Fedora Security Advisories

FEDORA-2026-3b4578d2f4 Packages in this update:

• python3.6-3.6.15-55.fc45

Update description:

Automatic update for python3.6-3.6.15-55.fc45.

Changelog * Thu Mar 26 2026 Lumír Balhar <lbalhar@redhat.com> - 3.6.15-55 - Security fix for CVE-2026-4519 (rhbz#2449733)

FEDORA-2026-2423902e8b Packages in this update:

• python-cryptography-46.0.6-1.fc44

Update description:

Update to v46.0.6

This includes a single fix for security issue: * **SECURITY ISSUE**: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for reporting the issue. **CVE-2026-34073**

FEDORA-2026-e2f42121f3 Packages in this update:

• python3.13-3.13.12-2.fc45

Update description:

Automatic update for python3.13-3.13.12-2.fc45.

Changelog * Thu Mar 26 2026 Lumír Balhar <lbalhar@redhat.com> - 3.13.12-2 - Security fix for CVE-2026-4519 (rhbz#2449729)

FEDORA-2026-f884fd0313 Packages in this update:

• xen-4.21.1-1.fc44

Update description:

update to xen 4.21.1

Use after free of paging structures in EPT [XSA-480, CVE-2026-23554] Xenstored DoS by unprivileged domain [XSA-481, CVE-2026-23555]

FEDORA-2026-ba6745d242 Packages in this update:

• python3.14-3.14.3-2.fc42

Update description:

Security fix for CVE-2026-4519

FEDORA-2026-013fb3d1bc Packages in this update:

• python3.14-3.14.3-2.fc43

Update description:

Security fix for CVE-2026-4519

FEDORA-2026-3d7ea476e1 Packages in this update:

• python3.14-3.14.3-2.fc44

Update description:

Security fix for CVE-2026-4519

FEDORA-2026-919a30c67b Packages in this update:

• python3.14-3.14.3-2.fc45

Update description:

Automatic update for python3.14-3.14.3-2.fc45.

Changelog * Thu Mar 26 2026 Lumír Balhar <lbalhar@redhat.com> - 3.14.3-2 - Security fix for CVE-2026-4519 (rhbz#2449730)

FEDORA-2026-516db080b7 Packages in this update:

• python-ply-3.11-33.fc43

Update description:

Security fix for CVE-2025-56005

FEDORA-2026-c081ac890b Packages in this update:

• python-ply-3.11-33.fc44

Update description:

Security fix for CVE-2025-56005

FEDORA-2026-47a943ac72 Packages in this update:

• python-ply-3.11-33.fc45

Update description:

Automatic update for python-ply-3.11-33.fc45.

Changelog * Wed Mar 25 2026 Charalampos Stratakis <cstratak@redhat.com> - 3.11-33 - Security fix for CVE-2025-56005 - Fixes: rhbz#2437981

FEDORA-2026-838bf0f5d5 Packages in this update:

• python3.11-3.11.15-2.fc45

Update description:

Automatic update for python3.11-3.11.15-2.fc45.

Changelog * Thu Mar 26 2026 Lumír Balhar <lbalhar@redhat.com> - 3.11.15-2 - Security fix for CVE-2026-4519 (rhbz#2449727)

FEDORA-2026-2f6fa1b6a1 Packages in this update:

• tcpflow-1.6.2-0.1.8d47b53.fc42

Update description:

The update fixes CVS-2026-25061

FEDORA-2026-4398680e1a Packages in this update:

• tcpflow-1.6.2-0.1.8d47b53.fc43

Update description:

The update fixes CVS-2026-25061

FEDORA-EPEL-2026-95e9f41936 Packages in this update:

• tcpflow-1.6.2-0.1.8d47b53.el8

Update description:

The update fixes CVS-2026-25061

FEDORA-2026-3efb70d4da Packages in this update:

• tcpflow-1.6.2-0.1.8d47b53.fc44

Update description:

The update fixes CVS-2026-25061

FEDORA-EPEL-2026-6d1b80ec2d Packages in this update:

• libgsasl-1.8.0-9.el8

Update description:

GSSAPI server: Boundary check gss_wrap token (read OOB)

FEDORA-EPEL-2026-d6403f9920 Packages in this update:

• libgsasl-1.10.0-15.el9

Update description:

GSSAPI server: Boundary check gss_wrap token (read OOB)

FEDORA-2026-5317df36be Packages in this update:

• libgsasl-1.10.0-15.fc43

Update description:

GSSAPI server: Boundary check gss_wrap token (read OOB)

FEDORA-2026-5868a8d652 Packages in this update:

• libgsasl-1.10.0-15.fc44

Update description:

GSSAPI server: Boundary check gss_wrap token (read OOB)