Fedora 44 has received security updates for two packages: python-lxml-html-clean and dr_libs. The python-lxml-html-clean update, version 0.4.4-1.fc44, addresses a cross-site scripting (XSS) vulnerability in lxml_html_clean. The dr_libs update, version 0^20260302.fa931f3-2.fc44, fixes various bugs and compatibility issues with the dr_flac, dr_mp3, and dr_wav libraries.

Fedora 44 Update: python-lxml-html-clean-0.4.4-1.fc44
Fedora 44 Update: dr_libs-0^20260302.fa931f3-2.fc44

[SECURITY] Fedora 44 Update: python-lxml-html-clean-0.4.4-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f46fc594f3
2026-03-12 00:14:45.198051+00:00
--------------------------------------------------------------------------------

Name : python-lxml-html-clean
Product : Fedora 44
Version : 0.4.4
Release : 1.fc44
URL : https://github.com/fedora-python/lxml_html_clean/
Summary : HTML cleaner from lxml project
Description :
HTML cleaner from lxml project.

--------------------------------------------------------------------------------
Update Information:

Security update for python-lxml-html-clean
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 2 2026 Lumir Balhar [lbalhar@redhat.com] - 0.4.4-1
- Update to 0.4.4 (rhbz#2443287)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2443287 - python-lxml-html-clean-0.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2443287
[ 2 ] Bug #2444970 - CVE-2026-28348 python-lxml-html-clean: lxml_html_clean: Cross-Site Scripting (XSS) via CSS filter bypass [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2444970
[ 3 ] Bug #2444971 - CVE-2026-28350 python-lxml-html-clean: lxml_html_clean: Web link hijacking due to improper base tag handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2444971
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f46fc594f3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: dr_libs-0^20260302.fa931f3-2.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c2889d2725
2026-03-12 00:14:45.197974+00:00
--------------------------------------------------------------------------------

Name : dr_libs
Product : Fedora 44
Version : 0^20260302.fa931f3
Release : 2.fc44
URL : https://github.com/mackron/dr_libs
Summary : Single-file audio decoding libraries for C/C++
Description :
Single-file audio decoding libraries for C/C++.

--------------------------------------------------------------------------------
Update Information:

dr_flac
v0.13.3 - 2026-01-17
Fix a compiler compatibility issue with some inlined assembly.
Fix a compilation warning.
dr_mp3
v0.7.3 - 2026-01-17
Fix an error in drmp3_open_and_read_pcm_frames_s16() and family when memory
allocation fails.
Fix some compilation warnings.
dr_wav
v0.14.5 - 2026-03-03
Fix a crash when loading files with a malformed "smpl" chunk.
Fix a signed overflow bug with the MS-ADPCM decoder.
v0.14.4 - 2026-01-17
Fix some compilation warnings.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 3 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 0^20260302.fa931f3-1
- Update to 0^20260302.fa931f3
- dr_flac 0.13.3
- dr_mp3 0.7.3
- dr_wav 0.14.5
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c2889d2725' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new