Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:17287: Important: podman security update

cve-2026-1234rhelcve-2026-25679cve-2026-34986cve-2026-32283
This security update addresses multiple high-severity vulnerabilities (CVSS 7.5) in Podman for RHEL 9.6 EUS, including denial-of-service flaws in Go's crypto/tls and crypto/x509 libraries, a parsing issue in net/url for IPv6 hosts, and a DoS vulnerability in the go-jose library via crafted JWE objects. The underlying Go runtime vulnerabilities affect Go versions prior to 1.25.8/1.25.9 and specific 1.26.x releases, while the go-jose library flaw affects versions 3.0.0-3.0.4 and 4.0.0-4.1.3. The fix is applied by updating the Podman package via the provided Red Hat errata channel.
Read Full Article →

Red Hat Product Errata RHSA-2026:17287 - Security Advisory Issued: 2026-05-13 Updated: 2026-05-13 RHSA-2026:17287 - Security Advisory Overview Updated Packages Synopsis Important: podman security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url BZ - 2455470 - CVE-2026-34986 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-25679 CVE-2026-32280 CVE-2026-32283 CVE-2026-34986 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM podman-5.4.0-20.el9_6.3.src.rpm SHA-256: 9a76b2fb8d4882aef71a7b03f5cf1586c80ab9fb077147aca363516db036d57c x86_64 podman-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 848e06d9b9d1b5d180c772eb328693af76d5d020b13c444d884f0b508919f010 podman-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 3c27358b1694048696c2c6e681685058988e9fc79d999f8ada7f92de1682462e podman-debugsource-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: c4d6a26d4148c4a0a01e4197b677837c89c06a74c10b5ed697162374c1f4a3a4 podman-docker-5.4.0-20.el9_6.3.noarch.rpm SHA-256: 5153cdda2041d3da32dcfa73b8113e6d0e37c2026660d75886e90fbd1794f651 podman-plugins-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: fc034e829e008c468540e81b7acfd73ac57e14a1960cb191421c5a54746847cc podman-plugins-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 86199ca3b1d9a4a507a36dd6e1e70ca6d7d68dcca808b62d07b321075dfbcc2f podman-remote-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: f754b6712ae66bb044c35739205dfc2c0fa6043df2007b6b14bfca4da137f951 podman-remote-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 41327f00a71900953f0f3b80a772276f217fe24ddf048bb934575f65c9d3ccef podman-tests-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 2bfc72f8190d4dc5c4ba0687f76e896789dabde288e31015457562bd5e6c10c6 podman-tests-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 42d08d65f1ea16a01559efff9a95f5cb83d1aa8084b9092efc6f9fade820456d Red Hat Enterprise Linux Server - AUS 9.6 SRPM podman-5.4.0-20.el9_6.3.src.rpm SHA-256: 9a76b2fb8d4882aef71a7b03f5cf1586c80ab9fb077147aca363516db036d57c x86_64 podman-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 848e06d9b9d1b5d180c772eb328693af76d5d020b13c444d884f0b508919f010 podman-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 3c27358b1694048696c2c6e681685058988e9fc79d999f8ada7f92de1682462e podman-debugsource-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: c4d6a26d4148c4a0a01e4197b677837c89c06a74c10b5ed697162374c1f4a3a4 podman-docker-5.4.0-20.el9_6.3.noarch.rpm SHA-256: 5153cdda2041d3da32dcfa73b8113e6d0e37c2026660d75886e90fbd1794f651 podman-plugins-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: fc034e829e008c468540e81b7acfd73ac57e14a1960cb191421c5a54746847cc podman-plugins-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 86199ca3b1d9a4a507a36dd6e1e70ca6d7d68dcca808b62d07b321075dfbcc2f podman-remote-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: f754b6712ae66bb044c35739205dfc2c0fa6043df2007b6b14bfca4da137f951 podman-remote-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 41327f00a71900953f0f3b80a772276f217fe24ddf048bb934575f65c9d3ccef podman-tests-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 2bfc72f8190d4dc5c4ba0687f76e896789dabde288e31015457562bd5e6c10c6 podman-tests-debuginfo-5.4.0-20.el9_6.3.x86_64.rpm SHA-256: 42d08d65f1ea16a01559efff9a95f5cb83d1aa8084b9092efc6f9fade820456d Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM podman-5.4.0-20.el9_6.3.src.rpm SHA-256: 9a76b2fb8d4882aef71a7b03f5cf1586c80ab9fb077147aca363516db036d57c s390x podman-5.4.0-20.el9_6.3.s390x.rpm SHA-256: 18746a9a7784c99a810ab6e4be8a1d9e060c0eb0a275dfbed29f034c3ac154d9 podman-debuginfo-5.4.0-20.el9_6.3.s390x.rpm SHA-256: 4f8bceabc8552dc7a7707957dae7842ae7865e87d0c6ef5ee443fe507dcc7e69 podman-debugsource-5.4.0-20.el9_6.3.s390x.rpm SHA-256: d825b829424f27932750ffd41803a5d5b7571f9fe29d8f6d34b6af70dd116f6a podman-docker-5.4.0-20.el9_6.3.noarch.rpm SHA-256: 5153cdda2041d3da32dcfa73b8113e6d0e37c2026660d75886e90fbd1794f651 podman-plugins-5.4.0-20.el9_6.3.s390x.rpm SHA-256: 0d47519a6a1ec35b948ecde4481d16543224d8b7848110ee6d94ca2bf4a0f334 podman-plugins-debuginfo-5.4.0-20.el9_6.3.s390x.rpm SHA-256: a2740e014f5c486fc2fcec3f1961b8ae120faf3b237ab28488325b1db99f54aa podman-remote-5.4.0-20.el9_6.3.s390x.rpm SHA-256: fc8a9ddbe4b682052d5ac2a7ff622e244172184433d3847714baf4b2de1438ff podman-remote-debuginfo-5.4.0-20.el9_6.3.s390x.rpm SHA-256: 503c9e2fa7731c57f72dce215979cce1cb8cf085973b0e2d637642ca488a2c0e podman-tests-5.4.0-20.el9_6.3.s390x.rpm SHA-256: 0b82739dc76c3d91ada9cc13e38a80bf6f1d3b800b979a8d9f070c7451012841 podman-tests-debuginfo-5.4.0-20.el9_6.3.s390x.rpm SHA-256: d2db03034a557fe32ca96e08da8fed3835d683b472eb97dfaec4768ffbe5b106 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM podman-5.4.0-20.el9_6.3.src.rpm SHA-256: 9a76b2fb8d4882aef71a7b03f5cf1586c80ab9fb077147aca363516db036d57c ppc64le podman-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 8a9a83b9d05028515f63aae1042d7d76f98ff9ea5e62e54f257707bf07f185b9 podman-debuginfo-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 125227a3ae094cab76c02c5a2558d121a007f2bf98b0579499e2ad17ee3a88c1 podman-debugsource-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 6e93258837c4b1708100490182b798a57922ed2e1f932715051dd657bc681e61 podman-docker-5.4.0-20.el9_6.3.noarch.rpm SHA-256: 5153cdda2041d3da32dcfa73b8113e6d0e37c2026660d75886e90fbd1794f651 podman-plugins-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 618a104c3361f8d504b3ef19eef35e3c25cb7c4743943d4ae7b754c237927bd9 podman-plugins-debuginfo-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: da1171b8dd4f7aa5de00ddb1c5ec286784215c9ac0a1cc85772fd60fc0473848 podman-remote-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 6130d27b4313038c0cbc41e7b56fd4e02010551cc6a13811a8004a08ff73ecbf podman-remote-debuginfo-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: 3f6eff6c86d1f48e30a1caa52db287db9d8c2469e50cf92d9b01077e4efb0e23 podman-tests-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: e45991b1fbe0bf986fcc201dbd92d3a37f2cd9241e6f9c18098d8f7138099390 podman-tests-debuginfo-5.4.0-20.el9_6.3.ppc64le.rpm SHA-256: ced4db77806a08dc93a49ae342a580463995e3024f482f5f2552b6142e94f10f Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM podman-5.4.0-20.el9_6.3.src.rpm SHA-256: 9a76b2fb8d4882aef71a7b03f5cf1586c80ab9fb077147aca363516db036d57c aarch64 podman-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: e0ae7cd279ffb4314761c25b9b2988e9954107375bf2196530105b34eeccf711 podman-debuginfo-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: 0f2c0a48a666c87efb63d475366a8140a7147dd47a6f1caf26aa4e970efd5d57 podman-debugsource-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: a388b2f2c4ef190ff35db23f1c48bf823ce3a3f861a8dba31e026f4c6f38fcbc podman-docker-5.4.0-20.el9_6.3.noarch.rpm SHA-256: 5153cdda2041d3da32dcfa73b8113e6d0e37c2026660d75886e90fbd1794f651 podman-plugins-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: f98ac4c2e70852c51feed183563e8773b4bf97703dc02cf67b5477b7350c4f67 podman-plugins-debuginfo-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: 0d8187f01baacb8863d252a7825c7b7ad22ac1dff5a520790b30df36df11cfd5 podman-remote-5.4.0-20.el9_6.3.aarch64.rpm SHA-256: 626c4cccf46b71439d8ab8f70fba796c966ff954

Related Articles

HIGH RHSA-2026:19135: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19353: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19719: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19721: Important: opentelemetry-collector security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn