#security-sig topics

Topic	Replies	Views	Activity
Update to fix DirtyFrag available (supplement: + update for Fragnesia!) Project Discussion security-sig Just an update. The fixes for DirtyFrag are pushing to stable right now. For Fedora 42, this is the 6.19.14-101 kernel. For Fedora 44 and Fedora 43, these are in the 7.0.4 kernel. There will be no 7.0.5 as it only contains a single patch which is already included in our 7.0.4 updates. As this is a…	10	1908	May 14, 2026
Findings by static analyzers in Fedora 45 Critical Path Packages - April 2026 Project Discussion package-maintainers , security-sig	0	57	April 29, 2026
Fedora-downstream-hardening package: now to be adjusted for Kinoite/Silverblue Project Discussion silverblue-team , kinoite-team , security-sig	10	342	April 24, 2026
Building a new home with systemd-homed on fedora Project Discussion engineering , workstation-wg , confined-users , security-sig	139	14697	April 10, 2026
"Fedora-harden" package proposed (current name "Fedora-downstream-hardening"), for consideration of the Security SIG Project Discussion security-sig	0	132	March 15, 2026
Pinpam and pinutil: PAM module for PIN auth with TPM2 Project Discussion fesco , workstation-wg , gnome , security-sig , kde-team	0	200	March 1, 2026
Systemd journal forward secure sealing Project Discussion silverblue-team , kinoite-team , engineering , quality-team , workstation-wg , security-sig , kde-team	4	195	February 3, 2026
Findings by static analyzers in Fedora 44 Critical Path Packages - January 2026 Project Discussion package-maintainers , security-sig	0	52	January 9, 2026
Migrating to another malloc() implementation Project Discussion engineering , security-sig	5	361	November 25, 2025
New proposal about kernel.yama.ptrace_scope: two perspectives on this case -> I'm open to suggestions Project Discussion engineering , package-maintainers , fesco , security-sig	10	375	November 23, 2025
Findings by static analyzers in Fedora 44 Critical Path Packages Project Discussion package-maintainers , security-sig	2	78	October 29, 2025
OpenSCAP – Fedora Linux 41 (Workstation Edition) – Standard System Security Profile for Fedora Project Discussion security-sig	3	551	September 17, 2025
Increase security by adjusting kernel settings by default: `kernel.yama.ptrace_scope` & `net.core.bpf_jit_harden` both defaulting to `1` Project Discussion engineering , fesco , quality-team , security-sig	76	1985	September 12, 2025
For your information: DDoS affecting most of the fedoraproject.org services Project Discussion infrastructure-team , security-sig	33	7142	September 3, 2025
Switch from SHA2 to SHA3 or BLAKE3 for better security Project Discussion security-sig	8	577	May 15, 2025
Volunteers needed to do security analysis on Deepin packages Project Discussion package-maintainers , security-sig	3	470	May 15, 2025
Verifying the authenticity of files uploaded to the lookaside cache Project Discussion security-sig	14	538	May 8, 2025
Findings by static analyzers in Fedora 43 Critical Path Packages Project Discussion package-maintainers , security-sig	0	110	April 28, 2025
Confining user namespaces with SELinux Project Discussion coreos-wg , problem , workstation-wg , security-sig , atomic-desktops-team	4	1289	March 29, 2025
Restorecon does not work on override config directories Project Discussion engineering , docs-team , workstation-wg , security-sig	5	439	February 7, 2025
Removing setuid binaries from the system Project Discussion security-sig	0	221	January 14, 2025
Selinux configuration for kmscon Project Discussion package-maintainers , help , problem , security-sig	3	173	December 20, 2024
Verified boot compat: Cryptographically signing the boot files Project Discussion engineering , workstation-wg , security-sig	1	307	December 4, 2024
Enabling USBGuard by default Project Discussion workstation-wg , security-sig , atomic-desktops-team	3	637	November 19, 2024
Findings by static analyzers in Fedora 42 Critical Path Packages Project Discussion package-maintainers , security-sig	0	88	November 14, 2024
Static analysis for upstream repositories in Packit Project Discussion package-maintainers , security-sig	1	129	October 5, 2024
Last few "holes" in Fedora Silverblue - libvirt/swtpm/virt-manager and systemd-homed Project Discussion silverblue-team , kinoite-team , confined-users , security-sig	14	964	September 17, 2024
New generic wiki page security SIG / removal old page of Security Team Project Discussion security-sig	5	161	August 31, 2024
Social engineering attack -> no best practices in crypto on website: how to contact website team to solve that? (no immediately exploitable vulnerability, but practical in future in some circumstances) Project Discussion marketing-team , security-sig	30	726	September 3, 2024
Software GUI: suggest RPM over flatpak as default option? Project Discussion workstation-wg , security-sig	21	1292	August 24, 2024

Update to fix DirtyFrag available (supplement: + update for Fragnesia!)

security-sig

Just an update. The fixes for DirtyFrag are pushing to stable right now. For Fedora 42, this is the 6.19.14-101 kernel. For Fedora 44 and Fedora 43, these are in the 7.0.4 kernel. There will be no 7.0.5 as it only contains a single patch which is already included in our 7.0.4 updates. As this is a…

10

1908

May 14, 2026

Findings by static analyzers in Fedora 45 Critical Path Packages - April 2026