Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 43 Taskwarrior Critical CVE Fix Denial of Service 2026-eb2fc8e93d

fedora
Calendar Grey March 13, 2026
Dist Fedora Esm H88
Update for Fedora 43 includes Taskwarrior fixes for multiple issues to enhance security and functionality.
Update to new release, includes updated dependencies that fix for a number of CVEs

Summary

Taskwarrior is a command-line TODO list manager. It is flexible, fast,

efficient, unobtrusive, does its job then gets out of your way.

Taskwarrior scales to fit your workflow. Use it as a simple app that captures

tasks, shows you the list, and removes tasks from that list. Leverage its

capabilities though, and it becomes a sophisticated data query tool that can

help you stay organized, and get through your work.

Update Information:

Update to new release, includes updated dependencies that fix for a number of CVEs

Topics%20covered

Topics Covered

security advisory denial of service fedora CVE fixes taskwarrior dependencies update

Change Log

* Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-3 - fix: remove Cargo.lock (fixes rh#2438090, rh#2438156 rh#2444169, rh#2444179, rh#2444189) * Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-2 - fix: regenerate with updated vendored crates (fixes rh#2438090, rh#2438156 rh#2444169, rh#2444179, rh#2444189) * Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-1 - feat: update to 3.4.2 (fixes rh#2405583) * Sat Jan 17 2026 Fedora Release Engineering - 3.4.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References


[ 1 ] Bug #2438090 - CVE-2026-25727 task: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438090 [ 2 ] Bug #2438156 - CVE-2026-25727 task: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438156 [ 3 ] Bug #2444169 - CVE-2026-3338 task: AWS-LC: Signature bypass due to improper validation in PKCS7_verify() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444169 [ 4 ] Bug #2444179 - CVE-2026-3337 task: AWS-LC: Information disclosure via timing discrepancy in AES-CCM decryption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444179 [ 5 ] Bug #2444189 - CVE-2026-3336 task: aws-lc: Certificate validation bypass via improper handling of PKCS7 objects [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444189

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-eb2fc8e93d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: task
Product: Fedora 43
Version: 3.4.2
Release: 3.fc43
URL: https://taskwarrior.org
Summary: Taskwarrior - a command-line TODO list manager

Topics%20covered

Topics Covered

security advisory denial of service fedora CVE fixes taskwarrior dependencies update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here