image-builder security update

An update is available for image-builder. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A local binary for building customized OS artifacts such as VM images a...

CVE-2026-50263

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

CVE-2026-50262

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

CVE-2026-50264

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

CVE-2026-50261

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

CVE-2026-50260

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

CVE-2026-50258

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

CVE-2026-50256

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

CVE-2026-50257

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

[SECURITY] Fedora 44 Update: rust-sequoia-wot-0.15.2-1.fc44

An implementation of OpenPGP's web of trust...

[SECURITY] Fedora 44 Update: rust-sequoia-sq-1.3.1-12.fc44

Command-line frontends for Sequoia...

[SECURITY] Fedora 44 Update: rust-sequoia-octopus-librnp-1.11.1-7.fc44

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

[SECURITY] Fedora 44 Update: rust-sequoia-cert-store-0.7.3-1.fc44

A certificate database interface...

[SECURITY] Fedora 43 Update: samba-4.23.8-1.fc43

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

[SECURITY] Fedora 43 Update: rust-sequoia-cert-store-0.7.3-1.fc43

A certificate database interface...

[SECURITY] Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-7.fc43

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

[SECURITY] Fedora 43 Update: perl-Dist-Build-0.028-1.fc43

Dist::Build is a Build.PL implementation. Unlike Module::Build::Tiny it is extensible, unlike Module::Build it uses a build graph internally which makes it easy to combine different customizations. It's typically extended by adding a .pl script in planner/...

[SECURITY] Fedora 43 Update: perl-ExtUtils-Builder-0.020-1.fc43

Writing extensions for various build tools can be a daunting task. This module tries to abstract steps of build processes into reusable building blocks for creating platform and build system agnostic executable descriptions of work...