Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora 43 Python3.14 Important Header Injection Fix 2026-27ce708600

fedora
Calendar Grey February 26, 2026
Dist Fedora Esm H88
Python 3.14 in Fedora 43 includes crucial security updates addressing header injection issues and more.
New minor version of the Python interpreter, bringing also security fixes

Summary

Python 3.14 is an accessible, high-level, dynamically typed, interpreted

programming language, designed with an emphasis on code readability.

It includes an extensive standard library, and has a vast ecosystem of

third-party libraries.

Update Information:

New minor version of the Python interpreter, bringing also security fixes. 389-ds-base: Fix system index configuration issues 389-ds-base: Fix AttributeError: 'CustomHelpFormatter' object has no attribute '_format_actions_usage'

Topics%20covered

Topics Covered

security advisory fedora security fix important header injection python3

Change Log

* Wed Feb 4 2026 Karolina Surma - 3.14.3-1 - Update to Python 3.14.3 - Fix CVE-2025-15366, CVE-2025-15367 * Sat Jan 17 2026 Fedora Release Engineering - 3.14.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Tue Jan 6 2026 Karolina Surma - 3.14.2-2 - Require at least the same expat version as used during the build time

References


[ 1 ] Bug #2424574 - 389-ds-base fails to build with Python 3.15: AttributeError: 'CustomHelpFormatter' object has no attribute '_format_actions_usage' https://bugzilla.redhat.com/show_bug.cgi?id=2424574 [ 2 ] Bug #2431825 - CVE-2025-11468 python3.14: Missing character filtering in Python [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431825 [ 3 ] Bug #2431837 - CVE-2026-0672 python3.14: Header injection in http.cookies.Morsel in Python [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431837 [ 4 ] Bug #2431838 - CVE-2026-0865 python3.14: wsgiref.headers.Headers allows header newline injection in Python [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431838 [ 5 ] Bug #2431851 - CVE-2025-15282 python3.14: Header injection via newlines in data URL mediatype in Python [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431851 [ 6 ] Bug #2433829 - CVE-2026-1299 python3.14: email header injection...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-27ce708600' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: python3.14
Product: Fedora 43
Version: 3.14.3
Release: 1.fc43
URL: https://www.python.org/
Summary: Version 3.14 of the Python interpreter

Topics%20covered

Topics Covered

security advisory fedora security fix important header injection python3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here