Fedora 42 python3.6 Critical Injection Flaws Fix FEDORA-2026-f5514402fd

fedora

February 10, 2026

Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299

Summary

Python 3.6 package for developers.

This package exists to allow developers to test their code against an older

version of Python. This is not a full Python stack and if you wish to run

your applications with Python 3.6, see other distributions

that support it, such as CentOS or RHEL with Software Collections

or older Fedora releases.

Update Information:

Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299

Topics Covered

security advisory fedora critical command injection header injection python3

Change Log

* Thu Jan 29 2026 Lumr Balhar - 3.6.15-52 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 * Sat Jan 17 2026 Fedora Release Engineering - 3.6.15-51 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Nov 6 2025 Miro Hron\u010dok - 3.6.15-50 - On Fedora 44+, split this package into multiple subpackages - This mimics newer Python versions

References

[ 1 ] Bug #2431621 - CVE-2025-15366 python3.6: IMAP command injection in user-controlled commands [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431621 [ 2 ] Bug #2431645 - CVE-2025-15367 python3.6: POP3 command injection in user-controlled commands [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431645 [ 3 ] Bug #2431805 - CVE-2026-0865 python3.6: wsgiref.headers.Headers allows header newline injection in Python [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431805 [ 4 ] Bug #2433821 - CVE-2026-1299 python3.6: email header injection due to unquoted newlines [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2433821

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f5514402fd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: python3.6

Product: Fedora 42

Version: 3.6.15

Release: 52.fc42

URL: https://www.python.org/

Summary: Version 3.6 of the Python interpreter

Topics Covered

security advisory fedora critical command injection header injection python3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 python3.6 Critical Injection Flaws Fix FEDORA-2026-f5514402fd

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42 python3.6 Critical Injection Flaws Fix FEDORA-2026-f5514402fd

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!