Stay Vigilant with Timely Linux Security Advisories

security advisorysecurity updatefedora

Fedora 43 usd 2026-cde75a1416 OpenEXRCore Security Fixes DoS Issues

Backport several OpenEXRCore security fixes Fixes CVE-2026-34378 / GHSA-v76p-4qvv-vh4g; closes RHBZ#2455493 Fixes CVE-2026-34380 / GHSA-q3v8-hw4m-59w5; closes RHBZ#2455534 Fixes CVE-2026-34588 / GHSA-588r-cr5c-w6hf; closes RHBZ#2455505 Fixes CVE-2026-34589 / GHSA-p8xc-w3q4-h64x; closes RHBZ#2455501. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cde75a1416 2026-04-18 00:52:25.911654+00:00 -------------------------------------------------------------------------------- Name : usd Product : Fedora 43 Version : 25.08 Release : 20.fc43 URL : http://www.openusd.org/ Summary : 3D VFX pipeline interchange file format Description : Universal Scene Description (USD) is a time-sampled scene description for interchange between graphics applications. -------------------------------------------------------------------------------- Update Information: Backport several OpenEXRCore security fixes Fixes CVE-2026-34378 / GHSA-v76p-4qvv-vh4g; closes RHBZ#2455493 Fixes CVE-2026-34380 / GHSA-q3v8-hw4m-59w5; closes RHBZ#2455534 Fixes CVE-2026-34588 / GHSA-588r-cr5c-w6hf; closes RHBZ#2455505 Fixes CVE-2026-34589 / GHSA-p8xc-w3q4-h64x; closes RHBZ#2455501 Fixes CVE-2026-34379 / GHSA-w88v-vqhq-5p24; closes RHBZ#2455497 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 8 2026 Benjamin A. Beasley - 25.08-20 - Backport several OpenEXRCore security fixes - Fixes CVE-2026-34378 / GHSA-v76p-4qvv-vh4g; closes RHBZ#2455493 - Fixes CVE-2026-34380 / GHSA-q3v8-hw4m-59w5; closes RHBZ#2455534 - Fixes CVE-2026-34588 / GHSA-588r-cr5c-w6hf; closes RHBZ#2455505 - Fixes CVE-2026-34589 / GHSA-p8xc-w3q4-h64x; closes RHBZ#2455501 - Fixes CVE-2026-34379 / GHSA-w88v-vqhq-5p24; closes RHBZ#2455497 * Tue Apr 7 2026 Benjamin A. Beasley - 25.08-19 - Backport fix for CVE-2026-34544 in OpenEXRCore - Fixes RHBZ#2454226 * Tue Apr 7 2026 Orion Poplawski -25.08-18 - Make devel require cmake(OpenSubdiv) and cmake(materialx) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455493 - CVE-2026-34378 usd: OpenEXR: Denial of Service via crafted EXR file integer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455493 [ 2 ] Bug #2455497 - CVE-2026-34379 usd: OpenEXR: Denial of Service due to misaligned memory write during EXR file decoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455497 [ 3 ] Bug #2455501 - CVE-2026-34589 usd: OpenEXR: Memory corruption leading to arbitrary code execution or denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455501 [ 4 ] Bug #2455505 - CVE-2026-34588 usd: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455505 [ 5 ] Bug #2455534 - CVE-2026-34380 usd: OpenEXR: Denial of Service due to signed integer overflow in image decoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455534 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cde75a1416' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Several OpenEXRCore security fixes are released for Fedora 43 addressing critical issues and enhancing system safety.. Fedora 43 security fix OpenEXRCore Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Apr 18, 2026 •Critical Fedora

security advisoryfedoraimportant

Fedora 42 mingw-python3 Important Command Injection Fix 2026-ff5da930eb

Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 Update to python-3.11.15.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ff5da930eb 2026-04-05 00:58:39.922001+00:00 -------------------------------------------------------------------------------- Name : mingw-python3 Product : Fedora 42 Version : 3.11.15 Release : 2.fc42 URL : https://www.python.org/ Summary : MinGW Windows python3 Description : MinGW Windows python3 -------------------------------------------------------------------------------- Update Information: Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 Update to python-3.11.15. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Sandro Mani - 3.11.15-2 - Backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224 * Fri Mar 27 2026 Sandro Mani - 3.11.15-1 - Update to 3.11.15 - Backport fix for CVE-2026-2297 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2444702 - CVE-2026-2297 mingw-python3: CPython: Logging Bypass in Legacy .pyc File Handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2444702 [ 2 ] Bug #2448186 - CVE-2026-3644 mingw-python3: Incomplete control character validation in http.cookies [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448186 [ 3 ] Bug #2448202 - CVE-2026-4224 mingw-python3: Stack overflow parsing XML with deeply nested DTD content models [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448202 [ 4 ] Bug #2449725 - CVE-2026-4519 mingw-python3: Python: Command-line option injection in webbrowser.open() via crafted URLs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449725 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ff5da930eb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical updates for Fedora 42 mingw-python3 fix multiple security issues including command injection vulnerabilities.. Fedora Security Alert, mingw-python3 Update, Python Security Fixes, Fedora Vulnerability Advisory. . Severity: Important. LinuxSecurity.com Team

Apr 05, 2026 •Important Fedora

security advisoryfedoraDoS

Fedora 43 mingw-binutils DoS Fixes Advisory 2026-9174e6ea37

Backport fixes for multiple CVEs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9174e6ea37 2026-04-05 00:52:10.725729+00:00 -------------------------------------------------------------------------------- Name : mingw-binutils Product : Fedora 43 Version : 2.45.1 Release : 2.fc43 URL : http://www.gnu.org/software/binutils/ Summary : Cross-compiled version of binutils for Win32 and Win64 environments Description : Cross compiled binutils (utilities like 'strip', 'as', 'ld') which understand Windows executables and DLLs. -------------------------------------------------------------------------------- Update Information: Backport fixes for multiple CVEs. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Sandro Mani - 2.45.1-2 - Backport fixes CVE-2025-11839, CVE-2025-11840, CVE-2025-69644, CVE-2025-69646, CVE-2025-69649, CVE-2025-69652, CVE-2026-4647 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2404507 - CVE-2025-11839 mingw-binutils: GNU Binutils prdbg.c tg_tag_type return value [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2404507 [ 2 ] Bug #2404556 - CVE-2025-11840 mingw-binutils: GNU Binutils out-of-bounds read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2404556 [ 3 ] Bug #2445279 - CVE-2025-69646 mingw-binutils: Binutils: Denial of Service via malformed DWARF debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445279 [ 4 ] Bug #2445283 - CVE-2025-69644 mingw-binutils: Binutils: Denial of Service via crafted binary with malformed DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445283 [ 5 ] Bug #2445286 - CVE-2025-69645 mingw-binutils: Binutils objdump: Denial of Service via crafted DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445286 [ 6 ] Bug #2445389 - CVE-2025-69651 mingw-binutils: Binutils: Denial of Service via crafted ELF binary processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445389 [ 7 ] Bug #2448118 - CVE-2025-69650 mingw-binutils: double free in readelf via crafted ELF binary with malformed relocation data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448118 [ 8 ] Bug #2448126 - CVE-2025-69649 mingw-binutils: NULL pointer dereference in readelf via crafted ELF binary with malformed header fields [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448126 [ 9 ] Bug #2448137 - CVE-2025-69652 mingw-binutils: abort in readelf via crafted ELF binary with malformed DWARF abbrev or debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448137 [ 10 ] Bug #2448145 - CVE-2025-69647 mingw-binutils: infinite loop in readelf via crafted binary with malformed DWARF loclists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448145 [ 11 ] Bug #2448153 - CVE-2025-69648 mingw-binutils: infinite loop in readelf via crafted binary with malformed DWARF .debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448153 [ 12 ] Bug #2450319 - CVE-2026-4647 mingw-binutils: Out-of-Bounds Read in XCOFF Relocation Processing in GNU Binutils BFD Library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2450319 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9174e6ea37' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 mingw-binutils update addresses multiple CVEs with fixes for potential Denial of Service threats. Install now!. Fedora mingw-binutils updates security fixes CVEs. . Severity: Important. LinuxSecurity.com Team

Apr 05, 2026 •Important Fedora

security advisoryfedorabackport

Fedora 43 polkit Security Advisory FEDORA-2026-0e9ef494fc

backport of upstream commits 9dca831, 4e67dde. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0e9ef494fc 2026-03-10 00:53:06.309253+00:00 -------------------------------------------------------------------------------- Name : polkit Product : Fedora 43 Version : 126 Release : 6.fc43.1 URL : https://github.com/polkit-org/polkit Summary : An authorization framework Description : polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. -------------------------------------------------------------------------------- Update Information: backport of upstream commits 9dca831, 4e67dde -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 4 2026 Jan Rybar - 126-6.1 - backport of upstream commits 9dca831, 4e67dde - PolkitSubject: avoid g_dbus warning -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0e9ef494fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for polkit on Fedora 43 includes backported upstream commits to improve authorization framework.. Fedora Update, polkit Update, polkit Security Advisory, Authorization Framework, DNF Upgrade. . Severity: Informational. LinuxSecurity.com Team

Mar 10, 2026 •Informational Fedora

security advisoryfedoracritical

Fedora 42 harfbuzz Critical Fix for Null Pointer CVE-2026-22693

Backport security fix for CVE-2026-22693 (fix RHBZ#2429278). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-bac983cf83 2026-01-28 01:25:55.182831+00:00 -------------------------------------------------------------------------------- Name : harfbuzz Product : Fedora 42 Version : 10.4.0 Release : 2.fc42 URL : https://github.com/harfbuzz/harfbuzz/ Summary : Text shaping library Description : HarfBuzz is an implementation of the OpenType Layout engine. -------------------------------------------------------------------------------- Update Information: Backport security fix for CVE-2026-22693 (fix RHBZ#2429278) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 14 2026 Parag Nemade - 10.4.0-2 - Backport security fix for CVE-2026-22693 (fix RHBZ#2429278) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2429278 - CVE-2026-22693 harfbuzz: Null Pointer Dereference in harfbuzz [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2429278 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bac983cf83' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Fedora 42 harfbuzz addresses CVE-2026-22693 with critical security fix and backported solutions.. CVE-2026-22693, harfbuzz, Fedora 42, security update, null pointer. . Severity: Critical. LinuxSecurity.com Team

Jan 28, 2026 •Critical Fedora

security advisoryfedoracritical

Fedora 42: mingw-python3 Critical Fix CVE-2025-6075 Advisory

Backport fix for CVE-2025-6075. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-be2f64c384 2025-12-02 01:30:54.608278+00:00 -------------------------------------------------------------------------------- Name : mingw-python3 Product : Fedora 42 Version : 3.11.14 Release : 3.fc42 URL : https://www.python.org/ Summary : MinGW Windows python3 Description : MinGW Windows python3 -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2025-6075 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 23 2025 Sandro Mani - 3.11.14-3 - Backport fix for CVE-2025-6075 * Sun Oct 12 2025 Sandro Mani - 3.11.14-2 - Rebuild (tcl9) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413053 - CVE-2025-6075 mingw-python3: Quadratic complexity in os.path.expandvars() with user-controlled template [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2413053 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-be2f64c384' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Backport fix for CVE-2025-6075 in Fedora 42 mingw-python3 ensures system integrity and security protection.. fedora mingw-python3 security fix CVE-2025-6075. . Severity: Critical. LinuxSecurity.com Team

Dec 02, 2025 •Critical Fedora

security advisoryfedorabackport

Fedora 43: mingw-python3 CVE-2025-6075 Moderate Quadratic Complexity Risk

Backport fix for CVE-2025-6075. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5058925e1c 2025-12-02 00:48:12.507331+00:00 -------------------------------------------------------------------------------- Name : mingw-python3 Product : Fedora 43 Version : 3.11.14 Release : 3.fc43 URL : https://www.python.org/ Summary : MinGW Windows python3 Description : MinGW Windows python3 -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2025-6075 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 23 2025 Sandro Mani - 3.11.14-3 - Backport fix for CVE-2025-6075 * Sun Oct 12 2025 Sandro Mani - 3.11.14-2 - Rebuild (tcl9) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413053 - CVE-2025-6075 mingw-python3: Quadratic complexity in os.path.expandvars() with user-controlled template [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2413053 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5058925e1c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Backport fix for CVE-2025-6075 in mingw-python3 on Fedora 43 addressing a quadratic complexity issue.. python3 security fix, Fedora 43 update, mingw-python3 backport. . Severity: Important. LinuxSecurity.com Team

Dec 02, 2025 •Important Fedora

security advisoryfedoraDoS

Fedora 42: python-starlette Backport CVE-2025-62727 Security Update

Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4520cf6bac 2025-11-07 01:27:09.764772+00:00 -------------------------------------------------------------------------------- Name : python-starlette Product : Fedora 42 Version : 0.47.3 Release : 2.fc42 URL : https://www.starlette.io/ Summary : The little ASGI library that shines Description : Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: \u2022 A lightweight, low-complexity HTTP web framework. \u2022 WebSocket support. \u2022 In-process background tasks. \u2022 Startup and shutdown events. \u2022 Test client built on requests. \u2022 CORS, GZip, Static Files, Streaming responses. \u2022 Session and Cookie support. \u2022 100% test coverage. \u2022 100% type annotated codebase. \u2022 Few hard dependencies. \u2022 Compatible with asyncio and trio backends. \u2022 Great overall performance against independent benchmarks. -------------------------------------------------------------------------------- Update Information: Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2025 Benjamin A. Beasley - 0.47.3-2 - Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4520cf6bac' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 42 update addresses CVE-2025-62727 for python-starlette with a backport fix to enhance security.. Fedora python-starlette security CVE-2025-62727 backport. . Severity: Critical. LinuxSecurity.com Team

Nov 07, 2025 •Critical Fedora

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 43 usd 2026-cde75a1416 OpenEXRCore Security Fixes DoS Issues

Fedora 42 mingw-python3 Important Command Injection Fix 2026-ff5da930eb

Fedora 43 mingw-binutils DoS Fixes Advisory 2026-9174e6ea37

Fedora 43 polkit Security Advisory FEDORA-2026-0e9ef494fc

Fedora 42 harfbuzz Critical Fix for Null Pointer CVE-2026-22693

Fedora 42: mingw-python3 Critical Fix CVE-2025-6075 Advisory

Fedora 43: mingw-python3 CVE-2025-6075 Moderate Quadratic Complexity Risk

Fedora 42: python-starlette Backport CVE-2025-62727 Security Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!