Fedora 43 perl-HTTP-Tiny Critical Header Smuggling Fix CVE-2026-7010
fedora
June 5, 2026
0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling (CVE-2026-7010)
Summary
This is a very simple HTTP/1.1 client, designed for doing simple GET requests
without the overhead of a large framework like LWP::UserAgent.
It is more correct and more complete than HTTP::Lite. It supports proxies
(currently only non-authenticating ones) and redirection. It also correctly
resumes after EINTR.
Update Information:
0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling (CVE-2026-7010)
Topics Covered
Change Log
* Wed May 20 2026 Jitka Plesnikova
References
[ 1 ] Bug #2478249 - perl-HTTP-Tiny-0.094 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2478249
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3bfb774625' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: perl-HTTP-Tiny
Product: Fedora 43
Version: 0.094
Release: 1.fc43
Summary: Small, simple, correct HTTP/1.1 client
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!