Alerts This Week
Warning Icon 1 460
Alerts This Week
Warning Icon 1 460

Fedora 44 Erlang-Gun Critical DoS Addressed in 2026-c17ea7a74d

fedora
Calendar Grey June 20, 2026
Dist Fedora Esm H88
Erlang Gun update resolves critical Denial of Service risks while enhancing HTTP support in Fedora 44.
Gun ver

Summary

Erlang HTTP client with support for HTTP/1.1, HTTP/2, Websocket and more.

Update Information:

Gun ver. 2.4.1 and its dependencies New erlang-gun

Topics%20covered

Topics Covered

security advisory denial of service fedora critical cross-origin erlang-gun

Change Log

* Fri Jun 12 2026 Peter Lemenkov - 2.4.1-1 - gun ver. 2.4.1 * Wed Jun 10 2026 Peter Lemenkov - 2.4.0-1 - gun ver. 2.4.0

References


[ 1 ] Bug #2486315 - erlang-cowlib-2.17.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2486315 [ 2 ] Bug #2486350 - erlang-gun-2.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2486350 [ 3 ] Bug #2486422 - CVE-2026-43972 erlang-gun: Gun: Cross-origin cookie injection leading to session fixation and account takeover. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486422 [ 4 ] Bug #2486423 - CVE-2026-43974 erlang-gun: gun: Denial of Service via unsolicited 101 Switching Protocols response [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486423 [ 5 ] Bug #2486424 - CVE-2026-43973 erlang-gun: gun: Denial of Service via unbounded HTTP/1.1 response buffering [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486424 [ 6 ] Bug #2487823 - erlang-cowboy-2.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2487823 [ 7 ] Bug #2487824 - erlang-cowlib-2.17.1 is ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c17ea7a74d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: erlang-gun
Product: Fedora 44
Version: 2.4.1
Release: 1.fc44
URL: https://github.com/ninenines/gun
Summary: Erlang HTTP client with support for HTTP/1.1, HTTP/2, Websocket and more

Topics%20covered

Topics Covered

security advisory denial of service fedora critical cross-origin erlang-gun

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here