Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter: Backward Compatibility and packaging changes: Added compatibility for Go...

OPENSUSE-SU-2026:20892-1 Security update for yq

This update for yq fixes the following issues: Changes in yq: - Fix multiple CVEs: CVE-2026-27136 GO-2026-5030 CVE-2026-25681 GO-2026-5029 CVE-2026-25680 GO-2026-5028 CVE-2026-42502 GO-2026-5027 CVE-2026-42506 GO-2026-5025 bsc1267053 CVE-2026-39821 GO-2026-5026 bsc1267199 - update to v4.53.2 Add...

Fedora 44 : dotnet9.0 (2026-9c63a012b9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9c63a012b9 advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Fedora 44 : python3.15 (2026-2ee2d7abd5)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2ee2d7abd5 advisory. New prerelease of Python 3.15 with several CVE fixes Tenable has extracted the preceding description block directly from the Fedora security advisor...

Fedora 44 : dotnet10.0 (2026-0d598afbf9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d598afbf9 advisory. Update to .NET SDK 10.0.108 and Runtime 10.0.8 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

kernel security update

4.18.0-553.125.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Fedora 44 : rustup (2026-fc7afe14b7)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc7afe14b7 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 43 : rust-ingredients (2026-ba5710ebd0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ba5710ebd0 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

CLEANSTART-2026-LA07853 Security fixes for CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-29181, CVE-2026-33186, ghsa-mh2q-q3fh-2475 applied in versions: 4.13.0-r0, 4.13.0-r1, 4.13.2-r0

Multiple security vulnerabilities affect the kubernetes-csi-driver-nfs-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

May 12, 2026-Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 (KB5087069)

May 12, 2026-Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 KB5087069 Applies to: Microsoft .NET Framework 4.8 Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Window...

This Week in Spring - May 12th, 2026

Hi, Spring fans! As I write this I am in Miami, FL at the CodeRemix.ai show, focused on the wide and wonderful world of OpenRewrite and Moderne. I've got a talk to give so let's dive right into it! a quick note about the upcoming release train dates in last week's installment of A Bootiful Podcas...

OPENSUSE-SU-2026:20710-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - CVE-2025-59728: Fixed out-of-bounds NUL-byte write when calculating the content path in handling of MPEG-DASH manifests bsc1251137. - CVE-2025-7700: Fixed a NULL Pointer Dereference in the ALS Decoder bsc1246790 -...

CLSA-2026-1778051357 java-21-openjdk: Fix of 8 CVEs

Update to jdk-21.0.11+10 GA - Resolves Oracle April 2026 CPU CVEs: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-34268, CVE-2026-34282 - CVE-2026-23865: integer overflow in ttvarloaditemvariationstore in bundled FreeType fixed via bump to 2.14.2 - Update...

osbuild-composer security update

149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

SUSE-SU-2026:21436-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

CLSA-2026-1777544437 webkit2gtk3: Fix of 35 CVEs

Rebase to webkitgtk 2.52.3 to address WebKitGTK security advisories WSA-2026-0001 and WSA-2026-0002 matches RHSA-2026:9692. - Drop all CVE-2025- backport patches Patch100..Patch112; the fixes are included in 2.52.3 upstream. - Drop fix-missing-typename.patch: target source file was removed...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: avahi: avahi-0.9rc4-0.1.hum1 aarch64, x8664 avahi-autoipd-0.9rc4-0.1.hum1 aarch64, x8664 avahi-compat-howl-0.9rc4-0.1.hum1 aarch64, x8664 avahi-compat-howl-devel-0.9rc4-0.1.hum1 aarch64, x8664...

python3.9 security update

3.9.25-3.0.1.el97.3 - Remove upstream URL reference 3.9.25-3.3 - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 3.9.25-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 an...