-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ebf9437c9e 2026-02-26 00:55:51.093543+00:00 --------------------------------------------------------------------------------
Name : munge Product : Fedora 42 Version : 0.5.18 Release : 1.fc42 URL : https://dun.github.io/munge/ Summary : Enables uid & gid authentication across a host cluster Description : MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having common users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients within this security realm can create and validate credentials without the use of root privileges, reserved ports, or platform-specific methods. -------------------------------------------------------------------------------- Update Information: update to 0.5.18, resolve CVE-2026-25506 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 13 2026 Michal Schmidt <[email protected]> - 0.5.18-1 - Update to 0.5.18 * Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 0.5.16-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering <[email protected]> - 0.5.16-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2414773 - munge-0.5.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2414773 [ 2 ] Bug #2438832 - CVE-2026-25506 munge: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438832 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ebf9437c9e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
