Red Hat Product Errata RHSA-2026:19475 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19475 - Security Advisory Overview Updated Packages Synopsis Important: osbuild-composer security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fix(es): crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2437111 - CVE-2025-68121 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url CVEs CVE-2025-68121 CVE-2026-25679 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e x86_64 osbuild-composer-132.2-6.el9_6.x86_64.rpm SHA-256: c0d70b80dde391ed89c8d1646a6b76a15809695ccb726d50e74c66519db8225c osbuild-composer-core-132.2-6.el9_6.x86_64.rpm SHA-256: 7cd4b4f704420ea79d74db62f40aded49dcb1f802d7a0234157a264e913ac1e8 osbuild-composer-core-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: 46e2b08dcaaa6fa1e79c422e9ced402e83aa77c57ad5a2de1968762d975dcff2 osbuild-composer-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: 9fb18632208b9f07ac36d9588f8d3e9b0b85ee2fb227bd3b2618c78c800111c4 osbuild-composer-debugsource-132.2-6.el9_6.x86_64.rpm SHA-256: 02df523a7558a9baeb2559430530f44c4b22d8dae69a466eed2a31b0ed7bfe6b osbuild-composer-tests-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: e599d8ed0586e46c86ff0fad8c5784916e6e13592b8322c64cca302eabbea9bb osbuild-composer-worker-132.2-6.el9_6.x86_64.rpm SHA-256: d16efaa6bf7291b7a7b54ab24b2c7b3e58133c914ba1b5d38edb53b209ecb89e osbuild-composer-worker-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: f97b3259c8c75a41a5ec2d268bcd09590a45b5de4df38545bc5f17abc4065c6f Red Hat Enterprise Linux Server - AUS 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e x86_64 osbuild-composer-132.2-6.el9_6.x86_64.rpm SHA-256: c0d70b80dde391ed89c8d1646a6b76a15809695ccb726d50e74c66519db8225c osbuild-composer-core-132.2-6.el9_6.x86_64.rpm SHA-256: 7cd4b4f704420ea79d74db62f40aded49dcb1f802d7a0234157a264e913ac1e8 osbuild-composer-core-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: 46e2b08dcaaa6fa1e79c422e9ced402e83aa77c57ad5a2de1968762d975dcff2 osbuild-composer-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: 9fb18632208b9f07ac36d9588f8d3e9b0b85ee2fb227bd3b2618c78c800111c4 osbuild-composer-debugsource-132.2-6.el9_6.x86_64.rpm SHA-256: 02df523a7558a9baeb2559430530f44c4b22d8dae69a466eed2a31b0ed7bfe6b osbuild-composer-tests-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: e599d8ed0586e46c86ff0fad8c5784916e6e13592b8322c64cca302eabbea9bb osbuild-composer-worker-132.2-6.el9_6.x86_64.rpm SHA-256: d16efaa6bf7291b7a7b54ab24b2c7b3e58133c914ba1b5d38edb53b209ecb89e osbuild-composer-worker-debuginfo-132.2-6.el9_6.x86_64.rpm SHA-256: f97b3259c8c75a41a5ec2d268bcd09590a45b5de4df38545bc5f17abc4065c6f Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e s390x osbuild-composer-132.2-6.el9_6.s390x.rpm SHA-256: bea6b3f6ec73b4b95100bc1b78d34b5a2fa693c971507c7037d4afe27af5f914 osbuild-composer-core-132.2-6.el9_6.s390x.rpm SHA-256: 05d84bf87f4c5123d2ef80a521ea308e72e4b832602d46690bd5b04e48e54197 osbuild-composer-core-debuginfo-132.2-6.el9_6.s390x.rpm SHA-256: e4149bdd9627c513cda91fa51128a8ad8c199a28ca14dc52523aa97812590289 osbuild-composer-debuginfo-132.2-6.el9_6.s390x.rpm SHA-256: c3c61a0d1767d4da39ed95a93fd6b799626810054804b7bbf92dbbf940d029a9 osbuild-composer-debugsource-132.2-6.el9_6.s390x.rpm SHA-256: 883e7d0d818ee20a3e27a049f45d6e319e6909d0e7dd86a5173ddef4e130ae3e osbuild-composer-tests-debuginfo-132.2-6.el9_6.s390x.rpm SHA-256: b02faa36c29d63be6c4d91401a3325be44703c4aba504f997366a704e7c90cc7 osbuild-composer-worker-132.2-6.el9_6.s390x.rpm SHA-256: 9c2c6f58c510e62720400a6c65a8cf3a611ff8433866a565143e5d6ae4586483 osbuild-composer-worker-debuginfo-132.2-6.el9_6.s390x.rpm SHA-256: aa187396c9ffa160e171632c0f6fc91e1f24116b5f563c58eab46e1e686a915d Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e ppc64le osbuild-composer-132.2-6.el9_6.ppc64le.rpm SHA-256: c002e944bf72bcafb60fe33887773e4c23b4bc3d448c706561127a0a6e191f72 osbuild-composer-core-132.2-6.el9_6.ppc64le.rpm SHA-256: a8157f803e141b5c7440c67e05722b712316e00071c2b760810fe9a7db2e4baf osbuild-composer-core-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: a9191646cc259d561b5c5b0ead0fdb9d38f20385daedb8d4d025e81ee31d4e33 osbuild-composer-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: b7f4e281d25e073a0cab1dcb046f599eefabcc4d30f3dcfaea29c3b24ebd2d89 osbuild-composer-debugsource-132.2-6.el9_6.ppc64le.rpm SHA-256: 7e7524a3e29f81e41a6025e8da3f68a1f633ff71eab0b67db9206e9ff1750a0d osbuild-composer-tests-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: 418067e85e14c0e777ee2ee4adb79f8b2dbfd4f9c93921b63296135a7862d65f osbuild-composer-worker-132.2-6.el9_6.ppc64le.rpm SHA-256: e52c0726ac63b0bf29d2e8e74b54998c90cdc75ecfea9af53035dc29419eba12 osbuild-composer-worker-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: 720666d6591c6a06f498f4f22721fbf2dc8f0aa1ecc89442bd790a42e6074aec Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e aarch64 osbuild-composer-132.2-6.el9_6.aarch64.rpm SHA-256: c529b12bd9e5af1aa98e9ba0081b5ed1b3339ba9749e842669bf564dca100dc7 osbuild-composer-core-132.2-6.el9_6.aarch64.rpm SHA-256: 427465e7b922b42d8f1a9f623d6bf491085d9f5c9e8b1b0448a97eb5626ca4ca osbuild-composer-core-debuginfo-132.2-6.el9_6.aarch64.rpm SHA-256: 8ca8496556efbb046c9063e23474d391daabc81c63164a55d404c497d838a8ff osbuild-composer-debuginfo-132.2-6.el9_6.aarch64.rpm SHA-256: 8175b3c0a123b19b9d3932d7a9f3da2f08dcde65d0b43cb966ed399d445e3cf0 osbuild-composer-debugsource-132.2-6.el9_6.aarch64.rpm SHA-256: 97624d1a8886bde03f844d42b5a3f5078565904a8a0dfd0947a7add348460f6a osbuild-composer-tests-debuginfo-132.2-6.el9_6.aarch64.rpm SHA-256: 6c38e2f600b3bb8424d9377687352785cb69cb09c5ca20c4c75858d2643bf536 osbuild-composer-worker-132.2-6.el9_6.aarch64.rpm SHA-256: 135617ca249aa13e3cf6b8d6fa017363ef1b38fc87dcd3a093ea53b8a0d64d79 osbuild-composer-worker-debuginfo-132.2-6.el9_6.aarch64.rpm SHA-256: 2110e76d6f6fe8dd62039ffc6f4a0075cd98926541cef546b7f88746e7bba1b7 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM osbuild-composer-132.2-6.el9_6.src.rpm SHA-256: 6bfd6a422ea7dbde9646fcd7f683c1abebcffffdb431c1ea01b56912b0f9c50e ppc64le osbuild-composer-132.2-6.el9_6.ppc64le.rpm SHA-256: c002e944bf72bcafb60fe33887773e4c23b4bc3d448c706561127a0a6e191f72 osbuild-composer-core-132.2-6.el9_6.ppc64le.rpm SHA-256: a8157f803e141b5c7440c67e05722b712316e00071c2b760810fe9a7db2e4baf osbuild-composer-core-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: a9191646cc259d561b5c5b0ead0fdb9d38f20385daedb8d4d025e81ee31d4e33 osbuild-composer-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: b7f4e281d25e073a0cab1dcb046f599eefabcc4d30f3dcfaea29c3b24ebd2d89 osbuild-composer-debugsource-132.2-6.el9_6.ppc64le.rpm SHA-256: 7e7524a3e29f81e41a6025e8da3f68a1f633ff71eab0b67db9206e9ff1750a0d osbuild-composer-tests-debuginfo-132.2-6.el9_6.ppc64le.rpm SHA-256: 418067e85e14c0e777ee2ee4adb79f8b2dbfd4f9c93921b63296135a7862d65f osbuild-composer-worker-132.2-6.el9_6.ppc6