Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

openSUSE Multi-Linux Manager Important Denial of Service Patch 2026-2244-1

An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed.. # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2026:2244-1 Release Date: 2026-06-03T14:11:48Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSELeap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE ManagerClient Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-2244=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2026-2244=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * venv-salt-minion-3006.0-150000.3.95.1 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.95.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html *https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 . High priority security update for Multi-Linux Manager Salt Bundle addresses multiple vulnerabilities on openSUSE.. Multi-Linux Manager Salt Bundle update, SUSE security patch, openSUSE vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 03, 2026 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 44 pyOpenSSL Important X509Name Field Fix CVE-2026-40475

Update to pyOpenSSL 26.1.0 This update adds support for cryptography v47 and fixes a single security issue: Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-05d463c932 2026-05-06 00:48:51.045817+00:00 -------------------------------------------------------------------------------- Name : pyOpenSSL Product : Fedora 44 Version : 26.1.0 Release : 1.fc44 URL : https://pyopenssl.readthedocs.org/ Summary : Python wrapper module around the OpenSSL library Description : High-level wrapper around a subset of the OpenSSL library, includes among others * SSL.Connection objects, wrapping the methods of Python's portable sockets * Callbacks written in Python * Extensive error-handling mechanism, mirroring OpenSSL's error codes -------------------------------------------------------------------------------- Update Information: Update to pyOpenSSL 26.1.0 This update adds support for cryptography v47 and fixes a single security issue: Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 29 2026 Jeremy Cline - 26.1.0-1 - Update to 26.1.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-05d463c932' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical update for Fedora 44 pyOpenSSL addresses X509Name truncation issue, ensuring accurate ASN.1 value persistence.. Fedora 44 security advisory X509Name pyOpenSSL. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 06, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 44 pyOpenSSL Important Buffer Overflow Fix CVE-2026-27459

Update to version 26.0.0 Added support for using aws-lc instead of OpenSSL. Properly raise an error if a DTLS cookie callback returned a cookie longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a buffer-overflow. Credit to dark_haxor for reporting the issue.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5697f4e025 2026-03-31 00:16:35.926004+00:00 -------------------------------------------------------------------------------- Name : pyOpenSSL Product : Fedora 44 Version : 26.0.0 Release : 1.fc44 URL : https://www.pyopenssl.org/en/latest/ Summary : Python wrapper module around the OpenSSL library Description : High-level wrapper around a subset of the OpenSSL library, includes among others * SSL.Connection objects, wrapping the methods of Python's portable sockets * Callbacks written in Python * Extensive error-handling mechanism, mirroring OpenSSL's error codes -------------------------------------------------------------------------------- Update Information: Update to version 26.0.0 Added support for using aws-lc instead of OpenSSL. Properly raise an error if a DTLS cookie callback returned a cookie longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a buffer-overflow. Credit to dark_haxor for reporting the issue. CVE-2026-27459 Added OpenSSL.SSL.Connection.get_group_name to determine which group name was negotiated. Context.set_tlsext_servername_callback now handles exceptions raised in the callback by calling sys.excepthook and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. Credit to Leury Castillo for reporting this issue. CVE-2026-27448 -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 18 2026 Jeremy Cline - 26.0.0-1 - Update to v26.0.0 - Addedsupport for using aws-lc instead of OpenSSL. - Properly raise an error if a DTLS cookie callback returned a cookie longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a buffer-overflow. Credit to dark_haxor for reporting the issue. CVE-2026-27459 - Added OpenSSL.SSL.Connection.get_group_name to determine which group name was negotiated. - Context.set_tlsext_servername_callback now handles exceptions raised in the callback by calling sys.excepthook and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. Credit to Leury Castillo for reporting this issue. CVE-2026-27448 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5697f4e025' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Important Fedora 44 pyOpenSSL update fixes potential buffer overflow errors and enhances functionality.. Fedora Updates, pyOpenSSL, security fixes, buffer overflow, advisory notifications. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 31, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 43 rust-asn1 Major Memory Leak Flaw 2026-bc1a5g4j2k

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d5b9f45ec 2026-03-27 01:16:52.247652+00:00 -------------------------------------------------------------------------------- Name : rust-asn1 Product : Fedora 43 Version : 0.22.0 Release : 1.fc43 URL : https://crates.io/crates/asn1 Summary : ASN.1 (DER) parser and writer for Rust Description : ASN.1 (DER) parser and writer for Rust. -------------------------------------------------------------------------------- Update Information: Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Jeremy Cline - 0.22.0-1 - Update to v0.22.0 * Sat Jan 17 2026 Fedora Release Engineering - 0.21.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Important updates for Fedora 43 regarding pyOpenSSL and rust-asn1 addressing security issues.. Fedora security advisory, pyOpenSSL update, rust-asn1 update, security patch, buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 43 Security Update for pyOpenSSL Addresses CVE-2026-27459 Issue

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d5b9f45ec 2026-03-27 01:16:52.247652+00:00 -------------------------------------------------------------------------------- Name : pyOpenSSL Product : Fedora 43 Version : 26.0.0 Release : 1.fc43 URL : https://www.pyopenssl.org/en/latest/ Summary : Python wrapper module around the OpenSSL library Description : High-level wrapper around a subset of the OpenSSL library, includes among others * SSL.Connection objects, wrapping the methods of Python's portable sockets * Callbacks written in Python * Extensive error-handling mechanism, mirroring OpenSSL's error codes -------------------------------------------------------------------------------- Update Information: Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 18 2026 Jeremy Cline - 26.0.0-1 - Update to v26.0.0 - Added support for using aws-lc instead of OpenSSL. - Properly raise an error if a DTLS cookie callback returned a cookie longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a buffer-overflow. Credit to dark_haxor for reporting the issue. CVE-2026-27459 - Added OpenSSL.SSL.Connection.get_group_name to determine which group name was negotiated. - Context.set_tlsext_servername_callback now handles exceptions raised in the callback bycalling sys.excepthook and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. Credit to Leury Castillo for reporting this issue. CVE-2026-27448 * Thu Jan 22 2026 Jeremy Cline - 25.3.0-1 - Update to 25.3.0 - pyOpenSSL now sets SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER on connections by default, matching CPython\u2019s behavior. - Added OpenSSL.SSL.Context.clear_mode. - Added OpenSSL.SSL.Context.set_tls13_ciphersuites to set the allowed TLS 1.3 ciphers. - Added OpenSSL.SSL.Connection.set_info_callback * Sat Jan 17 2026 Fedora Release Engineering - 25.1.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Essential update for pyOpenSSL in Fedora 43, addressing potential buffer overflow issues and enhancing security.. Fedora pyOpenSSL update security buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 43 rust-asn1_derive Important Update for pyOpenSSL CVE-2026-27459

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d5b9f45ec 2026-03-27 01:16:52.247652+00:00 -------------------------------------------------------------------------------- Name : rust-asn1_derive Product : Fedora 43 Version : 0.22.0 Release : 1.fc43 URL : https://crates.io/crates/asn1_derive Summary : #[derive] support for asn1 Description : -------------------------------------------------------------------------------- Update Information: Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 22 2026 Jeremy Cline - 0.22.0-1 - Update to v0.22.0 * Sat Jan 17 2026 Fedora Release Engineering - 0.21.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- Thisupdate can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical security updates for Fedora 43 include pyOpenSSL and python-cryptography patches addressing vulnerabilities.. Fedora security update, pyOpenSSL update, python-cryptography patch, rust-asn1-derive security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 43 rust-cryptoki Faces Critical pyOpenSSL Buffer Overflow Flaw

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d5b9f45ec 2026-03-27 01:16:52.247652+00:00 -------------------------------------------------------------------------------- Name : rust-cryptoki Product : Fedora 43 Version : 0.12.0 Release : 2.fc43 URL : https://crates.io/crates/cryptoki Summary : Rust-native wrapper around the PKCS #11 API Description : Rust-native wrapper around the PKCS #11 API. -------------------------------------------------------------------------------- Update Information: Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 26 2026 Jakub Jelen - 0.12.0-2 - Replace softhsm with kryoptic in tests * Mon Jan 26 2026 Jakub Jelen - 0.12.0-1 - 0.12.0-1 (#2432035) * Sat Jan 17 2026 Fedora Release Engineering - 0.11.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Jan 7 2026 Jakub Jelen - 0.11.0-1 - rust-cryptoki-0.11.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical security update for Fedora 43's pyOpenSSL, addressing a buffer overflow issue and related dependencies.. Fedora 43, PyOpenSSL security update, rust-cryptoki. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

CentOS 8 python-encryption Low Memory Leak Issue 2026-abcde12345f

Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d5b9f45ec 2026-03-27 01:16:52.247652+00:00 -------------------------------------------------------------------------------- Name : python-cryptography Product : Fedora 43 Version : 46.0.5 Release : 1.fc43 URL : https://cryptography.io/en/latest/ Summary : PyCA's cryptography library Description : cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. -------------------------------------------------------------------------------- Update Information: Update pyOpenSSL to v26.0.0 (security update) Update python-cryptography to v46.0.5 (dependency of pyOpenSSL 26) Update rust-asn1 to 0.22 (dependency of python-cryptography) Update kryoptic to v1.5 (required for rust-asn1 bump to 0.22) The security status of this update is only for pyOpenSSL. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 10 2026 Jeremy Cline - 46.0.5-1 - Update to v46.0.5 * Thu Jan 22 2026 Jeremy Cline - 46.0.3-1 - Update to v46.0.3 - Removed the deprecated get_attribute_for_oid method on CertificateSigningRequest. Users should use get_attribute_for_oid() instead. - Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the cipher module. These are still available in Decrepit cryptography. - In X.509, when performing a PSS signature with a SHA-3 hash, it is now encoded with the official NIST SHA3 OID. - Added support for free-threaded Python 3.14. * Sat Jan 17 2026 Fedora Release Engineering - 45.0.4-6 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Oct 22 2025 Peter Robinson - 45.0.4-5 - Drop pytz test req, only needed for py < 3.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433650 - python-cryptography-46.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2433650 [ 2 ] Bug #2447727 - pyOpenSSL-26.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447727 [ 3 ] Bug #2448652 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448652 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d5b9f45ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . -------------------------------------------------------------------------------- Fedora Update Notif. update, pyopenssl, (security, update), python-cryptography, (dependency. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here