-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-724d1b1044 2026-01-10 01:38:26.534895+00:00 --------------------------------------------------------------------------------
Name : python-urllib3 Product : Fedora 43 Version : 2.6.3 Release : 1.fc43 URL : https://github.com/urllib3/urllib3 Summary : HTTP library with thread-safe connection pooling, file post, and more Description : urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: ⢠Thread safety. ⢠Connection pooling. ⢠Client-side SSL/TLS verification. ⢠File uploads with multipart encoding. ⢠Helpers for retrying requests and dealing with HTTP redirects. ⢠Support for gzip, deflate, brotli, and zstd encoding. ⢠Proxy support for HTTP and SOCKS. ⢠100% test coverage. -------------------------------------------------------------------------------- Update Information: 2.6.3 (2026-01-07) Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. GHSA-38jv-5279-wg99, CVE-2026-21441 Started treating Retry-After times greater than 6 hours as 6 hours by default. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 7 2026 Benjamin A. Beasley <[email protected]> - 2.6.3-1 - Update to 2.6.3 (close RHBZ#2427603) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2427603 - python-urllib3-2.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2427603 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-724d1b1044' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
