Fedora 44 users need to install three security updates released this week to fix critical flaws across essential networking software. The pyOpenSSL library reaches version 26.1.0 after patching a bug that allowed NUL bytes to silently truncate certificate fields and break data consistency. Squid advances to its seventh major release by addressing two distinct security flaws tied to ICP traffic processing. PowerDNS also receives a major bump to 5.0.4, which closes a file descriptor exhaustion exploit, stops database corruption from malformed records, and blocks information leaks caused by unsafe LDAP queries.

Fedora 44 Update: pyOpenSSL-26.1.0-1.fc44
Fedora 44 Update: squid-7.5-1.fc44
Fedora 44 Update: pdns-5.0.4-1.fc44

[SECURITY] Fedora 44 Update: pyOpenSSL-26.1.0-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-05d463c932
2026-05-06 00:48:51.045817+00:00
--------------------------------------------------------------------------------

Name : pyOpenSSL
Product : Fedora 44
Version : 26.1.0
Release : 1.fc44
URL : https://pyopenssl.readthedocs.org/
Summary : Python wrapper module around the OpenSSL library
Description :
High-level wrapper around a subset of the OpenSSL library, includes among others
* SSL.Connection objects, wrapping the methods of Python's portable
sockets
* Callbacks written in Python
* Extensive error-handling mechanism, mirroring OpenSSL's error codes

--------------------------------------------------------------------------------
Update Information:

Update to pyOpenSSL 26.1.0
This update adds support for cryptography v47 and fixes a single security issue:
Fixed X509Name field setters to correctly pass the value length to OpenSSL.
Previously, values containing NUL bytes would be silently truncated, causing a
divergence between the stored ASN.1 value and the value visible from Python.
Credit to BudongJW for reporting the issue. CVE-2026-40475
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 29 2026 Jeremy Cline [jeremycline@microsoft.com] - 26.1.0-1
- Update to 26.1.0
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-05d463c932' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 44 Update: squid-7.5-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-c0590bd498
2026-05-06 00:48:51.045777+00:00
--------------------------------------------------------------------------------

Name : squid
Product : Fedora 44
Version : 7.5
Release : 1.fc44
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

--------------------------------------------------------------------------------
Update Information:

new version 7.5
security update
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 27 2026 Lubo?? Uhliarik [luhliari@redhat.com] - 7:7.5-1
- new version 7.5
- Add tmpfiles.d rules for /var directories (bootc compatibility)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2431445 - squid-7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2431445
[ 2 ] Bug #2451599 - CVE-2026-33526 squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2451599
[ 3 ] Bug #2451601 - CVE-2026-32748 squid: Squid: Denial of Service via crafted ICP traffic [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2451601
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-c0590bd498' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 44 Update: pdns-5.0.4-1.fc44

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-f416c4ba87
2026-05-06 00:48:51.045739+00:00
--------------------------------------------------------------------------------

Name : pdns
Product : Fedora 44
Version : 5.0.4
Release : 1.fc44
URL : http://powerdns.com
Summary : A modern, advanced and high performance authoritative-only name server
Description :
The PowerDNS Nameserver is a modern, advanced and high performance
authoritative-only name server. It is written from scratch and conforms
to all relevant DNS standards documents.
Furthermore, PowerDNS interfaces with almost any database.

--------------------------------------------------------------------------------
Update Information:

Update to 5.0.4
Release notes:
https://doc.powerdns.com/authoritative/changelog/5.0.html#change-5.0.4
Security advisory: https://docs.powerdns.com/authoritative/security-
advisories/powerdns-advisory-2026-05.html
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 26 2026 Morten Stevens [mstevens@fedoraproject.org] - 5.0.4-1
- Update to 5.0.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2461770 - CVE-2026-33610 pdns: PowerDNS: Denial of Service due to file descriptor exhaustion from rogue primary server DNS update requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2461770
[ 2 ] Bug #2461772 - CVE-2026-33611 pdns: PowerDNS: Database corruption due to invalid record data [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2461772
[ 3 ] Bug #2461775 - CVE-2026-33609 pdns: PowerDNS: Information disclosure via incomplete LDAP query escaping [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2461775
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-f416c4ba87' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new