Fedora 43 htslib 1.23.1 Critical Security Update FEDORA-2026-3b06345bf2
fedora
March 28, 2026
Update to 1.23.1
Summary
HTSlib is an implementation of a unified C library for accessing common file
formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data,
and is the core library used by samtools and bcftools.
Update Information:
Update to 1.23.1
Topics Covered
Change Log
* Thu Mar 19 2026 Rasmus Ory Nielsen
References
[ 1 ] Bug #2448750 - CVE-2026-31962 htslib: htslib: Heap buffer overflow leading to arbitrary code execution via crafted CRAM file
https://bugzilla.redhat.com/show_bug.cgi?id=2448750
[ 2 ] Bug #2448751 - CVE-2026-31965 htslib: HTSlib: Information disclosure or denial of service via out-of-bounds read in CRAM record processing
https://bugzilla.redhat.com/show_bug.cgi?id=2448751
[ 3 ] Bug #2448755 - CVE-2026-31963 htslib: HTSlib: Arbitrary code execution via crafted CRAM file
https://bugzilla.redhat.com/show_bug.cgi?id=2448755
[ 4 ] Bug #2448756 - CVE-2026-31964 htslib: HTSlib: Denial of Service via NULL pointer dereference in CRAM decoding
https://bugzilla.redhat.com/show_bug.cgi?id=2448756
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3b06345bf2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: htslib
Product: Fedora 43
Version: 1.23.1
Release: 1.fc43
Summary: C library for high-throughput sequencing data formats
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!