Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
89
security advisoryfedoraimportantFedora 43 python-requests Significant Patch CVE-2026-25645
2.33.1 (2026-03-30) Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed Content-Type header parsing for malformed values.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8ad863685a 2026-05-24 00:50:16.962706+00:00 -------------------------------------------------------------------------------- Name : python-requests Product : Fedora 43 Version : 2.33.1 Release : 1.fc43 URL : https://pypi.io/project/requests Summary : HTTP library, written in Python, for human beings Description : Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Python\u2019s built-in urllib2 module provides most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy for developers. -------------------------------------------------------------------------------- Update Information: 2.33.1 (2026-03-30) Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed Content-Type header parsing for malformed values. - Improved error consistency for malformed header values. 2.33.0 (2026-03-25) Announcements - \U0001f4e3 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. \U0001f4e3 Security - CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly. Improvements - Migrated to a PEP 517 build system using setuptools. Bugfixes - Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. Deprecations - Dropped support for Python3.9 following its end of support. Documentation - Various typo fixes and doc improvements. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 31 2026 Lumir Balhar - 2.33.1-1 - Update to 2.33.1 (rhbz#2451396) * Tue Mar 10 2026 Benjamin A. Beasley - 2.32.5-5 - Package the use_chardet_on_py3 extra * Tue Mar 10 2026 Benjamin A. Beasley - 2.32.5-4 - Increase chardet upper limit to 7 * Sat Jan 17 2026 Fedora Release Engineering - 2.32.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2467989 - python3-requests package lacks fix for CVE-2026-25645 https://bugzilla.redhat.com/show_bug.cgi?id=2467989 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8ad863685a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Python-requests update addresses important bugfixes and security concerns with CVE-2026-25645. Read for details.. python-requests fedora update bugfix CVE-2026-25645. . Severity: Important. LinuxSecurity.com Team
May 24, 2026
•Important
Fedora
203
security advisorysecurity issuecriticalMageia: 2019-0164 Moderate: Tar NULL Pointer Dereference
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers (CVE-2019-9923). References: . MGASA-2019-0164 - Updated tar packages fix security vulnerability Publication date: 12 May 2019 URL: https://advisories.mageia.org/MGASA-2019-0164.html Type: security Affected Mageia releases: 6 CVE: CVE-2019-9923 pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers (CVE-2019-9923). References: - https://bugs.mageia.org/show_bug.cgi?id=24756 - - https://www.cve.org/CVERecord?id=CVE-2019-9923 SRPMS: - 6/core/tar-1.31-1.1.mga6 . MGASA-2022-0458 advisory: New software patch addresses a severe security flaw in Mageia 7 stemming from an uninitialized data pointer.. Mageia, tar security, NULL pointer, extended headers, security update. . LinuxSecurity.com Team
May 12, 2019
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!