Fedora Rustls-WebPKI Update Addresses Multiple Vulnerabilities

Severity: Medium (Score: 45.8)

Sources: Linuxsecurity

Summary

On May 1, 2026, Fedora released updates for the rust-rustls-webpki package, addressing multiple vulnerabilities. The updates include version 0.103.13, which fixes RUSTSEC-2026-0098, RUSTSEC-2026-0099, and RUSTSEC-2026-0104. The updates are applicable to Fedora 42 and Fedora 44 systems. The vulnerabilities pertain to Web PKI X.509 certificate verification, which is critical for secure communications. Users are advised to upgrade to the latest version using the 'dnf' update program. The updates were released by Fabio Valentini, with the latest version being 0.103.13. The updates are crucial for maintaining the integrity of certificate verification processes. Failure to apply these updates may leave systems vulnerable to potential exploitation. The updates can be installed using specific commands provided in the notifications. Key Points: • Fedora updates rust-rustls-webpki to version 0.103.13 for security fixes. • Multiple RUSTSEC vulnerabilities addressed, including RUSTSEC-2026-0098 and RUSTSEC-2026-0104. • Users must upgrade to maintain secure Web PKI X.509 certificate verification.

Key Entities

• Fedora (company)