Fedora 43 and Fedora 42 have received updates for the python3.9 package, which is version 3.9.25 in both cases. The update fixes a security issue (CVE-2025-12084) that could lead to a denial of service when using xml.dom.minidom with Python's cpython implementation Fedora 43 Update: python3.9-3.9.25-3.fc43 Fedora 42 Update: python3.9-3.9.25-3.fc42 [SECURITY] Fedora 43 Update: python3.9-3.9.25-3.fc43 -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-975a15098b 2026-01-24 01:41:37.895567+00:00 -------------------------------------------------------------------------------- Name : python3.9 Product : Fedora 43 Version : 3.9.25 Release : 3.fc43 URL : https://www.python.org/ Summary : Version 3.9 of the Python interpreter Description : Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedora releases. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-12084 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 14 2026 Lum??r Balhar [lbalhar@redhat.com] - 3.9.25-3 - Security fix for CVE-2025-12084 * Mon Nov 10 2025 Tomas Orsava [torsava@redhat.com] - 3.9.25-2 - Move _sysconfigdata_d_linux*.py to the debug subpackage -------------------------------------------------------------------------------- References: [ 1 ] Bug #2422522 - CVE-2025-12084 python3.9: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2422522 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-975a15098b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- [SECURITY] Fedora 42 Update: python3.9-3.9.25-3.fc42 -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-43e2b1e209 2026-01-24 01:36:32.972058+00:00 -------------------------------------------------------------------------------- Name : python3.9 Product : Fedora 42 Version : 3.9.25 Release : 3.fc42 URL : https://www.python.org/ Summary : Version 3.9 of the Python interpreter Description : Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedora releases. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-12084 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 14 2026 Lum??r Balhar [lbalhar@redhat.com] - 3.9.25-3 - Security fix for CVE-2025-12084 * Mon Nov 10 2025 Tomas Orsava [torsava@redhat.com] - 3.9.25-2 - Move _sysconfigdata_d_linux*.py to the debug subpackage -------------------------------------------------------------------------------- References: [ 1 ] Bug #2422519 - CVE-2025-12084 python3.9: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2422519 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-43e2b1e209' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- Samba 4.23.5 released Binutils, Go, Open-VM-Tools, and more updates for Rocky Linux