Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora 43 python-cryptography Low Memory Leak Update 2026-abcde12345f

fedora
Calendar Grey March 27, 2026
Dist Fedora Esm H88
Important updates for Fedora 43 addressing low severity issues with Python packages, enhancing security fundamentals.
Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update...

Summary

cryptography is a package designed to expose cryptographic primitives and

recipes to Python developers.

Update Information:

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.

Change Log

* Tue Feb 10 2026 Jeremy Cline - 46.0.5-1 - Update to v46.0.5 * Thu Jan 22 2026 Jeremy Cline - 46.0.3-1 - Update to v46.0.3 - Removed the deprecated get_attribute_for_oid method on CertificateSigningRequest. Users should use get_attribute_for_oid() instead. - Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the cipher module. These are still available in Decrepit cryptography. - In X.509, when performing a PSS signature with a SHA-3 hash, it is now encoded with the official NIST SHA3 OID. - Added support for free-threaded Python 3.14. * Sat Jan 17 2026 Fedora Release Engineering - 45.0.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Oct 22 2025 Peter Robinson - 45.0.4-5 - Drop pytz test req, only needed for py < 3.9

References


[ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
low
Lowest
Low
Medium
High
Critical

Name: python-cryptography
Product: Fedora 43
Version: 46.0.5
Release: 1.fc43
Summary: PyCA's cryptography library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.