Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora 42 python3.15 Key Command Injection Advisory FEDORA-2026-485183030a

fedora
Calendar Grey April 20, 2026
Dist Fedora Esm H88
Update for Fedora 42 version of Python 3.15 includes important fixes for multiple security issues.
New prerelease version

Summary

Python 3.15 is an accessible, high-level, dynamically typed, interpreted

programming language, designed with an emphasis on code readability.

It includes an extensive standard library, and has a vast ecosystem of

third-party libraries.

The python3.15 package provides the "python3.15" executable: the reference

interpreter for the Python language, version 3.

The majority of its standard library is provided in the python3.15-libs package,

which should be installed automatically along with python3.15.

The remaining parts of the Python standard library are broken out into the

python3.15-tkinter and python3.15-test packages, which may need to be installed

separately.

Documentation for Python is provided in the python3.15-docs package.

Packages containing additional libraries for Python are generally named with

the "python3.15-" prefix.

Update Information:

New prerelease version

Topics%20covered

Topics Covered

security advisory security issue fedora important command injection python3.15

Change Log

* Wed Apr 8 2026 Karolina Surma - 3.15.0~a8-1 - Update to Python 3.15.0a8

References


[ 1 ] Bug #2444708 - CVE-2026-2297 python3.15: CPython: Logging Bypass in Legacy .pyc File Handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444708 [ 2 ] Bug #2448192 - CVE-2026-3644 python3.15: Incomplete control character validation in http.cookies [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448192 [ 3 ] Bug #2448208 - CVE-2026-4224 python3.15: Stack overflow parsing XML with deeply nested DTD content models [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448208 [ 4 ] Bug #2449260 - CVE-2026-3479 python3.15: Python pkgutil.get_data(): Path Traversal via improper resource argument validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449260 [ 5 ] Bug #2449731 - CVE-2026-4519 python3.15: Python: Command-line option injection in webbrowser.open() via crafted URLs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449731

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-485183030a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: python3.15
Product: Fedora 42
Version: 3.15.0~a8
Release: 1.fc42
URL: https://www.python.org/
Summary: Version 3.15 of the Python interpreter

Topics%20covered

Topics Covered

security advisory security issue fedora important command injection python3.15

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here