6.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3d29b96a25 2026-01-25 00:53:48.092800+00:00 -------------------------------------------------------------------------------- Name : wireshark Product : Fedora 43 Version : 4.6.3 Release : 1.fc43 URL : http://www.wireshark.org/ Summary : Network traffic analyzer Description : Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. -------------------------------------------------------------------------------- Update Information: New version 4.6.3 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 15 2026 Michal Ruprich - 1:4.6.3-1 - New version 4.6.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2418719 - wireshark-4.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2418719 [ 2 ] Bug #2429862 - CVE-2026-0961 wireshark: Wireshark: Denial of Service vulnerability in BLF file parser [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429862 [ 3 ] Bug #2429863 - CVE-2026-0962 wireshark: Wireshark: Denial of Service via SOME/IP-SD protocol dissector crash [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429863 [ 4 ] Bug #2429865 - CVE-2026-0959 wireshark: Wireshark: Denial of service via IEEE 802.11 protocol dissector crash [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429865 [ 5 ] Bug #2429868 - CVE-2026-0960 wireshark: Wireshark: Denial of Service via HTTP3 protocol dissector infinite loop [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429868 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3d29b96a25' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
uv / python-uv-build 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md Pydantic 2.12.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4154ea83d0 2025-11-05 02:09:57.817569+00:00 -------------------------------------------------------------------------------- Name : python-pydantic-core Product : Fedora 43 Version : 2.41.4 Release : 1.fc43 URL : https://github.com/pydantic/pydantic-core Summary : Core validation logic for pydantic written in rust Description : The pydantic-core project provides the core validation logic for pydantic written in Rust. -------------------------------------------------------------------------------- Update Information: uv / python-uv-build 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md Pydantic 2.12.3 Blog post maturin 1.9.6 https://github.com/PyO3/maturin/blob/v1.9.6/Changelog.md python-typing-inspection 0.4.2 (2025-10-01) Add typing_objects.is_noextraitems() python-jiter 0.11.0 https://github.com/pydantic/jiter/releases/tag/v0.11.0 python-pydantic-extra-types 2.10.6 https://github.com/pydantic/pydantic-extra-types/releases/tag/v2.10.6 Typer 0.20.0 Features \u2728 Enable command suggestions on typo by default. Upgrades \u2b06\ufe0f Add (official) support for Python 3.14. Internal Assorted small enhancements. FastAPI 0.120.1 Upgrades \u2b06\ufe0f Bump Starlette to
uv / python-uv-build 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md Pydantic 2.12.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4154ea83d0 2025-11-05 02:09:57.817569+00:00 -------------------------------------------------------------------------------- Name : gherkin Product : Fedora 43 Version : 35.1.0 Release : 2.fc43 URL : https://github.com/cucumber/gherkin Summary : A parser and compiler for the Gherkin language Description : Gherkin is a parser and compiler for the Gherkin language. -------------------------------------------------------------------------------- Update Information: uv / python-uv-build 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md Pydantic 2.12.3 Blog post maturin 1.9.6 https://github.com/PyO3/maturin/blob/v1.9.6/Changelog.md python-typing-inspection 0.4.2 (2025-10-01) Add typing_objects.is_noextraitems() python-jiter 0.11.0 https://github.com/pydantic/jiter/releases/tag/v0.11.0 python-pydantic-extra-types 2.10.6 https://github.com/pydantic/pydantic-extra-types/releases/tag/v2.10.6 Typer 0.20.0 Features \u2728 Enable command suggestions on typo by default. Upgrades \u2b06\ufe0f Add (official) support for Python 3.14. Internal Assorted small enhancements. FastAPI 0.120.1 Upgrades \u2b06\ufe0f Bump Starlette to
rust-which 8.0.0 Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @dsherret for this contribution to which! Add more debug level tracing for otherwise silent I/O errors.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-0cde7282be 2025-07-10 15:21:50.193768+00:00 -------------------------------------------------------------------------------- Name : rust-nu-cli Product : Fedora 42 Version : 0.99.1 Release : 6.fc42 URL : https://crates.io/crates/nu-cli Summary : CLI-related functionality for Nushell Description : CLI-related functionality for Nushell. -------------------------------------------------------------------------------- Update Information: rust-which 8.0.0 Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @dsherret for this contribution to which! Add more debug level tracing for otherwise silent I/O errors. Call the NonFatalHandler in more places to catch previously ignored I/O errors. Remove use of the either dependency. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 26 2025 Benjamin A. Beasley - 0.99.1-6 - Allow which 8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370374 - rust-which-8.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2370374 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0cde7282be' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPGkey. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.4.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2ac841fe82 2025-06-21 01:25:36.028841+00:00 -------------------------------------------------------------------------------- Name : clamav Product : Fedora 42 Version : 1.4.3 Release : 1.fc42 URL : https://www.clamav.net/ Summary : End-user tools for the Clam Antivirus scanner Description : Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. -------------------------------------------------------------------------------- Update Information: 1.4.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 18 2025 Gwyn Ciesla - 1.4.3-1 - 1.4.3 * Sat Feb 8 2025 Zbigniew Jedrzejewski-Szmek - 1.4.2-2 - Add sysusers.d config files to allow rpm to create users/groups automatically -------------------------------------------------------------------------------- References: [ 1 ] Bug #2373740 - CVE-2025-20234 clamav: ClamAV Information Disclosure Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2373740 [ 2 ] Bug #2373754 - CVE-2025-20260 clamav: ClamAV PDF Scanning Buffer Overflow Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2373754 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2025-2ac841fe82' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.