Mastodawn

If you use #dnsmasq on @fedora or @centos Stream - be aware that there are recently disclosed CVEs - https://www.kb.cert.org/vuls/id/471747

@SUSE at least rates one of them a 9.2 on the CVSS 4.0 scale

https://www.suse.com/security/cve/CVE-2026-2291.html

Fedora updates for stable releases are about to hit testing: https://bodhi.fedoraproject.org/updates/?search=dnsmasq-2.92rel2

and if you have the #CentOSHyperscale repo enabled you can `sudo dnf install centos-release-hyperscale-testing && sudo dnf update 'dnsmasq*'`

Please give feedback for the Fedora builds and for the Hyperscale ones if you give them a spin!

https://gitlab.com/CentOS/Hyperscale/rpms/dnsmasq/-/work_items/1

As of the time of posting there is no advisory from #RedHat yet

#Fedora
#CentOS
#CentOS_Stream

CERT/CC Vulnerability Note VU#319816

npm fails to restrict the actions of malicious npm packages

Michel Lind

Apr 24

We are still around!

For those looking for #CentOSHyperscale meeting minutes, and wondering why nothing has been published since 2024 ... I have now automated the process of pulling meeting minutes from #Fedora's Meetbot service with #sandogasa's new `hs-meetings` tool

https://sigs.centos.org/hyperscale/communication/meetings/#meeting-minutes

https://gitlab.com/CentOS/Hyperscale/docs/-/merge_requests/4

#CentOS #CentOS_Stream #SIG #Hyperscale

Meetings - CentOS Hyperscale SIG

CentOS Apr 16

Join us Monday, April 20, for another CentOS Showcase, our virtual presentation series. Hear about Hyperscale, Sandogasa, and RISC-V.

https://centos.org/events/showcase-2026-04/

#CentOS #CentOSShowcase #CentOSHyperscale

CentOS Showcase 2026-04 - The CentOS Project

CentOS Apr 16

From #CentOSConnect: @Conan_Kudo and Davide Cavalca gave an update on the popular CentOS Hyperscale SIG.

https://www.youtube.com/watch?v=8gH_JfRqan8

#CentOS #CentOSHyperscale

Hyperscale SIG update

YouTube

Michel Lind

Apr 2

#Sandogasa update - now integrating our standalone tools we use for @centos #CentOSHyperscale work, as well as a long-overdue revamp of #ebranch for those who often backport large package sets from @fedora to #EPEL !

https://michel-slm.name/posts/2026-04-02-sandogasa-for-epel-and-centos-sigs/

This post is day 35 of my #100DaysToOffload challenge. Visit 100daystooffload.com to get more info, or to get involved.

#centos #fedora #foss #LLM #PackageManagement #rust

Sandogasa, now for EPEL and CentOS SIG workflows too!

Caveat lector This post discusses tools reluctantly written with AI assistance. If you don’t entertain using them under any circumstance, and think even reading about them legally compromise your ability to reimplement them yourselves, stop reading now This is a follow-up to the original Sandogasa announcement. Before I ended up fedora-cve-triage to extract library crates and reuse them in the other Sandogasa tools, I already created two tools for managing CentOS Hyperscale SIG workflows, hs-intake and hs-relmon. It simply makes sense to also merge them back in and deduplicate functionalities.

Pensées de Michel

CentOS Jan 19

Thanks to Meta for returning as a sponsor for CentOS Connect. Our Meta friends have two presentations and a meetup. Join us in Brussels or virtually to see their work.

https://www.centos.org/events/connect/#sponsors

#CentOS #CentOSConnect #Meta #CentOSHyperscale

CentOS Connect 2026 - The CentOS Project

CentOS Aug 19, 2025

From #CentOSShowcase: @Conan_Kudo and Davide Cavalca gave an update on the Hyperscale SIG, which focuses on delivering CentOS to large-scale deployments.

https://youtu.be/LN3l2OgT56A

#CentOS #CentOSHyperscale