Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19156: Important: rhc security update

cve-2026-32282red-hatcve-2026-32283
This security update for the Red Hat Client (`rhc`) addresses two vulnerabilities in its underlying Go components: CVE-2026-32282 (CVSS 6.4 MEDIUM), where `Root.Chmod` can follow symlinks outside the root, and CVE-2026-32283 (CVSS 7.5 HIGH), a denial-of-service flaw triggered by multiple TLS 1.3 key update messages. The affected Go versions are `go < 1.25.9` and `go >= 1.26.0 < 1.26.2`, with fixes provided in Go versions `1.25.9` and `1.26.2`. Red Hat has rated this update as Important and released patched `rhc` packages for Red Hat Enterprise Linux 10.
Read Full Article →

Red Hat Product Errata RHSA-2026:19156 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19156 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVEs CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 x86_64 rhc-0.3.8-4.el10_2.x86_64.rpm SHA-256: 77d83b45ded1ef49047d03eb0ec86c7eb94c551027be8fcf871e8c2271466b33 rhc-debuginfo-0.3.8-4.el10_2.x86_64.rpm SHA-256: 2a207bb81f73175434656540d124f25183e2b994ee7db812087989dc02089fd8 rhc-debugsource-0.3.8-4.el10_2.x86_64.rpm SHA-256: ab138540c9b1f10b87bf4065342c93e02d72d1b50001f31c96236fd21acde060 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 x86_64 rhc-0.3.8-4.el10_2.x86_64.rpm SHA-256: 77d83b45ded1ef49047d03eb0ec86c7eb94c551027be8fcf871e8c2271466b33 rhc-debuginfo-0.3.8-4.el10_2.x86_64.rpm SHA-256: 2a207bb81f73175434656540d124f25183e2b994ee7db812087989dc02089fd8 rhc-debugsource-0.3.8-4.el10_2.x86_64.rpm SHA-256: ab138540c9b1f10b87bf4065342c93e02d72d1b50001f31c96236fd21acde060 Red Hat Enterprise Linux for IBM z Systems 10 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 s390x rhc-0.3.8-4.el10_2.s390x.rpm SHA-256: 94045760d408cd485249e1ca7fc57919511c595db7abfc1b322e839448bde8f1 rhc-debuginfo-0.3.8-4.el10_2.s390x.rpm SHA-256: e3f97175b88fd862a61c2c41ab16449611c0ac148248ed571072b721daa2990f rhc-debugsource-0.3.8-4.el10_2.s390x.rpm SHA-256: 4b253529364e6ec79c76da4edeae40fd2fd4e7be55f4694d51baa7613de827b3 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 s390x rhc-0.3.8-4.el10_2.s390x.rpm SHA-256: 94045760d408cd485249e1ca7fc57919511c595db7abfc1b322e839448bde8f1 rhc-debuginfo-0.3.8-4.el10_2.s390x.rpm SHA-256: e3f97175b88fd862a61c2c41ab16449611c0ac148248ed571072b721daa2990f rhc-debugsource-0.3.8-4.el10_2.s390x.rpm SHA-256: 4b253529364e6ec79c76da4edeae40fd2fd4e7be55f4694d51baa7613de827b3 Red Hat Enterprise Linux for Power, little endian 10 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 ppc64le rhc-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 93f76c530a014b8d4b7c23209936df667af15899638b1ef0c3ffdc559e662e4d rhc-debuginfo-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 543259454cccde3e6fe00cb84ca223ef89bb261963341888259c237b46e54a18 rhc-debugsource-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 4dcc6f9f4fc6f4cf0c7d501cf4e562c4856215ef03124f0a6ff32e0dc3bfb215 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 ppc64le rhc-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 93f76c530a014b8d4b7c23209936df667af15899638b1ef0c3ffdc559e662e4d rhc-debuginfo-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 543259454cccde3e6fe00cb84ca223ef89bb261963341888259c237b46e54a18 rhc-debugsource-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 4dcc6f9f4fc6f4cf0c7d501cf4e562c4856215ef03124f0a6ff32e0dc3bfb215 Red Hat Enterprise Linux for ARM 64 10 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 aarch64 rhc-0.3.8-4.el10_2.aarch64.rpm SHA-256: ab9609c67800acdd49016ca319e3362077a873b4fe63bb254470640c989bcaee rhc-debuginfo-0.3.8-4.el10_2.aarch64.rpm SHA-256: c26a443fc633c64b5c34189e4f9b97b92324274c1004d87cdb3d02ece82538c1 rhc-debugsource-0.3.8-4.el10_2.aarch64.rpm SHA-256: 75972400d5e2810ff7496fe89db816d906b66695b9bf8302a0be79a96d8f4aea Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 aarch64 rhc-0.3.8-4.el10_2.aarch64.rpm SHA-256: ab9609c67800acdd49016ca319e3362077a873b4fe63bb254470640c989bcaee rhc-debuginfo-0.3.8-4.el10_2.aarch64.rpm SHA-256: c26a443fc633c64b5c34189e4f9b97b92324274c1004d87cdb3d02ece82538c1 rhc-debugsource-0.3.8-4.el10_2.aarch64.rpm SHA-256: 75972400d5e2810ff7496fe89db816d906b66695b9bf8302a0be79a96d8f4aea Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 aarch64 rhc-0.3.8-4.el10_2.aarch64.rpm SHA-256: ab9609c67800acdd49016ca319e3362077a873b4fe63bb254470640c989bcaee rhc-debuginfo-0.3.8-4.el10_2.aarch64.rpm SHA-256: c26a443fc633c64b5c34189e4f9b97b92324274c1004d87cdb3d02ece82538c1 rhc-debugsource-0.3.8-4.el10_2.aarch64.rpm SHA-256: 75972400d5e2810ff7496fe89db816d906b66695b9bf8302a0be79a96d8f4aea Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 s390x rhc-0.3.8-4.el10_2.s390x.rpm SHA-256: 94045760d408cd485249e1ca7fc57919511c595db7abfc1b322e839448bde8f1 rhc-debuginfo-0.3.8-4.el10_2.s390x.rpm SHA-256: e3f97175b88fd862a61c2c41ab16449611c0ac148248ed571072b721daa2990f rhc-debugsource-0.3.8-4.el10_2.s390x.rpm SHA-256: 4b253529364e6ec79c76da4edeae40fd2fd4e7be55f4694d51baa7613de827b3 Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 ppc64le rhc-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 93f76c530a014b8d4b7c23209936df667af15899638b1ef0c3ffdc559e662e4d rhc-debuginfo-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 543259454cccde3e6fe00cb84ca223ef89bb261963341888259c237b46e54a18 rhc-debugsource-0.3.8-4.el10_2.ppc64le.rpm SHA-256: 4dcc6f9f4fc6f4cf0c7d501cf4e562c4856215ef03124f0a6ff32e0dc3bfb215 Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 x86_64 rhc-0.3.8-4.el10_2.x86_64.rpm SHA-256: 77d83b45ded1ef49047d03eb0ec86c7eb94c551027be8fcf871e8c2271466b33 rhc-debuginfo-0.3.8-4.el10_2.x86_64.rpm SHA-256: 2a207bb81f73175434656540d124f25183e2b994ee7db812087989dc02089fd8 rhc-debugsource-0.3.8-4.el10_2.x86_64.rpm SHA-256: ab138540c9b1f10b87bf4065342c93e02d72d1b50001f31c96236fd21acde060 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 x86_64 rhc-0.3.8-4.el10_2.x86_64.rpm SHA-256: 77d83b45ded1ef49047d03eb0ec86c7eb94c551027be8fcf871e8c2271466b33 rhc-debuginfo-0.3.8-4.el10_2.x86_64.rpm SHA-256: 2a207bb81f73175434656540d124f25183e2b994ee7db812087989dc02089fd8 rhc-debugsource-0.3.8-4.el10_2.x86_64.rpm SHA-256: ab138540c9b1f10b87bf4065342c93e02d72d1b50001f31c96236fd21acde060 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 SRPM rhc-0.3.8-4.el10_2.src.rpm SHA-256: a915c14dd4238805a4b0797fb3fa122f0eda420ca7b948ba3a24f3e1a0fd84f3 aarch64 rhc-0.3.8-4.el10_2.aarch64.rpm SHA-256: ab9609c67800acdd49016ca319e3362077a873b4fe63bb254470640c989bcaee rhc-debuginfo-0.3.8-4.el10_2.aarch64.rpm SHA-256: c26a443fc633c64b5c34189e4f9b97b92324274

Related Articles

HIGH RHSA-2026:19369: Important: rhc security update Red Hat Errata INFO RHSA-2026:15980: Important: rhc security update Red Hat Errata HIGH RHSA-2026:16875: Important: git-lfs security update Red Hat Errata HIGH RHSA-2026:19139: Important: go-fdo-client security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn