Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:20609: Important: skopeo security update

cve-2026-2291red-hatcve-2026-34986cve-2026-32283cve-2026-32280
This security update for skopeo addresses three high-severity Denial of Service vulnerabilities (CVSS 7.5) in its underlying Go libraries: CVE-2026-34986 in the go-jose library via crafted JWE objects, and CVE-2026-32283 and CVE-2026-32280 in the Go `crypto/tls` and `crypto/x509` packages via multiple TLS 1.3 key updates and certificate chain building, respectively. The fixed versions are go-jose v3.0.5 or v4.1.4 and Go 1.25.9 or 1.26.2. Users of Red Hat Enterprise Linux 9.6 Extended Update Support should apply the provided skopeo update to remediate.
Read Full Article →

Red Hat Product Errata RHSA-2026:20609 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20609 - Security Advisory Overview Updated Packages Synopsis Important: skopeo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for skopeo is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2455470 - CVE-2026-34986 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32283 CVE-2026-34986 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec x86_64 skopeo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 07b1e185902de0affdb41d8ba9dbee84bae0916faae901ea783acb6c0063001b skopeo-debuginfo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: cfd698dda7e090f7dbd4ff20500a07f455a610c44efcaafc02e2fda1cbe90e70 skopeo-debugsource-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: c2559e779baa2c7a8449361adf7d49cfc2b2512691d4662442812e3710080bb1 skopeo-tests-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 94abccb5566d9b90279d59e9a68bd0b440a8865a09a25c409c8d0fc692dc6b8d Red Hat Enterprise Linux Server - AUS 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec x86_64 skopeo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 07b1e185902de0affdb41d8ba9dbee84bae0916faae901ea783acb6c0063001b skopeo-debuginfo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: cfd698dda7e090f7dbd4ff20500a07f455a610c44efcaafc02e2fda1cbe90e70 skopeo-debugsource-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: c2559e779baa2c7a8449361adf7d49cfc2b2512691d4662442812e3710080bb1 skopeo-tests-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 94abccb5566d9b90279d59e9a68bd0b440a8865a09a25c409c8d0fc692dc6b8d Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec s390x skopeo-1.18.1-5.el9_6.1.s390x.rpm SHA-256: adad0f1fe61eedf34b793823257085b6d23d8889b735b292e661e104f235cb45 skopeo-debuginfo-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 3ce3bec085f47d95ca5ad3e795200b759e3dc89cffd0317eca502a9359b837df skopeo-debugsource-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 210c60be8e368fbcf44f67b8743c77bb8c34e1369a05216273f49622b4d60aac skopeo-tests-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 46b62101bb249bd195408dc5847afab80279d8e4ee7880de43d9bf71e3b1fc9f Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec ppc64le skopeo-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: e86a7506580f084f813cb614b97baad92ad5c89cd4aaaa2c8cf4f089db573807 skopeo-debuginfo-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: 2bb11f08799210bdc089e53f263497ec44071e74638f6f20896b32159007bbc5 skopeo-debugsource-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: 8d3b71b0d3623dd5c8b84fde49cbdbbc7adaf18f3a4dfbf6594c8770567ef724 skopeo-tests-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: be1ad94e0aa70a468699d02928375c12f5810f3bfe9cb82d11f243e3089a0bba Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec aarch64 skopeo-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: b2d58cd41bb5a5353c9b37db78f89fca990ac1189a2e7aa38dec89ab20b4bd93 skopeo-debuginfo-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: 5ff58e4415b5f3a205d45c4d96bcb48d4eff731f57183f90b9d588f5fb3ba692 skopeo-debugsource-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: 38635f5a45da900859ccff28921e294ea7fe6ebe05f7ffa66ba92042e2994394 skopeo-tests-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: c301179673cb75b437fd945e299642d7ad74b7d8cccb38fca4732602f96f2e72 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec ppc64le skopeo-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: e86a7506580f084f813cb614b97baad92ad5c89cd4aaaa2c8cf4f089db573807 skopeo-debuginfo-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: 2bb11f08799210bdc089e53f263497ec44071e74638f6f20896b32159007bbc5 skopeo-debugsource-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: 8d3b71b0d3623dd5c8b84fde49cbdbbc7adaf18f3a4dfbf6594c8770567ef724 skopeo-tests-1.18.1-5.el9_6.1.ppc64le.rpm SHA-256: be1ad94e0aa70a468699d02928375c12f5810f3bfe9cb82d11f243e3089a0bba Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec x86_64 skopeo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 07b1e185902de0affdb41d8ba9dbee84bae0916faae901ea783acb6c0063001b skopeo-debuginfo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: cfd698dda7e090f7dbd4ff20500a07f455a610c44efcaafc02e2fda1cbe90e70 skopeo-debugsource-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: c2559e779baa2c7a8449361adf7d49cfc2b2512691d4662442812e3710080bb1 skopeo-tests-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 94abccb5566d9b90279d59e9a68bd0b440a8865a09a25c409c8d0fc692dc6b8d Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec aarch64 skopeo-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: b2d58cd41bb5a5353c9b37db78f89fca990ac1189a2e7aa38dec89ab20b4bd93 skopeo-debuginfo-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: 5ff58e4415b5f3a205d45c4d96bcb48d4eff731f57183f90b9d588f5fb3ba692 skopeo-debugsource-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: 38635f5a45da900859ccff28921e294ea7fe6ebe05f7ffa66ba92042e2994394 skopeo-tests-1.18.1-5.el9_6.1.aarch64.rpm SHA-256: c301179673cb75b437fd945e299642d7ad74b7d8cccb38fca4732602f96f2e72 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec s390x skopeo-1.18.1-5.el9_6.1.s390x.rpm SHA-256: adad0f1fe61eedf34b793823257085b6d23d8889b735b292e661e104f235cb45 skopeo-debuginfo-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 3ce3bec085f47d95ca5ad3e795200b759e3dc89cffd0317eca502a9359b837df skopeo-debugsource-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 210c60be8e368fbcf44f67b8743c77bb8c34e1369a05216273f49622b4d60aac skopeo-tests-1.18.1-5.el9_6.1.s390x.rpm SHA-256: 46b62101bb249bd195408dc5847afab80279d8e4ee7880de43d9bf71e3b1fc9f Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec x86_64 skopeo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 07b1e185902de0affdb41d8ba9dbee84bae0916faae901ea783acb6c0063001b skopeo-debuginfo-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: cfd698dda7e090f7dbd4ff20500a07f455a610c44efcaafc02e2fda1cbe90e70 skopeo-debugsource-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: c2559e779baa2c7a8449361adf7d49cfc2b2512691d4662442812e3710080bb1 skopeo-tests-1.18.1-5.el9_6.1.x86_64.rpm SHA-256: 94abccb5566d9b90279d59e9a68bd0b440a8865a09a25c409c8d0fc692dc6b8d Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 SRPM skopeo-1.18.1-5.el9_6.1.src.rpm SHA-256: 5f509be81d46bb8499548a296c551fa59d61edd69986b40eaf9e5cb835513bec aarch64 skopeo-1.18.1-5.el9_

Related Articles

HIGH RHSA-2026:19135: Important: opentelemetry-collector security update Red Hat Errata HIGH RHSA-2026:17287: Important: podman security update Red Hat Errata INFO RHSA-2026:19353: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19719: Important: opentelemetry-collector security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn