Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves 2 vulnerabilities can now be installed.. # python313-dulwich-1.2.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:11190-1 Rating: moderate Cross-References: * CVE-2015-0838 * CVE-2017-16228 CVSS scores: * CVE-2017-16228 ( SUSE ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python313-dulwich-1.2.7-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python313-dulwich 1.2.7-1.1 * python314-dulwich 1.2.7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2015-0838.html * https://www.suse.com/security/cve/CVE-2017-16228.html . This advisory highlights an update for python313-dulwich fixing two moderate severity vulnerabilities on openSUSE Tumbleweed.. openSUSE Tumbleweed, python313-dulwich, moderate vulnerabilities. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # gi-docgen-2026.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:11185-1 Rating: moderate Cross-References: * CVE-2025-11687 CVSS scores: * CVE-2025-11687 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2025-11687 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the gi-docgen-2026.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gi-docgen 2026.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11687.html . An update for gi-docgen fixes a moderate security issue in openSUSE Tumbleweed, CVE-2025-11687.. openSUSE Tumbleweed, gi-docgen security, CVE-2025-11687. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # helm-4.2.2-2.1 on GA media Announcement ID: openSUSE-SU-2026:11186-1 Rating: moderate Cross-References: * CVE-2026-48978 CVSS scores: * CVE-2026-48978 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48978 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the helm-4.2.2-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * helm 4.2.2-2.1 * helm-bash-completion 4.2.2-2.1 * helm-fish-completion 4.2.2-2.1 * helm-zsh-completion 4.2.2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48978.html . An important openSUSE advisory addressing a moderate risk vulnerability in helm, requiring updates for system integrity.. openSUSE, helm, security update, moderate risk, patch. . LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for perl-Cpanel-JSON-XS Announcement ID: SUSE-SU-2026:2782-1 Release Date: 2026-07-06T18:01:58Z Rating: important References: * bsc#1267546 * bsc#1267547 Cross-References: * CVE-2026-9334 * CVE-2026-9516 CVSS scores: * CVE-2026-9334 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-9334 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-9334 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-9516 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-9516 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for perl-Cpanel-JSON-XS fixes the following issues * CVE-2026-9334: type confusion via duplicate object keys when `dupkeys_as_arrayref` is enabled (bsc#1267546). * CVE-2026-9516: denial of service via UTF-8 BOM prefixed input when a decode filter callback throws (bsc#1267547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2782=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-Cpanel-JSON-XS-debuginfo-4.380.0-150700.3.6.1 * perl-Cpanel-JSON-XS-4.380.0-150700.3.6.1 * perl-Cpanel-JSON-XS-debugsource-4.380.0-150700.3.6.1 ##References: * https://www.suse.com/security/cve/CVE-2026-9334.html * https://www.suse.com/security/cve/CVE-2026-9516.html * https://bugzilla.suse.com/show_bug.cgi?id=1267546 * https://bugzilla.suse.com/show_bug.cgi?id=1267547 . Critical security update for perl-Cpanel-JSON-XS addressing two vulnerabilities and impacting SUSE systems effectively.. SUSE Linux Enterprise, perl-Cpanel-JSON-XS, security update, JSON parsing, software vulnerabilities. . LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33515 http://linux.oracle.com/errata/ELSA-2026-33515.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm aarch64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [3.3.10-7] - Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245) Resolves: RHEL-181682 - Fix information disclosure via MITM attack bypassing TLS in net-imap. (CVE-2026-42246) Resolves: RHEL-181759 - Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258) Resolves: RHEL-181791 rubygem-abrt [0.4.0-1] - Update to abrt 0.4.0. Resolves: rhbz#1842476 rubygem-mysql2 [0.5.5-1] - Upgrade to mysql2 0.5.5. Related: RHEL-17090 rubygem-pg [1.5.4-1] - Upgrade to pg 1.5.4. Related: RHEL-17090 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50374 http://linux.oracle.com/errata/ELSA-2026-50374.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.357.3.1.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.1.el8uek.src.rpm Related CVEs: CVE-2022-50073 CVE-2025-10263 CVE-2026-31504 CVE-2026-31657 CVE-2026-43037 CVE-2026-46331 CVE-2026-52943 CVE-2026-53359 Description of changes: [5.4.17-2136.357.3.1] - KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892] - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892] - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892] - KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892] - KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Synchronize the shadowpagetable before link it (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892] - KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892] - kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892] - net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880] - net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331} - net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880] - net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880] - net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880] - net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880] [5.4.17-2136.357.3] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943} [5.4.17-2136.357.2] - net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504} - x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802] - x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802] - net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-> dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073} - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666] - ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666] - ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037} [5.4.17-2136.357.1] - batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657} - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045] - rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239] [5.4.17-2136.356.4.1] -smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243} [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] [5.4.17-2136.356.3] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333} - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300} [5.4.17-2136.356.2] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284} - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518} [5.4.17-2136.356.1] - arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096] - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662] - i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662] - i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662] [5.4.17-2136.355.3] - crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077} - crypto: af_alg - Fix page reassignmentoverflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078} - crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687] - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033} - crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] - crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028} - crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431} - crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431} - crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687] - crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687] _______________________________________________ El-errata mailing list
The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c3e2e91b4d 2026-07-07 01:08:27.509786+00:00 -------------------------------------------------------------------------------- Name : kernel-headers Product : Fedora 43 Version : 7.1.3 Release : 100.fc43 URL : http://www.kernel.org/ Summary : Header files for the Linux kernel for use by glibc Description : Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. -------------------------------------------------------------------------------- Update Information: The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359 -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 5 2026 Justin M. Forbes - 7.1.3-1 - Linux v7.1.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c3e2e91b4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c3e2e91b4d 2026-07-07 01:08:27.509786+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.1.3 Release : 100.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359 -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 4 2026 Justin M. Forbes [7.1.3-1] - Linux v7.1.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c3e2e91b4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.