Advisories » MGASA-2026-0130

Updated perl-Gazelle packages fix security vulnerability

Publication date: 13 May 2026
Modification date: 13 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-40562

Description

Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via
Improper Header Precedence. (CVE-2026-40562)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35485
• https://www.openwall.com/lists/oss-security/2026/05/06/7
• https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40562

SRPMS

9/core

• perl-Gazelle-0.490.0-5.1.mga9