Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora 44 Task Update Overview CVE Mitigations 2026-04f13ba6d8

fedora
Calendar Grey March 13, 2026
Dist Fedora Esm H88
Fedora 44 update improves task application addressing multiple CVEs with updated dependencies and security features.
Update to new release, includes updated dependencies that fix for a number of CVEs

Summary

Taskwarrior is a command-line TODO list manager. It is flexible, fast,

efficient, unobtrusive, does its job then gets out of your way.

Taskwarrior scales to fit your workflow. Use it as a simple app that captures

tasks, shows you the list, and removes tasks from that list. Leverage its

capabilities though, and it becomes a sophisticated data query tool that can

help you stay organized, and get through your work.

Update Information:

Update to new release, includes updated dependencies that fix for a number of CVEs

Topics%20covered

Topics Covered

security advisory denial of service fedora update CVEs task

Change Log

* Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-3 - fix: remove Cargo.lock (fixes rh#2438090, rh#2438156 rh#2444169, rh#2444179, rh#2444189) * Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-2 - fix: regenerate with updated vendored crates (fixes rh#2438090, rh#2438156 rh#2444169, rh#2444179, rh#2444189) * Wed Mar 4 2026 Ankur Sinha (Ankur Sinha Gmail) - 3.4.2-1 - feat: update to 3.4.2 (fixes rh#2405583)

References


[ 1 ] Bug #2438090 - CVE-2026-25727 task: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438090 [ 2 ] Bug #2438156 - CVE-2026-25727 task: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438156 [ 3 ] Bug #2444169 - CVE-2026-3338 task: AWS-LC: Signature bypass due to improper validation in PKCS7_verify() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444169 [ 4 ] Bug #2444179 - CVE-2026-3337 task: AWS-LC: Information disclosure via timing discrepancy in AES-CCM decryption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444179 [ 5 ] Bug #2444189 - CVE-2026-3336 task: aws-lc: Certificate validation bypass via improper handling of PKCS7 objects [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444189

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-04f13ba6d8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: task
Product: Fedora 44
Version: 3.4.2
Release: 3.fc44
URL: https://taskwarrior.org
Summary: Taskwarrior - a command-line TODO list manager

Topics%20covered

Topics Covered

security advisory denial of service fedora update CVEs task

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here