Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Fedora 43 kryoptic pyOpenSSL Critical Buffer Overflow Security Patch

fedora
Calendar Grey March 27, 2026
Dist Fedora Esm H88
A security advisory for Fedora 43 updating pyOpenSSL and related dependencies to mitigate a buffer overflow issue.
Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update...

Summary

A PKCS #11 software token written in Rust.

Update Information:

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow pyopenssl kryoptic

Change Log

* Wed Mar 4 2026 Jakub Jelen - 1.5.0-1 - Rebase to 1.5.0 * Mon Feb 2 2026 Jakub Jelen - 1.4.0-8 - Update to asn1-0.22 as available in Fedora * Mon Feb 2 2026 Jakub Jelen - 1.4.0-7 - Require cryptoki-0.12.0 as currently in Fedora * Thu Jan 29 2026 Fabio Valentini - 1.4.0-6 - Bump bindgen dependency to 0.72 for compatibility with LLVM 22 * Fri Jan 16 2026 Fedora Release Engineering - 1.4.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References


[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: kryoptic
Product: Fedora 43
Version: 1.5.0
Release: 2.fc43
URL: https://github.com/latchset/kryoptic
Summary: PKCS #11 software token written in Rust

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow pyopenssl kryoptic

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here