-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f5514402fd 2026-02-10 01:08:32.523437+00:00 --------------------------------------------------------------------------------
Name : python3.6 Product : Fedora 42 Version : 3.6.15 Release : 52.fc42 URL : https://www.python.org/ Summary : Version 3.6 of the Python interpreter Description : Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. -------------------------------------------------------------------------------- Update Information: Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 29 2026 LumÃr Balhar <[email protected]> - 3.6.15-52 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 * Sat Jan 17 2026 Fedora Release Engineering <[email protected]> - 3.6.15-51 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Nov 6 2025 Miro HronÄok <[email protected]> - 3.6.15-50 - On Fedora 44+, split this package into multiple subpackages - This mimics newer Python versions -------------------------------------------------------------------------------- References: [ 1 ] Bug #2431621 - CVE-2025-15366 python3.6: IMAP command injection in user-controlled commands [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431621 [ 2 ] Bug #2431645 - CVE-2025-15367 python3.6: POP3 command injection in user-controlled commands [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431645 [ 3 ] Bug #2431805 - CVE-2026-0865 python3.6: wsgiref.headers.Headers allows header newline injection in Python [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431805 [ 4 ] Bug #2433821 - CVE-2026-1299 python3.6: email header injection due to unquoted newlines [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2433821 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f5514402fd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
