Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Fedora 44: python-HTTP-Server Urgent URL Manipulation Patch 2026-4eea126be4

fedora
Calendar Grey December 11, 2025
Scroller Fedora
Update for Fedora 43 ensures CGI-Simple properly sanitizes user input to prevent HTTP splitting attacks. Act promptly!
1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927.

Summary

Simple totally OO CGI interface that is CGI.pm compliant.

Update Information:

1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927.

Change Log

* Tue Dec 2 2025 Jitka Plesnikova - 1.282-1 - 1.282 bump (rhbz#2392359)

References


[ 1 ] Bug #2391834 - CVE-2025-40927 perl-CGI-Simple: CGI::Simple versions 1.281 and earlier for Perl has a HTTP response splitting flaw [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2391834 [ 2 ] Bug #2392359 - Upgrade perl-CGI-Simple to 1.282 https://bugzilla.redhat.com/show_bug.cgi?id=2392359

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3dd97ed203' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: perl-CGI-Simple
Product: Fedora 43
Version: 1.282
Release: 1.fc43
Summary: Simple totally OO CGI interface that is CGI.pm compliant

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.