Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Fedora 43 BCFtools Important Update for Version 2026-3b06345bf2

fedora
Calendar Grey March 28, 2026
Dist Fedora Esm H88
Critical updates for BCFtools in Fedora 43 addressing security issues and enhancing genomic variant manipulation tools.
Update to 1.23.1

Summary

BCFtools is a set of utilities that manipulate genomic variant calls in the

Variant Call Format (VCF) and its binary counterpart (BCF). All commands work

transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed.

(This BCFtools includes the polysomy subcommand, which is implemented using

the GNU Scientific Library. Hence this package is licensed according to the

GNU General Public License, rather than the MIT license used when BCFtools

is built without the polysomy subcommand.)

Update Information:

Update to 1.23.1

Topics%20covered

Topics Covered

security advisory denial of service fedora buffer overflow important htslib

Change Log

* Thu Mar 19 2026 Rasmus Ory Nielsen - 1.23.1-1 - Updated to 1.23.1 - Removed patch now that issue 2495 is fixed upstream

References


[ 1 ] Bug #2448750 - CVE-2026-31962 htslib: htslib: Heap buffer overflow leading to arbitrary code execution via crafted CRAM file https://bugzilla.redhat.com/show_bug.cgi?id=2448750 [ 2 ] Bug #2448751 - CVE-2026-31965 htslib: HTSlib: Information disclosure or denial of service via out-of-bounds read in CRAM record processing https://bugzilla.redhat.com/show_bug.cgi?id=2448751 [ 3 ] Bug #2448755 - CVE-2026-31963 htslib: HTSlib: Arbitrary code execution via crafted CRAM file https://bugzilla.redhat.com/show_bug.cgi?id=2448755 [ 4 ] Bug #2448756 - CVE-2026-31964 htslib: HTSlib: Denial of Service via NULL pointer dereference in CRAM decoding https://bugzilla.redhat.com/show_bug.cgi?id=2448756

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3b06345bf2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: bcftools
Product: Fedora 43
Version: 1.23.1
Release: 1.fc43
URL: https://www.htslib.org/
Summary: Tools for genomic variant calling and manipulating VCF/BCF files

Topics%20covered

Topics Covered

security advisory denial of service fedora buffer overflow important htslib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here