5359 matches found
Important: tomcat security, bug fix, and enhancement update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...
Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle i...
Important: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: GStreamer: Heap buffer overflo...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange CVE-2025-71066 kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN CVE-2026-461...
Important: oci-seccomp-bpf-hook security update
OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. Security Fixes: net: golang: Go net package: Denial of Service via long CNAME response in...
Important: nginx:1.26 security, bug fix, and enhancement update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...
Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit...
Important: nginx:1.24 security, bug fix, and enhancement update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...
Moderate: gstreamer1-plugins-ugly-free security update
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fixes: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header...
Important: tomcat security, bug fix, and enhancement update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...
Low: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling CVE-2025-6170 For more details about the security issues, including the impact, a CVSS score,...
Moderate: cups security update
The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...
Moderate: edk2 security, bug fix, and enhancement update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Bug Fixes and Enhancements: FJ8.10 Bug How to Updat...
Low: libtasn1 security update
A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: libtasn1: Denial of Service via stack-based...
Moderate: libsolv security update
The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data CVE-2026-48864 For more details about the security issues,...
Moderate: python-urllib3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: kernel update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eventpoll: defer struct eventpoll free to RCU grace period CVE-2026-43074 kernel: eventpoll: fix epremove struct eventpoll / struct file UAF CVE-2026-46242 kernel: Linux kernel: netfilter...
Important: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: GStreamer: Heap buffer overflo...
Moderate: aardvark-dns security update
Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. Read more about configuration in src/backend/mod.rs. Security Fixes: aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset CVE-2026-35406 For more details...
Important: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: golang crypto/x509: Denial of...
Important: perl-HTTP-Daemon security update
The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. Security Fixes: perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in...
Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 For more details about the security issues, including...
Important: 389-ds-base security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: Heap buffer overflow in sasliorecv via padded SASL...
Moderate: freeipmi security update
The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...
Important: kernel-rt security, bug fix, and enhancement update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: gfs2: Fix use-after-free in iomap inline...
Moderate: freeipmi security update
The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Important: compat-openssl10 security update
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: Heap...
Important: python3.14-pip security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: nginx security, bug fix, and enhancement update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...
Important: perl-HTTP-Daemon security update
The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. Security Fixes: perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcp: fix potential race in tcpv6synrecvsock CVE-2026-43198 kernel: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable CVE-2026-43450 kernel: sctp: revalidate list cursor...
Important: kernel-rt security, bug fix, and enhancement update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tcp: fix potential race in tcpv6synrecvsock CVE-2026-43198 kernel: netfilter: nfnetlinkcthelper: fix OOB read in...
Important: nodejs:22 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 kernel: net: mana: Fix double destroyworkqueue on service rescan PCI path CVE-2026-43276 kernel: Linux kernel:...
Important: container-tools:rhel8 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...
Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Important: nodejs:24 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 For more details about the security issue...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 For more details about the security issue...
Important: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...
Important: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...
Moderate: rrdtool security update
The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...
Important: php:7.4 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...
Moderate: rrdtool security update
The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...
Important: opentelemetry-collector security update
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint CVE-2026-42154 github.com/prometheus/prometheus: Prometheus: Information...
Important: php security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...
Important: mariadb:10.11 security, bug fix, and enhancement update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: AlmaLinux8tracker Rebase Galera to 26.4.27 MariaDB:10.11...
Important: mariadb:11.8 security, bug fix, and enhancement update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: AlmaLinux9 tracker Rebase Galera to 26.4.27 MariaDB:11.8...
Important: giflib security update
giflib is a library for reading and writing gif images. Security Fixes: giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension CVE-2026-26740 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer ...