Bug 2491370 - CVE-2026-43870 golang-github-uber-tally: Apache Thrift: Denial of Service via multiple vulnerabilities [fedora-all]
Summary: CVE-2026-43870 golang-github-uber-tally: Apache Thrift: Denial of Service via...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: golang-github-uber-tally
Version: rawhide
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
Assignee: Orphan Owner
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: {"flaws": ["0f8d34ba-e689-45f4-90a1-4...
Depends On:
Blocks: CVE-2026-43870
TreeView+ depends on / blocked
 
Reported: 2026-06-22 14:18 UTC by Ganesh
Modified: 2026-06-26 02:01 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2026-06-26 02:01:39 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ganesh 2026-06-22 14:18:58 UTC
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Comment 1 Maxwell G 2026-06-26 02:01:39 UTC
Automation has figured out the package is retired in Fedora Rawhide.

If you like it to be unretired, please open a ticket at
https://forge.fedoraproject.org/releng/tickets/issues/new?template=.forgejo%2fISSUE_TEMPLATE%2funretire-package.md


Note You need to log in before you can comment on or make changes to this bug.