Fedora 43 mingw-python-urllib3 Critical Update CVE-2025-66471

fedora

January 31, 2026

Update to 2.6.3, fixes CVE-2025-66471, CVE-2025-21441, CVE-2025-66418.

Summary

MinGW Windows Python urllib3.

Update Information:

Update to 2.6.3, fixes CVE-2025-66471, CVE-2025-21441, CVE-2025-66418.

Topics Covered

security advisory fedora DoS CVE fix resource exhaustion mingw-python-urllib3

Change Log

* Fri Jan 9 2026 Sandro Mani - 2.6.3-1 - Update to 2.6.3 * Sat Dec 13 2025 Sandro Mani - 2.6.2-1 - Update to 2.6.2 * Fri Aug 15 2025 Sandro Mani - 2.5.0-1 - Update to 2.5.0

References

[ 1 ] Bug #2431299 - CVE-2025-66471 mingw-python-urllib3: urllib3 Streaming API improperly handles highly compressed data [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431299 [ 2 ] Bug #2431302 - CVE-2025-66471 mingw-python-urllib3: urllib3 Streaming API improperly handles highly compressed data [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431302 [ 3 ] Bug #2431306 - CVE-2026-21441 mingw-python-urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431306 [ 4 ] Bug #2431309 - CVE-2026-21441 mingw-python-urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431309 [ 5 ] Bug #2431356 - CVE-2025-66418 mingw-python-urllib3: urllib3: Unbounded decompression chain leads to resource exhausti...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8b7270b473' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: mingw-python-urllib3

Product: Fedora 43

Version: 2.6.3

Release: 1.fc43

URL: https://urllib3.readthedocs.io/en/latest/

Summary: MinGW Windows Python urllib3

Topics Covered

security advisory fedora DoS CVE fix resource exhaustion mingw-python-urllib3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43 mingw-python-urllib3 Critical Update CVE-2025-66471

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43 mingw-python-urllib3 Critical Update CVE-2025-66471

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!