Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
202

openSUSE Buildah Important Security Patch for 25 Issues 2026-2733-1

An update that solves 25 vulnerabilities can now be installed.. # Security update for buildah Announcement ID: SUSE-SU-2026:2733-1 Release Date: 2026-07-02T18:05:10Z Rating: important References: * bsc#1262953 * bsc#1266191 * bsc#1266648 * bsc#1267179 Cross-References: * CVE-2025-22869 * CVE-2025-27144 * CVE-2025-47913 * CVE-2025-47914 * CVE-2025-52881 * CVE-2026-25680 * CVE-2026-25681 * CVE-2026-27136 * CVE-2026-34986 * CVE-2026-39821 * CVE-2026-39827 * CVE-2026-39828 * CVE-2026-39829 * CVE-2026-39830 * CVE-2026-39831 * CVE-2026-39832 * CVE-2026-39833 * CVE-2026-39834 * CVE-2026-39835 * CVE-2026-42502 * CVE-2026-42506 * CVE-2026-42508 * CVE-2026-46595 * CVE-2026-46597 * CVE-2026-46598 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47914 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-52881 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-52881 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-52881 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-52881 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2026-25680 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25680 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-25681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39827 ( SUSE ): 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39827 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39828 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-39828 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-39830 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39831 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N * CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39832 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39832 ( NVD ): 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N * CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39833 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39835 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-39835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42502 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L * CVE-2026-46595 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46597 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues * CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files (bsc#1267179). * CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262953). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266648). * CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses ingolang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent (bsc#1266191). * CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266191). * CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts (bsc#1266191). * CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266191). * CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266191). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2733=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2733=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2733=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2733=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2733=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP5-2026-2733=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2733=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2733=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.62.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.62.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * buildah-1.35.5-150500.3.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * buildah-1.35.5-150500.3.62.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.62.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://www.suse.com/security/cve/CVE-2025-47913.html * https://www.suse.com/security/cve/CVE-2025-47914.html * https://www.suse.com/security/cve/CVE-2025-52881.html * https://www.suse.com/security/cve/CVE-2026-25680.html * https://www.suse.com/security/cve/CVE-2026-25681.html * https://www.suse.com/security/cve/CVE-2026-27136.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-39827.html * https://www.suse.com/security/cve/CVE-2026-39828.html * https://www.suse.com/security/cve/CVE-2026-39829.html * https://www.suse.com/security/cve/CVE-2026-39830.html *https://www.suse.com/security/cve/CVE-2026-39831.html * https://www.suse.com/security/cve/CVE-2026-39832.html * https://www.suse.com/security/cve/CVE-2026-39833.html * https://www.suse.com/security/cve/CVE-2026-39834.html * https://www.suse.com/security/cve/CVE-2026-39835.html * https://www.suse.com/security/cve/CVE-2026-42502.html * https://www.suse.com/security/cve/CVE-2026-42506.html * https://www.suse.com/security/cve/CVE-2026-42508.html * https://www.suse.com/security/cve/CVE-2026-46595.html * https://www.suse.com/security/cve/CVE-2026-46597.html * https://www.suse.com/security/cve/CVE-2026-46598.html * https://bugzilla.suse.com/show_bug.cgi?id=1262953 * https://bugzilla.suse.com/show_bug.cgi?id=1266191 * https://bugzilla.suse.com/show_bug.cgi?id=1266648 * https://bugzilla.suse.com/show_bug.cgi?id=1267179 . This update resolves various issues in buildah for openSUSE, addressing critical security threats and improving overall functionality.. openSUSE security patches, buildah vulnerabilities, linux updates. . LinuxSecurity.com Team

Calendar%202 Jul 03, 2026 OpenSUSE
202

openSUSE 15.4 python311 Moderate Base64 Decoding Issue 2026-2723-1

An update that solves one vulnerability and has one security fix can now be installed.. # Security update for python311 Announcement ID: SUSE-SU-2026:2723-1 Release Date: 2026-07-01T18:09:22Z Rating: moderate References: * bsc#1258364 * bsc#1261970 Cross-References: * CVE-2026-3446 CVSS scores: * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: Security issues fixed: * CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed (bsc#1261970). Other updates and bugfixes: * Rewrite structure of Python interpreter packages. `python3*` symbols should be now provided by real `python3` packages and its subpackages instead of the virtual provides (bsc#1258364). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2723=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2723=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586ppc64le s390x x86_64) * python311-core-debugsource-3.11.15-150400.9.88.1 * python311-testsuite-3.11.15-150400.9.88.1 * python311-curses-debuginfo-3.11.15-150400.9.88.1 * python311-doc-devhelp-3.11.15-150400.9.88.1 * python311-dbm-3.11.15-150400.9.88.1 * python311-testsuite-debuginfo-3.11.15-150400.9.88.1 * python311-idle-3.11.15-150400.9.88.1 * python311-debugsource-3.11.15-150400.9.88.1 * python311-tools-3.11.15-150400.9.88.1 * libpython3_11-1_0-3.11.15-150400.9.88.1 * python311-base-3.11.15-150400.9.88.1 * python311-doc-3.11.15-150400.9.88.1 * python311-curses-3.11.15-150400.9.88.1 * python311-devel-3.11.15-150400.9.88.1 * libpython3_11-1_0-debuginfo-3.11.15-150400.9.88.1 * python311-3.11.15-150400.9.88.1 * python311-tk-debuginfo-3.11.15-150400.9.88.1 * python311-tk-3.11.15-150400.9.88.1 * python311-dbm-debuginfo-3.11.15-150400.9.88.1 * python311-debuginfo-3.11.15-150400.9.88.1 * python311-base-debuginfo-3.11.15-150400.9.88.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.15-150400.9.88.1 * python311-32bit-debuginfo-3.11.15-150400.9.88.1 * python311-base-32bit-debuginfo-3.11.15-150400.9.88.1 * python311-32bit-3.11.15-150400.9.88.1 * libpython3_11-1_0-32bit-3.11.15-150400.9.88.1 * python311-base-32bit-3.11.15-150400.9.88.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.15-150400.9.88.1 * python311-base-64bit-debuginfo-3.11.15-150400.9.88.1 * python311-64bit-3.11.15-150400.9.88.1 * libpython3_11-1_0-64bit-3.11.15-150400.9.88.1 * python311-64bit-debuginfo-3.11.15-150400.9.88.1 * python311-base-64bit-3.11.15-150400.9.88.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-base-3.11.15-150400.9.88.1 * python311-3.11.15-150400.9.88.1 * libpython3_11-1_0-3.11.15-150400.9.88.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3446.html *https://bugzilla.suse.com/show_bug.cgi?id=1258364 * https://bugzilla.suse.com/show_bug.cgi?id=1261970 . An important python311 update for openSUSE addresses CVE-2026-3446 with a moderate severity rating.. openSUSE python311 security python update CVE-2026-3446. . LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 OpenSUSE
219

Rocky Linux 8 PHP Important Security Fixes RLSA-2026-34354

Important: php:7.4 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:34354", "synopsis": "Important: php:7.4 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.libzip, php-pear, php-pecl-xdebug, libzip, module.php-pecl-xdebug, php-pecl-rrd, module.php-pecl-apcu, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability (CVE-2026-6722)\n\n* PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions (CVE-2026-7258)\n\n* PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation (CVE-2026-6735)\n\n* PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling (CVE-2026-7261)\n\n* php: NULL pointer dereference in SOAP apache:Map decoder with missing (CVE-2026-7262)\n\n* php: signed integer overflow in metaphone() (CVE-2026-7568)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2468560", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468560", "description": ""}, {"ticket": "2468561", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468561", "description": ""}, {"ticket": "2468562", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468562", "description": ""}, {"ticket": "2468563","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468563", "description": ""}, {"ticket": "2468565", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468565", "description": ""}, {"ticket": "2468566", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468566", "description": ""}], "cves": [{"name": "CVE-2026-6722", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6722", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "cvss3BaseScore": "7.7", "cwe": "CWE-825"}, {"name": "CVE-2026-6735", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6735", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-79"}, {"name": "CVE-2026-7258", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7258", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-839"}, {"name": "CVE-2026-7261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7261", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "5.6", "cwe": "CWE-825"}, {"name": "CVE-2026-7262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7262", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-476"}, {"name": "CVE-2026-7568", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7568", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}], "references": [], "publishedAt": "2026-07-02T00:01:04.334825Z", "rpms": {"Rocky Linux 8": {"nvras": ["apcu-panel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.noarch.rpm","apcu-panel-0:5.1.18-1.module+el8.10.0+1912+72767185.noarch.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.src.rpm","php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm","php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm","php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important updates for PHP affecting Rocky Linux 8 include security fixes for remote code execution and denial of service issues.. PHP security updates, Rocky Linux security, Remote Code Execution, Denial of Service. . LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Rocky Linux
219

Rocky Linux 8 PHP Important Remote Code Exec DoS RLSA-2026-34354

Important: php:7.4 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:34354", "synopsis": "Important: php:7.4 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.libzip, php-pear, php-pecl-xdebug, libzip, module.php-pecl-xdebug, php-pecl-rrd, module.php-pecl-apcu, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability (CVE-2026-6722)\n\n* PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions (CVE-2026-7258)\n\n* PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation (CVE-2026-6735)\n\n* PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling (CVE-2026-7261)\n\n* php: NULL pointer dereference in SOAP apache:Map decoder with missing (CVE-2026-7262)\n\n* php: signed integer overflow in metaphone() (CVE-2026-7568)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2468560", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468560", "description": ""}, {"ticket": "2468561", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468561", "description": ""}, {"ticket": "2468562", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468562", "description": ""}, {"ticket": "2468563","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468563", "description": ""}, {"ticket": "2468565", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468565", "description": ""}, {"ticket": "2468566", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468566", "description": ""}], "cves": [{"name": "CVE-2026-6722", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6722", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "cvss3BaseScore": "7.7", "cwe": "CWE-825"}, {"name": "CVE-2026-6735", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6735", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-79"}, {"name": "CVE-2026-7258", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7258", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-839"}, {"name": "CVE-2026-7261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7261", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "5.6", "cwe": "CWE-825"}, {"name": "CVE-2026-7262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7262", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-476"}, {"name": "CVE-2026-7568", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7568", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}], "references": [], "publishedAt": "2026-07-02T00:01:04.334825Z", "rpms": {"Rocky Linux 8": {"nvras": ["apcu-panel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.noarch.rpm","apcu-panel-0:5.1.18-1.module+el8.10.0+1912+72767185.noarch.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.src.rpm","php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm","php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm","php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Essential PHP security updates for Rocky Linux address critical vulnerabilities affecting systems. Ensure your installation is protected.. Rocky Linux PHP security update, critical PHP vulnerabilities, PHP remote code execution, server security advisory, PHP denial of service. . LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Rocky Linux
219

Rocky Linux PHP Important RLSA-2026-34354 Code Execution DOS XSS

Important: php:7.4 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:34354", "synopsis": "Important: php:7.4 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.libzip, php-pear, php-pecl-xdebug, libzip, module.php-pecl-xdebug, php-pecl-rrd, module.php-pecl-apcu, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability (CVE-2026-6722)\n\n* PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions (CVE-2026-7258)\n\n* PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation (CVE-2026-6735)\n\n* PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling (CVE-2026-7261)\n\n* php: NULL pointer dereference in SOAP apache:Map decoder with missing (CVE-2026-7262)\n\n* php: signed integer overflow in metaphone() (CVE-2026-7568)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2468560", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468560", "description": ""}, {"ticket": "2468561", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468561", "description": ""}, {"ticket": "2468562", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468562", "description": ""}, {"ticket": "2468563","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468563", "description": ""}, {"ticket": "2468565", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468565", "description": ""}, {"ticket": "2468566", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468566", "description": ""}], "cves": [{"name": "CVE-2026-6722", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6722", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "cvss3BaseScore": "7.7", "cwe": "CWE-825"}, {"name": "CVE-2026-6735", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6735", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-79"}, {"name": "CVE-2026-7258", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7258", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-839"}, {"name": "CVE-2026-7261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7261", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "5.6", "cwe": "CWE-825"}, {"name": "CVE-2026-7262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7262", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-476"}, {"name": "CVE-2026-7568", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7568", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}], "references": [], "publishedAt": "2026-07-02T00:01:04.334825Z", "rpms": {"Rocky Linux 8": {"nvras": ["apcu-panel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.noarch.rpm","apcu-panel-0:5.1.18-1.module+el8.10.0+1912+72767185.noarch.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.src.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-debugsource-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-devel-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "libzip-tools-0:1.6.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "libzip-tools-debuginfo-0:1.6.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.noarch.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1605+02e07af7.src.rpm", "php-pear-1:1.10.13-1.module+el8.10.0+1912+72767185.src.rpm","php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.18-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-rrd-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm","php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-xdebug-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.src.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-0:1.18.2-1.module+el8.10.0+1604+6558efc7.x86_64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm","php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1604+6558efc7.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.aarch64.rpm", "php-pecl-zip-debugsource-0:1.18.2-1.module+el8.10.0+1912+72767185.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Critical updates for php in Rocky Linux 8 addressing remote execution and denial of service vulnerabilities.. Rocky Linux Security, PHP Updates, PHP Vulnerabilities, Remote Code Execution, Denial of Service. . LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Rocky Linux
89

Fedora 43 Kernel Significant Jailbreak Resolution 2026-35e2185559

The 7.0.14-101/201 kernel builds contain a fix for an unprivileged container / jail escape. This has not been assigned a CVE number yet, but a POC is in the wild. The 7.0.14 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-35e2185559 2026-07-02 01:07:29.332059+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.0.14 Release : 101.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.0.14-101/201 kernel builds contain a fix for an unprivileged container / jail escape. This has not been assigned a CVE number yet, but a POC is in the wild. The 7.0.14 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 1 2026 Justin M. Forbes [7.0.14-1] - ipv6: account for fraggap on the paged allocation path (Wongi Lee) - ipv4: account for fraggap on the paged allocation path (Wongi Lee) * Sat Jun 27 2026 Justin M. Forbes [7.0.14-0] - Revert "Input: rmi4 - remove the need for artificial IRQ in case of HID" (Justin M. Forbes) - Linux v7.0.14 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-35e2185559' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fix for unprivileged container jail escape in Fedora 43 kernel update with important fixes included.. Fedora 43 kernel update, unprivileged escape fix, security patch Fedora. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 43 Transmission Critical CORS Bug Fix 2026-0ed2011b62

Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0ed2011b62 2026-07-02 01:07:29.332055+00:00 -------------------------------------------------------------------------------- Name : transmission Product : Fedora 43 Version : 4.1.3 Release : 1.fc43 URL : http://www.transmissionbt.com Summary : A lightweight GTK+ BitTorrent client Description : Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top on an efficient, cross-platform back-end. -------------------------------------------------------------------------------- Update Information: Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Gwyn Ciesla - 4.1.3-1 - 4.1.3 * Sat Jun 20 2026 Ryan Nosurname - 4.1.2-3 - Remove unnecessary Qt icon rename * Fri Jun 12 2026 Yaakov Selkowitz - 4.1.2-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447219 - transmission-qt has no icon https://bugzilla.redhat.com/show_bug.cgi?id=2447219 [ 2 ] Bug #2494743 - transmission-4.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0ed2011b62' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Upgrade to Fedora 43's transmission to fix critical CORS and other bugs now. Ensure your system's security and functionality!. Fedora update, transmission fix, BitTorrent client. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 43 Thunderbird Update Advisory 2026-2fb5ca48a2 Release Notes

Update to latest upstream version Update to latest upstream version.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2fb5ca48a2 2026-07-02 01:07:29.332031+00:00 -------------------------------------------------------------------------------- Name : thunderbird Product : Fedora 43 Version : 152.0 Release : 2.fc43 URL : http://www.mozilla.org/projects/thunderbird/ Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. -------------------------------------------------------------------------------- Update Information: Update to latest upstream version Update to latest upstream version. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Jan Horak - 152.0-1 - Update to 152.0 * Fri Jun 5 2026 Jan Horak - 151.0.1-1 - Update to 151.0.1 * Thu May 21 2026 Jan Horak - 151.0-1 - Update to 151.0 * Thu May 14 2026 Jan Horak - 150.0.2-1 - Update to 150.0.2 * Tue Apr 28 2026 Jan Horak - 150.0-1 - Update to Thunderbird 150.0 * Tue Apr 14 2026 Jan Horak - 149.0.2-1 - Update to 149.0.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2fb5ca48a2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to the latest version of Thunderbird for Fedora, addressing essential improvements and maintaining system integrity.. Fedora Thunderbird Update mail client security. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here