Fedora 42 libmicrohttpd Null Pointer Threat Advisory 2026-7a0641ca41

fedora

April 12, 2026

Update to 1.0.3-1

Summary

GNU libmicrohttpd is a small C library that is supposed to make it

easy to run an HTTP server as part of another application.

Key features that distinguish libmicrohttpd from other projects are:

* C library: fast and small

* API is simple, expressive and fully reentrant

* Implementation is http 1.1 compliant

* HTTP server can listen on multiple ports

* Support for IPv6

* Support for incremental processing of POST data

* Creates binary of only 25k (for now)

* Three different threading models

Update Information:

Update to 1.0.3-1

Topics Covered

security advisory security issue threat null pointer libmicrohttpd federal 42

Change Log

* Thu Apr 2 2026 Martin Gansser - 1:1.0.3-1 - Update to 1:1.0.3 * Fri Jan 16 2026 Fedora Release Engineering - 1:1.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering - 1:1.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

References

[ 1 ] Bug #2413882 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413882 [ 2 ] Bug #2413888 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413888 [ 3 ] Bug #2413893 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413893 [ 4 ] Bug #2413896 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413896 [ 5 ] Bug #2454160 - libmicrohttpd-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2454160

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7a0641ca41' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

important

Lowest

Low

Medium

High

Critical

Name: libmicrohttpd

Product: Fedora 42

Version: 1.0.3

Release: 1.fc42

URL: http://www.gnu.org/software/libmicrohttpd/

Summary: Lightweight library for embedding a webserver in applications

Topics Covered

security advisory security issue threat null pointer libmicrohttpd federal 42

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 libmicrohttpd Null Pointer Threat Advisory 2026-7a0641ca41

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 libmicrohttpd Null Pointer Threat Advisory 2026-7a0641ca41

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!