Stay Secure with the Latest Linux Advisories

security advisoryfedorabuffer overflow

Fedora 44 pyOpenSSL Important X509Name Field Fix CVE-2026-40475

Update to pyOpenSSL 26.1.0 This update adds support for cryptography v47 and fixes a single security issue: Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-05d463c932 2026-05-06 00:48:51.045817+00:00 -------------------------------------------------------------------------------- Name : pyOpenSSL Product : Fedora 44 Version : 26.1.0 Release : 1.fc44 URL : https://pyopenssl.readthedocs.org/ Summary : Python wrapper module around the OpenSSL library Description : High-level wrapper around a subset of the OpenSSL library, includes among others * SSL.Connection objects, wrapping the methods of Python's portable sockets * Callbacks written in Python * Extensive error-handling mechanism, mirroring OpenSSL's error codes -------------------------------------------------------------------------------- Update Information: Update to pyOpenSSL 26.1.0 This update adds support for cryptography v47 and fixes a single security issue: Fixed X509Name field setters to correctly pass the value length to OpenSSL. Previously, values containing NUL bytes would be silently truncated, causing a divergence between the stored ASN.1 value and the value visible from Python. Credit to BudongJW for reporting the issue. CVE-2026-40475 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 29 2026 Jeremy Cline - 26.1.0-1 - Update to 26.1.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-05d463c932' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical update for Fedora 44 pyOpenSSL addresses X509Name truncation issue, ensuring accurate ASN.1 value persistence.. Fedora 44 security advisory X509Name pyOpenSSL. . Severity: Important. LinuxSecurity.com Team

May 06, 2026 •Important Fedora