RLSA-2025:17429 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for open-vm-tools. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fix(es): * open-vm-tools: Local privilege escalation in open-vm-tools (CVE-2025-41244) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms open-vm-tools-12.5.0-1.el10_0.1.x86_64.rpm 5c5f72135c11113cab83ea67a2a34907abcdd69041994109446c400edc5554a7 open-vm-tools-desktop-12.5.0-1.el10_0.1.x86_64.rpm f01f15633d0f3ddfa95e93d0354ddfecb81e1e774713a5071216789efbcb5b5d open-vm-tools-salt-minion-12.5.0-1.el10_0.1.x86_64.rpm 016f1e9c9fc7f13accb0d34050e2c5334c4cea61a5ba70390ccfd161857671cf open-vm-tools-sdmp-12.5.0-1.el10_0.1.x86_64.rpm 2dcf190bf62602af9115e7416e6e53e9504cb5552b77df79a910026f9f219735 open-vm-tools-test-12.5.0-1.el10_0.1.x86_64.rpm 3323ea1e381ad7d2fdf9bf9465a15a956275ecb68be155700757e230d816f403 RLSA-2025:16904 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396) * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527) * kernel: cifs: Fix the smbd_response slab to allow usercopy (CVE-2025-38523) * kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682) * kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698) * kernel: s390/sclp: Fix SCCB present check (CVE-2025-39694) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.37.1.el10_0.x86_64.rpm 6620807fc413c4756a73686b87c120604f4bbc3fcc7ccb5fe7b4ac5bce8038cf kernel-debug-devel-matched-6.12.0-55.37.1.el10_0.x86_64.rpm 933772df44f3462cef011516cdd79210236bcf60ed7c6afd96b18dddd24a0bc0 kernel-devel-6.12.0-55.37.1.el10_0.x86_64.rpm 34402ae6c921d8f83b83d65de80af5b43aa4812b06fdfa0b56e46eff34cb45d4 kernel-devel-matched-6.12.0-55.37.1.el10_0.x86_64.rpm af1afbe46a380391124dc6f8c424523b8d5f506227c86ff5fac8e5f72d29e408 kernel-doc-6.12.0-55.37.1.el10_0.noarch.rpm a1ac32c34607833c710c5902cfc1018a04e20d4788d7266a6ccb821f47643d9b perf-6.12.0-55.37.1.el10_0.x86_64.rpm d0253bfc374472de9e966015782408be398d63ee6a1539f52a4dcb61885f8a06 python3-perf-6.12.0-55.37.1.el10_0.x86_64.rpm d915d151d3938c5e1dbfe867336ac5c80aa86273b4a019182b647499cce62f8f rtla-6.12.0-55.37.1.el10_0.x86_64.rpm ec608f944757a00cc51f05fdeaac51a93517b09d657610935e755c38c9ead19f rv-6.12.0-55.37.1.el10_0.x86_64.rpm 8ed204b15a5c3103804ffd13c00eb61febc85c3d041ad4807c463ca32fc9c05b RLSA-2025:17085 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-7493) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms ipa-client-4.12.2-15.el10_0.4.x86_64.rpm 49ee0017fcf48ad4b4b979bd88dc102ff50abaa85745cdbb5b8e5f2a37314337 ipa-client-common-4.12.2-15.el10_0.4.noarch.rpm bf2ffd4b0910fc72cae5d3600870555b49c6996b5ffe3867900c2b05488185ab ipa-client-encrypted-dns-4.12.2-15.el10_0.4.x86_64.rpm 7a882a3de30a47d94647cae3da069d3374604f3420605b5635042416997d791b ipa-client-epn-4.12.2-15.el10_0.4.x86_64.rpm b159c4d993240f45185788c72de0db8e9f191e0d14574c0f16cc475fef1afd53 ipa-client-samba-4.12.2-15.el10_0.4.x86_64.rpm e3422ada3e8c03c971a39a068d691789067e37937753e9472a519661bbeac610 ipa-common-4.12.2-15.el10_0.4.noarch.rpm b669a87218c94c65720ded545b0be47d09d53823ffde3e44b2c800a7e960c40f ipa-selinux-4.12.2-15.el10_0.4.noarch.rpm 9fcc498fdbeb59c1f3666a1fb65744fd3309ea356e2daa95b5f488134c90fc85 ipa-selinux-luna-4.12.2-15.el10_0.4.noarch.rpm 027300560ce6195962457cfbd64af0060014a378f1c90bcfe1dac67ec716839e ipa-selinux-nfast-4.12.2-15.el10_0.4.noarch.rpm b0ce410d8e96f7ac938714aedf2a6088ffc94cb80fd7d3f6e5dc92863e80eaa1 ipa-server-4.12.2-15.el10_0.4.x86_64.rpm f358a5398743c5d1bfe17b88689ec50d9520654a9b2bf15de7b9b566334ee712 ipa-server-common-4.12.2-15.el10_0.4.noarch.rpm 2d4629a5a13c49f35fa9ca50e3257dfec870ea8d687bf18bd9f9ec7b53fcf2d5 ipa-server-dns-4.12.2-15.el10_0.4.noarch.rpm 13cb1b4a2b64c0636a2902942e932bba7691219c1c0b1b6105ad6d4db00c6ba5 ipa-server-encrypted-dns-4.12.2-15.el10_0.4.x86_64.rpm b1cf56d62f6c06b79c0ce5acf5ef946621280ca685b1dc2ff913ffb25e644e17 ipa-server-trust-ad-4.12.2-15.el10_0.4.x86_64.rpm 27fe5c87266f967780897c6b89d5589694297e266f97434ed25fcefcf572a23b python3-ipaclient-4.12.2-15.el10_0.4.noarch.rpm 71d58a186df583d49049166b6469053fdca1b8f222122ce67b52f7da9a81e0ab python3-ipalib-4.12.2-15.el10_0.4.noarch.rpm ed44dd38a1d5d1918c30602fbb7e80d254231254f0d053b82b347d34c0246e98 python3-ipaserver-4.12.2-15.el10_0.4.noarch.rpm 24f51609ea8226d2f14c8873ec839e2e8bcaa6c00297792a1f09bc4e1d53b650 RLBA-2025:6597 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-x86-64-appstream-rpms libxml2-devel-2.12.5-5.el10_0.x86_64.rpm ff1ff742b1e316c5dfb1abc3cfb7c961d2616b62d38ee2ec40028d721032c00d RLBA-2025:6470 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for rsync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-x86-64-appstream-rpms rsync-daemon-3.4.1-2.el10.noarch.rpm 05b44dbb42deda398ce20f4b8d63426798dd81d5d172a998c62a84d59c74c958 rsync-rrsync-3.4.1-2.el10.noarch.rpm 18ccf31ba09020a528cd9660f1adfc5ff1717215ccd5f6ef92924fbde44d4989 RLBA-2025:5309 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_proxy_cluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10.0 Release Notes linked from the References section. rocky-linux-10-0-x86-64-appstream-rpms mod_proxy_cluster-1.3.21-1.el10.x86_64.rpm d47c785dca12aa85b80b4bb5a951c494434e77e0b6b1002fa9706aaf88706f29 RLSA-2025:7496 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libxslt. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libxslt-1.1.39-7.el10_0.x86_64.rpm 424ec2d278a17b6e0d7d062eb36acc9cc27dc9d7899342b8ff3595482909aab9 libxslt-devel-1.1.39-7.el10_0.x86_64.rpm 45f92355021a4ea8aff8065a9d34a3c6497d528c6f9238774f96f303e10407d2 RLSA-2025:7466 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve, golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341) * golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336) * crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms delve-1.24.1-1.el10_0.x86_64.rpm 3d8994c1eefdff65ec281695346f895e11411b23cdc99e0cb242746705e9742f golang-1.23.7-1.el10_0.x86_64.rpm 92a4267a632e10f6758bc0d347033ed0c1774c52aeff82bedc59b0a24b2e8682 golang-bin-1.23.7-1.el10_0.x86_64.rpm eefc1975a747f63c479e9426811a77a3db5332310d57719e611107592d936abe golang-docs-1.23.7-1.el10_0.noarch.rpm a173b0da2e4752bfec1cf06f363224f6fa16ddba7370e6f2ffb8247587a4bcf4 golang-misc-1.23.7-1.el10_0.noarch.rpm 7bc05ee75edf98cb9343ef66d21fe35c1c592c61ba91484f778ac863170b4c0f golang-src-1.23.7-1.el10_0.noarch.rpm 96f3dbb87940a6cfb09e7cc728c9fa35b1823688d51cdc133a0f9d051890835a golang-tests-1.23.7-1.el10_0.noarch.rpm 859c5d5d9e4832afaeaf815e3564bfe80ada878f8e9efec2845d1c0e0cadbe4f go-toolset-1.23.7-1.el10_0.x86_64.rpm 3e3532f951f9e51ad82f778aa05129910b1a9ea887588c3258a903af48d65884 RLSA-2025:7476 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-jinja2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * jinja2: Jinja sandbox breakout through attr filter selecting format method (CVE-2025-27516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-jinja2-3.1.6-1.el10_0.noarch.rpm 0be3f5f469b49779d362bfeb982bfa4e089c5ba06907aea63c842224e044f287 RLSA-2025:7484 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gvisor-tap-vsock-0.8.5-1.el10_0.x86_64.rpm 807c60e65b497f3a7439d900e72dd8c7efe2f0d6d32a52a4f626953fc47ceec2 gvisor-tap-vsock-gvforwarder-0.8.5-1.el10_0.x86_64.rpm 9ef0ba89cb4ea139e96688f28f124a4d4c433fcf63f821d85ac33d3fee278cce RLSA-2025:7510 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: heap buffer over-read in header_gnu_longlink (CVE-2024-57970) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms bsdtar-3.7.7-2.el10_0.x86_64.rpm f9266fbd3e3cb17c11e68579df7c30c3b1410f196747cf2322afc2afe9069480 libarchive-devel-3.7.7-2.el10_0.x86_64.rpm 01619c829ac6cbe6eb05bcc75a70e80947b4618190444b41694e3e6e5cea061c RLSA-2025:7500 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes (CVE-2024-56406) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms perl-5.40.2-512.1.el10_0.x86_64.rpm dab36262fee2fcd5d657f2ed802f7f537ef92f365c0460fe5820a9336d284801 perl-Attribute-Handlers-1.03-512.1.el10_0.noarch.rpm df82bff8696134f3dc521dd8b8443178771c46142a732b5626990b8c50b7f322 perl-AutoLoader-5.74-512.1.el10_0.noarch.rpm 2b4fca6da03e83a1f282dd4752b9f8f01c285fbabd0ff41d03ab8726d63cf223 perl-AutoSplit-5.74-512.1.el10_0.noarch.rpm 47d60990ce13c089eea37d3a61fcd0f19f9cd592c76e7f37c61feabc2dc9b63e perl-autouse-1.11-512.1.el10_0.noarch.rpm 2aed9a5c5c3c64195602f3745dfae8ce3810635d8cffadc3c000cc890ddd103c perl-B-1.89-512.1.el10_0.x86_64.rpm d7ce945009413f1423683bd51953c68814fd1bfd44e099420407281a71b1c7cd perl-base-2.27-512.1.el10_0.noarch.rpm 64cb01cd07d0b974b1fe31dafc1ee5b2de90cd38f9e6a7885ec3903b83e8f0b4 perl-Benchmark-1.25-512.1.el10_0.noarch.rpm 74ac8e111917550e3ae4bdc752e4021ce8d84ac96ea09db372c5902e59db11ae perl-blib-1.07-512.1.el10_0.noarch.rpm 9105b51ea0d25e084761b4c0090ac6a7920e6ec963b8205050ef0bd5953b9adf perl-Class-Struct-0.68-512.1.el10_0.noarch.rpm b0a5b9a9669ac59df8d16e5f193cc73e2cf6533f56f865fafc28ef0c9bcbe536 perl-Config-Extensions-0.03-512.1.el10_0.noarch.rpm 6f685d02211fce93b0617d99de4c02719ee94e418aaafa7e907a88e11fd861ec perl-DBM_Filter-0.06-512.1.el10_0.noarch.rpm 6f8f99b4dd16050e8554ca0dd65a11c063a26dfdffb224a626ccb3ae0633c5f8 perl-debugger-1.60-512.1.el10_0.noarch.rpm 8fc7bfa0a4fe63fd2e0da152b148598355d27c933e2460d2e9cc79050b352a65 perl-deprecate-0.04-512.1.el10_0.noarch.rpm 9f0afea047f8b7135faf0867cddc951eb1866c137a2cdc16ed9d99c6498aba75 perl-devel-5.40.2-512.1.el10_0.x86_64.rpm 40a2bb840b71193175aac0ed8afa89591a5cc6eba95ce1409b65843599632207 perl-Devel-Peek-1.34-512.1.el10_0.x86_64.rpm 981ab4855b79771240b99baf1c1e09020394177ac61cefb51229a45b871c8fdd perl-Devel-SelfStubber-1.06-512.1.el10_0.noarch.rpm c5e20dc46a76c81d39581bec7dba3cd34e8bcbd55d0d1695738030c898c97bed perl-diagnostics-1.40-512.1.el10_0.noarch.rpm 9b993ecbf537f9b8cf7fcc2bba8e9237dcbe10fbd1e00fe8b8055b5e3d6a7a8f perl-DirHandle-1.05-512.1.el10_0.noarch.rpm d64e1eccf3366c9be2a3998b26bdb732314caedfede71f45729f2b66e700a3aa perl-doc-5.40.2-512.1.el10_0.noarch.rpm ccbbf526615bcc2b8076d26e5b957bd587df1185b8a89f10050c80049edd50fc perl-Dumpvalue-2.27-512.1.el10_0.noarch.rpm cae22391d31b927192b3be47b2727061f4455c0a2102000ae3ccdec554d5e0f6 perl-DynaLoader-1.56-512.1.el10_0.x86_64.rpm e3d1b95e960eb91daf888d364117c261fa212d6a1c7467b99c10d882f8b5861a perl-encoding-warnings-0.14-512.1.el10_0.noarch.rpm 1fbd441fd14bde577f07caa18c9a65a54555bbc379fc93216692240e744d8d74 perl-English-1.11-512.1.el10_0.noarch.rpm b29f221e1a50532d874cd57b0640ccdab73bef336d474dc63b91370b064faa06 perl-Errno-1.38-512.1.el10_0.x86_64.rpm d07b66dc675781913395f181004b92c5410bb757acddc907d718eadd8125832f perl-ExtUtils-Constant-0.25-512.1.el10_0.noarch.rpm 673d5d8970de686dee8373ff9f98ac1c2402e68c83f39265122a76385961bc96 perl-ExtUtils-Embed-1.35-512.1.el10_0.noarch.rpm fdb1db30f202624588f7cbf745a4a6c8fca01afdf97210a5770510e7b9c2ace5 perl-ExtUtils-Miniperl-1.14-512.1.el10_0.noarch.rpm e72582fed4537442ae4e4a003b1dda5d9698598fb496633807bc081f0e9c15b9 perl-Fcntl-1.18-512.1.el10_0.x86_64.rpm 3bca9c5caef530dc901cb922df7b1b9df0bf8b01ad837417b2755c923a3186cb perl-fields-2.27-512.1.el10_0.noarch.rpm 76406839f2803d7b0cb0e251407e0b2a962badf80d05a23875258f25fce023b6 perl-File-Basename-2.86-512.1.el10_0.noarch.rpm 18fe7a38257dc997a05f6c6c28982b7eeb3b2f3e5faf691fb96d0e937841428a perl-FileCache-1.10-512.1.el10_0.noarch.rpm 2b487ea17c1aa09778b7dbbd7ac1b47dc6a93b26530fe20371b2bdb51258ad20 perl-File-Compare-1.100.800-512.1.el10_0.noarch.rpm 1881005b6b2bde554c16be1802d9bbcd5a909de38ee51ffec32a02583ddb0382 perl-File-Copy-2.41-512.1.el10_0.noarch.rpm fba17e4e04679f16bd6d6504978b8c6d087c92272c84dee25556d094a11c6d74 perl-File-DosGlob-1.12-512.1.el10_0.x86_64.rpm e67158989a020a01a02f76713b2de4af5602c6a5f0f00e5d1b4f400d8dfc3015 perl-File-Find-1.44-512.1.el10_0.noarch.rpm 4340329aebc6d4e2a20a4a0262490a02eab3c3f8c14cdbc56167041bfc406da6 perl-FileHandle-2.05-512.1.el10_0.noarch.rpm 3e39fb116ad7d27753bedcef1a6e820f63a60b4c5063bc43fdb243b9650a993a perl-File-stat-1.14-512.1.el10_0.noarch.rpm 69584b304b37a71085d1b1999832552e3dc1f121fa56d4f69a4e29a2e537fa65 perl-filetest-1.03-512.1.el10_0.noarch.rpm 40840e2b871078b6563e722341b7b125b6c9d53966929daeca5120eb6c5dd388 perl-FindBin-1.54-512.1.el10_0.noarch.rpm 9cad58324085e230d93182830c46360a175d1a0ffba308ceebc7b25f5a7a8038 perl-GDBM_File-1.24-512.1.el10_0.x86_64.rpm 1b7766f5326ea66720f16e17aa3637b8723b88213993ea30445b6f887f51614a perl-Getopt-Std-1.14-512.1.el10_0.noarch.rpm 99dcfad5e06149134c3ec786f6740c6c72b20ab6edb1cdc03369e2d4b2eb7767 perl-Hash-Util-0.32-512.1.el10_0.x86_64.rpm 68bac4efc4c630bd9a9314b88518b44b1b09f0863cbc70f14453be380cb69085 perl-Hash-Util-FieldHash-1.27-512.1.el10_0.x86_64.rpm 0e280af670366baac4b0dc2ddd745a8270d5ffbadbc919031e2f512fb88db7d5 perl-I18N-Collate-1.02-512.1.el10_0.noarch.rpm 6d20a8498404c9197de54883101b165edfe2b93c5c62070b361e40ae8e3b7f30 perl-I18N-Langinfo-0.24-512.1.el10_0.x86_64.rpm 2fc394642249abdecf6d7fd9cfef95afa28f48c55a920df9c39ccf8453aa73d7 perl-I18N-LangTags-0.45-512.1.el10_0.noarch.rpm 7f3c00984f9daf4674a3946e5cd3e42d38241c28cd50a538ad65b933038acb3b perl-if-0.61.000-512.1.el10_0.noarch.rpm 0e7302913d6133623cbe84b6f7cac2e372e6b05d5f79158b1856baf46a731c51 perl-interpreter-5.40.2-512.1.el10_0.x86_64.rpm 8b422784838b09c8b7fdf74245dd28af4e1977ef5bc79a1684b8d930ae4dd645 perl-IO-1.55-512.1.el10_0.x86_64.rpm e1855bc4c63117138c9babff75d7144eaad8e208c36b6f1d00dd410124f182eb perl-IPC-Open3-1.22-512.1.el10_0.noarch.rpm b457c4435a6f06fbc648180db5a51c4438d66b150001498f77ea7c211b372769 perl-less-0.03-512.1.el10_0.noarch.rpm 670ebc3d46f7503f84b3d69f79b0cb7ff7958b8e7253c1b33c195be31fc9e680 perl-lib-0.65-512.1.el10_0.x86_64.rpm d1dd10cd7302af86e9936fea486efa016e7cebfa81a6f1d7cda157cb86888938 perl-libnetcfg-5.40.2-512.1.el10_0.noarch.rpm 41de6c67a452247623014006b4ddb34678ea17acceb43e9df3d2c76725d51ae2 perl-libs-5.40.2-512.1.el10_0.x86_64.rpm e661a2a8107bd9cf2698c50adfa0163a166e57cc3820531ed99946c791a7540b perl-locale-1.12-512.1.el10_0.noarch.rpm d20218fb1d4cfb6ba774c3c65ada3fc3ed221a352046a7888d828c9cc1f04b53 perl-Locale-Maketext-Simple-0.21-512.1.el10_0.noarch.rpm 0748651e441428a3fe630edd8e59c7c4bd1298c11f73609870dd47f6f1fdbdea perl-macros-5.40.2-512.1.el10_0.noarch.rpm 29508d63ad1c04709cc244b49fee772f1b739c98a5cf40ef77655047e9cb9ab4 perl-Math-Complex-1.62-512.1.el10_0.noarch.rpm c65895672c9bb24c35443a82c397d44f2f1eaba3153f78cac25c474240025754 perl-Memoize-1.16-512.1.el10_0.noarch.rpm d7bce1afae95fba04201089bb45eda58f4a6dffe75e15396ae01735f47020508 perl-meta-notation-5.40.2-512.1.el10_0.noarch.rpm ceb2b652e10eb44fa6b0ab9d404ea5d1a504148c788298974b7f0dda845c996b perl-Module-Loaded-0.08-512.1.el10_0.noarch.rpm c4802ec4db4c080bf27de5740f4460b02dac0afcf04c90e96895d73d81e70caa perl-mro-1.29-512.1.el10_0.x86_64.rpm 3eac9e5583d2d83d280027dc43136fe0a8b104607e8758cff91ec393da0e4e1f perl-NDBM_File-1.17-512.1.el10_0.x86_64.rpm ea2d682eb97e5b124ca61c1b93e142d79dbb115c45fd22672fa25027501079aa perl-Net-1.04-512.1.el10_0.noarch.rpm 3f05fb3a1ccdbf490a8da8d17a6b2f49eb891ce079d12d37896a678226717001 perl-NEXT-0.69-512.1.el10_0.noarch.rpm 9bc98bc8feb85d727a82b56b0005d351538fa826649abcdc0d7f94dda0a3f72a perl-ODBM_File-1.18-512.1.el10_0.x86_64.rpm d64775f4e228d5e4a4a74a7c395e64d9a413e83f296c4e8ec4f7f0ce5f176449 perl-Opcode-1.65-512.1.el10_0.x86_64.rpm 66f32a70830cf973627ff5ab77425032e44736460175530425957c66f2d06fd6 perl-open-1.13-512.1.el10_0.noarch.rpm 5805aba0d8aac827b89fa9b1c6af7998c911c1189b0967b32307a0216270d0d5 perl-overload-1.37-512.1.el10_0.noarch.rpm 9c701c301917c4cd0a536917ee80b2fc29c532745afa6d840aac1e73ae420502 perl-overloading-0.02-512.1.el10_0.noarch.rpm 1567b7808f7d0a3664abddb60175c5009f301886b2b15a1c81ead50987300c5b perl-ph-5.40.2-512.1.el10_0.x86_64.rpm 9f95abe13ef1f4cf36936ee77de025740289a025ad0ca91f166d42aedc584869 perl-Pod-Functions-1.14-512.1.el10_0.noarch.rpm eeb09288b3ad9d99f248311e87142e9a46f7bc9989727a881b363ba4f6005c22 perl-Pod-Html-1.35-512.1.el10_0.noarch.rpm 8221ab5df8c2b1ee30ecb1582bbdf7ec18586516e5c84ebf0cb4f6555da9a7c2 perl-POSIX-2.20-512.1.el10_0.x86_64.rpm 47b661a5a42f9159ad9b8e5ab4f736c9449eab86f06ee996916767d6ea4ef83f perl-Safe-2.46-512.1.el10_0.noarch.rpm 6144a8a3c79c9e5a80b8607af9c539b134abb4008bcfa2eb0880a18a8459441f perl-Search-Dict-1.07-512.1.el10_0.noarch.rpm 51c258972fdd46bbd373502c17e6b48644f119ea220152a0d3a4b51c1700a0c5 perl-SelectSaver-1.02-512.1.el10_0.noarch.rpm 8431cdd6e9d962bbf1298e488b9e5af8bc7f184ecb81ddadb8fadf58ca223e88 perl-SelfLoader-1.27-512.1.el10_0.noarch.rpm 28d0a2be3dc6a6d05b9e81f46a68fee3d91b26b4461388400dce5b0f27966800 perl-sigtrap-1.10-512.1.el10_0.noarch.rpm d02f886ef561027bc19c4418b8de4b5bc7537fe3d35a17db4c2be08d5db132f6 perl-sort-2.05-512.1.el10_0.noarch.rpm f1430143b9693f9bc1e12d1a9df1544d48cd424fc43c3ba61502be710bc60740 perl-subs-1.04-512.1.el10_0.noarch.rpm 8918c1a21617b7914d8634e7eac6abde85e395b50e6a6e321b93a3968e7f3da4 perl-Symbol-1.09-512.1.el10_0.noarch.rpm 17ead97396a311f64f762f306ccf538c25d49404c16e5012fcfff7795db9a969 perl-Sys-Hostname-1.25-512.1.el10_0.x86_64.rpm 49b9ac284a4348889a6b0477402b103528ad8667b27068ddbc4217e4fa013f50 perl-Term-Complete-1.403-512.1.el10_0.noarch.rpm 66b362c03c004559eb0df57b25449a54fee5c3c473bf9ad824a949a0b9b7de9a perl-Term-ReadLine-1.17-512.1.el10_0.noarch.rpm 9634510df64298d518d9da81f0498e3c32b5770f5b09ca13b173d29b223c7621 perl-Test-1.31-512.1.el10_0.noarch.rpm 526ad97e3b7dcd8863fc3e778974b1472368f7d1a8f17b80a05788fa8a6fdd98 perl-Text-Abbrev-1.02-512.1.el10_0.noarch.rpm 4281e15c48c90708addcc97d41dd25ed9b69c773df3edfc024191d6446d1a506 perl-Thread-3.05-512.1.el10_0.noarch.rpm cc65ce65130f119bce6de89dccb7175ccb960bd6bbbbb2adfc271c4f74ea68cd perl-Thread-Semaphore-2.13-512.1.el10_0.noarch.rpm 86a92e6eb3c9000fb6ea1184ee93b94e0fb0a3ebb51fc4a69672ddf1dbb39749 perl-Tie-4.6-512.1.el10_0.noarch.rpm c504397313693520cb3b5ac42a41f4e460526b0a166eba98ebfe0267c58f9aff perl-Tie-File-1.09-512.1.el10_0.noarch.rpm 81d7b7e5cbc4c391f219ebb42adc67dabfe157c3f33b1d3f1ad9e54aa2b884d4 perl-Tie-Memoize-1.1-512.1.el10_0.noarch.rpm 21cc178b7ea848ba45ef3ffa2fe36ed8904fcae31f89b18a48d6cc535ac83a09 perl-Time-1.04-512.1.el10_0.noarch.rpm 1086aba3487a8b2a57d839272fb1e3cf43753f814604070a7469ef0e965d27ed perl-Time-Piece-1.3401-512.1.el10_0.x86_64.rpm 16d923b15f2098b493159dd7a66f279d59486e7ddd4971c0d29a2e0f9b0dc400 perl-Unicode-UCD-0.78-512.1.el10_0.noarch.rpm e946bb7b7bea19f5129b8a8f51f60b33fb9ef11f48252c61ba0821caa8348088 perl-User-pwent-1.05-512.1.el10_0.noarch.rpm 2e134003c8129f2b32aa4fe533959d092ec05a46c8dcca4388ba21cc680aef6e perl-utils-5.40.2-512.1.el10_0.noarch.rpm b57e93b65d5b1b9382282af8ae96173bc97169fa2afabb3eb3890745f973e30a perl-vars-1.05-512.1.el10_0.noarch.rpm 5a825accc7d995c71c719ec15ab84221c533a3abe6be6b061381d7606a4854b6 perl-vmsish-1.04-512.1.el10_0.noarch.rpm 1105ceabfffbdb6623a09ef153437cf83399cf3c9e90886af08debdef5ea9efb RLSA-2025:7494 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms tomcat9-9.0.87-5.el10_0.noarch.rpm b437e4fc937d6b74f899196746d369a6a92329101a31896fa56218c02f46d8f2 tomcat9-admin-webapps-9.0.87-5.el10_0.noarch.rpm 9d89438b2d7d2e13b6ca687b167d642ffaeaa56759ff8ae29ed4b0c6f999c116 tomcat9-docs-webapp-9.0.87-5.el10_0.noarch.rpm da4573e35e6a878c5d8b183fca36afb47d21bd6ddf6986b5036c8fda3a50c899 tomcat9-el-3.0-api-9.0.87-5.el10_0.noarch.rpm 633995220500848334199accb63d5fb50138965dc0ea0be7ba15ff6781f0bfcf tomcat9-jsp-2.3-api-9.0.87-5.el10_0.noarch.rpm 6998f6dff03a9fe84d0f74fe7d58d24d7e852dc4120eece360bfad99e4fd026b tomcat9-lib-9.0.87-5.el10_0.noarch.rpm b4ad34cca71a8de6a211fca37ab3c96e9b9c7ea305fed7b854295b1b4b834f5c tomcat9-servlet-4.0-api-9.0.87-5.el10_0.noarch.rpm 18e71ac028c3f2d5029044ab9c6f2b8b1f9e7807d493ae50a4cc5ca943de0197 tomcat9-webapps-9.0.87-5.el10_0.noarch.rpm 249400041e694a3f0a2163c207d03ea61a785931ebc8a089e7b48bfaf645da9e RLSA-2025:7497 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316) * tomcat: Apache Tomcat: DoS in examples web application (CVE-2024-54677) * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms tomcat-10.1.36-1.el10_0.noarch.rpm 4cf0f9042968d70ef2898c37fac49a01de1b1cfa3c328bb07b209e3d8dbff610 tomcat-admin-webapps-10.1.36-1.el10_0.noarch.rpm 9d6f90224fc1711fe2b7abdd716b0731eeffed54dd5cc1aa367e2b363761005f tomcat-docs-webapp-10.1.36-1.el10_0.noarch.rpm 6d0065b1bf9c100520228fb27d19e05a21a94c08f7afb93cccc1b8c481217c8a tomcat-el-5.0-api-10.1.36-1.el10_0.noarch.rpm 3976c9f95398f8f87e813ac6f2c3a79195a292f9e82730aa3c2eaaf89eb584c5 tomcat-jsp-3.1-api-10.1.36-1.el10_0.noarch.rpm e1d02f3b4da77ba27efd41c2081f47ff826e02cdb6f7178d694c7f0d690a79ff tomcat-lib-10.1.36-1.el10_0.noarch.rpm ea3e898fec9e468462d24e57789c94a1715e2bee582c87c2323232f238570be5 tomcat-servlet-6.0-api-10.1.36-1.el10_0.noarch.rpm ef37f975774200329ec5683bb10febc6cd7f6be8d8713a6834f245f604f6cf1e tomcat-webapps-10.1.36-1.el10_0.noarch.rpm 5001b035bd821674c28eca7704f915abfad1d76546fce19420e00a3452040571 RLSA-2025:7490 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for mod_auth_openidc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix(es): * mod_auth_openidc: mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data (CVE-2025-31492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms mod_auth_openidc-2.4.15-4.el10_0.1.x86_64.rpm 200ee122f0118eb9f7c1c3bea634efabf91983e047d60e13a03da69d44960702 RLSA-2025:7458 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms xorg-x11-server-Xwayland-24.1.5-3.el10_0.x86_64.rpm 33bc714d090fe12fddc4f7a93cca1497332d91736d55ed279e0a275819191b22 RLSA-2025:7462 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms podman-5.4.0-9.el10_0.x86_64.rpm a60ad650635c9cedd8468de0c971c474907afa160071ee37315bf5f3d0aab5d2 podman-docker-5.4.0-9.el10_0.noarch.rpm 7ae66cfa21aa2ec6ca3c8a9071719dbd74044bbae59aa125845f0deb025a6329 podman-remote-5.4.0-9.el10_0.x86_64.rpm cf075af04f31aec31f85746393fc679a5d5dbac880a5adde66b0d689f75d2851 RLSA-2025:7482 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: The sideband payload is passed unfiltered to the terminal in git (CVE-2024-52005) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms git-2.47.1-2.el10_0.x86_64.rpm 8341a005b5afbd3da5cf2085ac0495c40c375ece5c27c9414ab20a5c027040d1 git-all-2.47.1-2.el10_0.noarch.rpm bdac5c5ba4bfafed747139711d4f1914945210296dc86facf5432c7f99084f22 git-core-2.47.1-2.el10_0.x86_64.rpm a8cdd559dffec0d1057ece75c9faf968b98286785da2d62aa1cddb6ec2b4b0c6 git-core-doc-2.47.1-2.el10_0.noarch.rpm dff88d5bf97778c8ffa84c94fba0c513a974d8a22377dacb9d0d3d144e8ac113 git-credential-libsecret-2.47.1-2.el10_0.x86_64.rpm 63ff1cc5ca367d61093adf5b77d4b97a9bd562672f043b7dd5b05c73543bd79a git-daemon-2.47.1-2.el10_0.x86_64.rpm 91769656949b236f1b97ad5c846a34d7fca4aea23ef0eb69e8f6763933136040 git-email-2.47.1-2.el10_0.noarch.rpm 302cbdefd3aeef9e3cb6a60171ca3ff7359992cb4a9152b7108d104ea115f6d9 git-gui-2.47.1-2.el10_0.noarch.rpm d7de5ac4a009799fac2ddf54a02931c705ee1a98dfbb9c68d7896e07dd1d639a git-instaweb-2.47.1-2.el10_0.noarch.rpm a7b51b56a736417cf73bce8edb49e630148261994fafcf7452aadc661590c3f7 gitk-2.47.1-2.el10_0.noarch.rpm b3aee409817b28b7d56de0fb83098e1cc9beb2e16a62e94090dd8cfdebab8fcc git-subtree-2.47.1-2.el10_0.noarch.rpm 46242bbebcd1ad2839abfd60513fb03fd03784110b4f23a33292b9b36b2767e2 git-svn-2.47.1-2.el10_0.noarch.rpm 3bcd83dd028d37947088d1f3cd86a662a008b0ca693c9e3540f7e9b50b858c28 gitweb-2.47.1-2.el10_0.noarch.rpm 0decb63454ebe01d56cde889e20f36c21e1a53be754ff0371ace2d49352d47cd perl-Git-2.47.1-2.el10_0.noarch.rpm a71275b85f0a971d28ad5a09f367052c44662020585c0053e7ae7dda0527c0db perl-Git-SVN-2.47.1-2.el10_0.noarch.rpm 43f3df75d8bf0c722c592f13c33b87d3e1cb0939f38aa0849043d9b7a60c20b0 RLSA-2025:7478 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fix(es): * corosync: Stack buffer overflow from 'orf_token_endian_convert' (CVE-2025-30472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms corosynclib-3.1.9-1.el10_0.1.x86_64.rpm ab55164562ae56b3a6ef10fa4c21ef2fab92e30d2c4e4a1e704c3c76dc7e1345 RLSA-2025:7489 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for php. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217) * php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736) * php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734) * php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219) * php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861) * php: Reference counting in php_request_shutdown causes Use-After-Free (CVE-2024-11235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms php-8.3.19-1.el10_0.x86_64.rpm f8e369c37b1c94d4852411a992e20e579d7cc08e8d313db5fad599f6178bc0b3 php-bcmath-8.3.19-1.el10_0.x86_64.rpm 8ffc76244a39ad99ca2ea05d4bdc447e89061f2b35537d7f5eff23a0e487b123 php-cli-8.3.19-1.el10_0.x86_64.rpm 8f312184ffd2d6b1576b2affced456276dd2d8d1b76686a8f3c66cd782e6f51b php-common-8.3.19-1.el10_0.x86_64.rpm 79cc5ed19a42a4971bdb63b126567d4eb69bb0dfea86f78073e229654351748b php-dba-8.3.19-1.el10_0.x86_64.rpm dc30e19bca69bd947d8fabadf606b1baa1904b08f38d54421f7cc2c94127be1a php-dbg-8.3.19-1.el10_0.x86_64.rpm 559b9e61692aa55585f3076475379fa1f2b55a439b82d3a617527c2eea4582da php-devel-8.3.19-1.el10_0.x86_64.rpm a196b86f49e94e7f46a0dcf3424e3a09de782ae186650a9482c09e9cf8d3ec72 php-embedded-8.3.19-1.el10_0.x86_64.rpm c7e88f82cead8bd8ff92720d2658449fed821500fa1fbab37ec57e476920a215 php-enchant-8.3.19-1.el10_0.x86_64.rpm 76f78ccd85de0704cbbb6d730e0f3657504734f216df2f7a06ffdd998f31b3c7 php-ffi-8.3.19-1.el10_0.x86_64.rpm 85ad92a3fab46500bf8fd98dd997a7863bffeb9074fc9c4ef8ff8433691a35c0 php-fpm-8.3.19-1.el10_0.x86_64.rpm 6b4e908b9a44007a0e55437326eb007ba5034cd0ec3f892d0aa601e248b3bbbb php-gd-8.3.19-1.el10_0.x86_64.rpm 332c477127b88ec94da412f50c03fadd0af3d715614adcf26ac8745fbf241c25 php-gmp-8.3.19-1.el10_0.x86_64.rpm 5ea2b7b1c7116e2786b4c9a11755dd4b7be61bb0c9da65988271eec7a212d0af php-intl-8.3.19-1.el10_0.x86_64.rpm 82403da93300e71a3f542a14d410e9108a2ec8920b403565cf2e7339222c139c php-ldap-8.3.19-1.el10_0.x86_64.rpm 8c40ab1878378d643b2283b00e89d45e5d3d3af0d5b8013f7f06ad7a8d303e24 php-mbstring-8.3.19-1.el10_0.x86_64.rpm 7e8df612af62c3fa51fc67f3dc898b69196598196e8f01d4b0dcdf0dd137918a php-mysqlnd-8.3.19-1.el10_0.x86_64.rpm 6e686debf68f89b6a9d3a4037adcdab5c9c341271ce9b590064bcacc1c27eb3f php-odbc-8.3.19-1.el10_0.x86_64.rpm 4b3ca8a4f7f26ca1bd402dc622c3d8a69938bb6b08fc95a7d2fda6e7073a7727 php-opcache-8.3.19-1.el10_0.x86_64.rpm dc8dc81f917a68bf69bdd02dd132185a44099e1aaca8fe692f72f3fa1997162b php-pdo-8.3.19-1.el10_0.x86_64.rpm 2b0a25bc1b8fac2e6318221d8e51bbff165c3a60eedaf7b9c55a6f53a547a992 php-pgsql-8.3.19-1.el10_0.x86_64.rpm e7dcbef58d5ff4e4dc7befaf2c161eef18366a22573fc7a3baf3b4f49e0c7b40 php-process-8.3.19-1.el10_0.x86_64.rpm 5fa288c16df4c15b4d67f304c5bd54388b567b0b2a595ef2b5e987b69c1ba6cd php-snmp-8.3.19-1.el10_0.x86_64.rpm 6684d678ac5a11d08d4cfbafac71655c778e60603546e6ae86454699cb6e62ee php-soap-8.3.19-1.el10_0.x86_64.rpm 1a5877ebc41576509a1b0d47d874c02b7120e12f58c7e65d4316fdb88b06af44 php-xml-8.3.19-1.el10_0.x86_64.rpm 1c715bb6977badb91349ee50c7a78b23b76d0284205f1693dc50e6131eb6bbd1 RLSA-2025:7479 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868) * github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786) * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms opentelemetry-collector-0.107.0-9.el10_0.x86_64.rpm 6a85dd7963eb1b9b0e6a76c5fab1ec5aeedad8c476e4001d728924c40e2863c8 RLSA-2025:7509 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (CVE-2025-21605) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms valkey-8.0.3-1.el10_0.x86_64.rpm b9baa033f01c694f8b123802069c7b1ebbdd101c1c477e316687c674aa40abc0 valkey-devel-8.0.3-1.el10_0.x86_64.rpm 30d4068383ee9e088c80496a42c74d0b6cb66907ae468412d5e495085f92c2ca RLSA-2025:7517 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sqlite. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * SQLite: integer overflow in SQLite (CVE-2025-3277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms sqlite-3.46.1-4.el10_0.x86_64.rpm 137f04b22d74f4ddd32c120cd64d39eadc1a9e71113391d9be48a62a6caab894 sqlite-devel-3.46.1-4.el10_0.x86_64.rpm 47200ae400a32d7bc6525582d4d66c3990fa7a2d70dc3177a2aba44e5531b8cf RLSA-2025:7467 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for skopeo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms skopeo-1.18.1-1.el10_0.x86_64.rpm 51cbb69f69f7b361ead598157c4202f8c28ec55191b2bb82394518bdcab0a963 skopeo-tests-1.18.1-1.el10_0.x86_64.rpm f602b7c4fa46a57f34a64d291f49d6a2f4dd3acea602199b3812c5384213286e RLSA-2025:7459 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms buildah-1.39.4-1.el10_0.x86_64.rpm 424860a41a3c6be30509aafd6dad1d6233609a859c207ed598a46811849a26d1 buildah-tests-1.39.4-1.el10_0.x86_64.rpm 04de794150732cf258bbc0fa53691ab7c901ddc05fa33e0f2e8dbfc4de4a3fbc RLSA-2025:7512 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Expat is a C library for parsing XML documents. Security Fix(es): * libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms expat-devel-2.7.1-1.el10_0.x86_64.rpm ac44f4dadaaf64dce0101d921041edbfca7e26f14d9259a04435ff03e77b8826 RLSA-2025:7457 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for exiv2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fix(es): * exiv2: Use After Free in Exiv2 (CVE-2025-26623) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms exiv2-0.28.3-3.el10_0.2.x86_64.rpm 6c494c65bdd05728ba7601311720dee26fc03e84ee413c96543e1d46461c3b0e exiv2-libs-0.28.3-3.el10_0.2.x86_64.rpm f3e64409cde39e2b739b5d23066d3dce6a76a7353dad1e1ce14705fbd9aa58a7 RLSA-2025:7524 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xz. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * xz: XZ has a heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms xz-devel-5.6.2-4.el10_0.x86_64.rpm 6f0864986567120dc6cd94b10a23f633dd5a708fd7b2bd393689470335870f5f xz-lzma-compat-5.6.2-4.el10_0.x86_64.rpm aff1380bd16039034dcaaf33f71decf19523c614c707bec6360f1911294337dc RLSA-2025:7592 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fix(es): * yggdrasil: Local privilege escalation in yggdrasil (CVE-2025-3931) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms yggdrasil-0.4.5-3.el10_0.x86_64.rpm a2e40405821fcfb9e4fca51f0937adbff423bf3f683318f3a05d058d737b674b RLSA-2025:7593 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ghostscript. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * Ghostscript: NPDL device: Compression buffer overflow (CVE-2025-27832) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms ghostscript-10.02.1-16.el10_0.x86_64.rpm 8f6a4f89f0bca9dc3bfcb6e1a38e955b5979ac45660fff9fae3bf53c56ee994f ghostscript-doc-10.02.1-16.el10_0.noarch.rpm f4914cfd80f9e897646ac8e36f35e168dff0f5d687bedd1ecc1e5136f57ddfa7 ghostscript-tools-fonts-10.02.1-16.el10_0.noarch.rpm c86349f057a12bd7dcb6abc7f6f0724a83df500266b99fe894462a62ef242058 ghostscript-tools-printing-10.02.1-16.el10_0.noarch.rpm f20d5ba7b32a253d2c2a24a263142c8d24062116a76f8bb2d82a0ece4b9875ea libgs-10.02.1-16.el10_0.x86_64.rpm 14e42def6c713f54bd548ca9760c2dd068f4255da1f09c4963b61850d11044e4 RLSA-2025:7599 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms aspnetcore-runtime-8.0-8.0.16-1.el10_0.x86_64.rpm 388c835ccd252cc0087f329e3151759bd62255988ffeeba1f43c75f29819fec4 aspnetcore-runtime-dbg-8.0-8.0.16-1.el10_0.x86_64.rpm 5eed04e6362f189503c6d2389f673ffdb96d4c7f7bf7f00161ba7915e2b72b70 aspnetcore-targeting-pack-8.0-8.0.16-1.el10_0.x86_64.rpm 95f95ee75f965d636a6bcd3843b60618a35aa93e18fefc53dbfb0d8e3f896675 dotnet-apphost-pack-8.0-8.0.16-1.el10_0.x86_64.rpm 485cca658dc494f97b61b371d618482fd20120138259d2b9a35b44fc5507a1cf dotnet-hostfxr-8.0-8.0.16-1.el10_0.x86_64.rpm cdfecdda4a6ae5f6cf1c0b94426c51d332be54ec9e09e0907563b5bd7a5dcc6a dotnet-runtime-8.0-8.0.16-1.el10_0.x86_64.rpm 709e2143ec66a3efe307657b235a7770fefd0174084f8ddee3ce7ffce64aa3cd dotnet-runtime-dbg-8.0-8.0.16-1.el10_0.x86_64.rpm 8b8e566060a08ea726e0e6e26d14cbabda5d970335db923db0042a056b96168b dotnet-sdk-8.0-8.0.116-1.el10_0.x86_64.rpm 52d6f8d1d0e667f5b4cae116f534c4da070b1cef024674428d2bf2eb095cd2ca dotnet-sdk-dbg-8.0-8.0.116-1.el10_0.x86_64.rpm 8fd865e497f7b279ed97d0b4fb3b5df2f71b8d573ffa739e4f7905dfd3810672 dotnet-targeting-pack-8.0-8.0.16-1.el10_0.x86_64.rpm bcb942acc76d01a5094f992427abdbc25fce49a41d33dac94cbde6e560c7fdf9 dotnet-templates-8.0-8.0.116-1.el10_0.x86_64.rpm 31962c23f79bae59a15fb08e8c48e7fe5e8976d340fe0a34e75a831120eeb198 RLSA-2025:7601 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms aspnetcore-runtime-9.0-9.0.5-1.el10_0.x86_64.rpm 29e72f17a57d888b5a3ed9b594059afd32e1664c47ad167958b402c68e83ad5c aspnetcore-runtime-dbg-9.0-9.0.5-1.el10_0.x86_64.rpm e791e64d8375f5caa1e970fc51510285f30b56ee1bfeeb3b748e716a19b7c5a7 aspnetcore-targeting-pack-9.0-9.0.5-1.el10_0.x86_64.rpm 3c1bb33824d0a4f7bdd4c611df65e5416a9de602e3909fd56ee5915cfca7f471 dotnet-apphost-pack-9.0-9.0.5-1.el10_0.x86_64.rpm 8ebf077e29a7810ed204ede184bd8d862b4c45ea109004045478f2438df2e8c7 dotnet-host-9.0.5-1.el10_0.x86_64.rpm 186319456ef83970cf81b2a846bb31d4fa84dacd27f26eb9aeacae488a3acca4 dotnet-hostfxr-9.0-9.0.5-1.el10_0.x86_64.rpm 8c4f3478f89f3ab7520d6b41d9f9de9c33aebd63f54e30e244de0bb5233acaa4 dotnet-runtime-9.0-9.0.5-1.el10_0.x86_64.rpm f308f45b2324473c7f48781adf497d2b527d7e9a1975a1d25fd45497eaba55dd dotnet-runtime-dbg-9.0-9.0.5-1.el10_0.x86_64.rpm 8cc16b3c42814ec7047f3896d8461dd89e708a49fcda3a5d95316eb620a5891a dotnet-sdk-9.0-9.0.106-1.el10_0.x86_64.rpm 3b314a3c7894c06988dcece55d973cfd42f98bc1c286d32e14bcd6e26b0e17de dotnet-sdk-aot-9.0-9.0.106-1.el10_0.x86_64.rpm abdbd5c282409b15febaddba8220c4bb257dcb03c0a454705b6eca8b539c9c22 dotnet-sdk-dbg-9.0-9.0.106-1.el10_0.x86_64.rpm 9585d8759ea3275360a5e6315de6f97924542229f84fcda1ecae89d9db313c88 dotnet-targeting-pack-9.0-9.0.5-1.el10_0.x86_64.rpm 43a3b483221a2b52f88b9517d832dba94d8c619987aa57bdb47fc040b9774878 dotnet-templates-9.0-9.0.106-1.el10_0.x86_64.rpm 41f83dc2d6220e62cc12b9ca062254dc5056fd36031eb29e6d465c44c4879c9f netstandard-targeting-pack-2.1-9.0.106-1.el10_0.x86_64.rpm 271def804dc9ac7627dbf2e55833511db5597d42a9390d22d2d634d1983a77a8 RLSA-2025:7892 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect (CVE-2025-4123) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms grafana-10.2.6-17.el10_0.x86_64.rpm 98f2710f0993ab1b4309dee440cca877018da3f8d780f2be74dc0296e7ac5899 grafana-selinux-10.2.6-17.el10_0.x86_64.rpm f6badba70fc34869aa6b6b792b77d264eca32195efefac9fe87bdb7e9dbc2eaa RLSA-2025:7956 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CVE-2025-21966) * kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CVE-2025-21993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.12.1.el10_0.x86_64.rpm 7e6e7db007d49571a446c582b015176a650a2d47a9ee3dcb4395177d2cc68eec kernel-debug-devel-matched-6.12.0-55.12.1.el10_0.x86_64.rpm 7c35a82cc95f41bbf5142e0e7161d52883cf9c9b26b5e74ee080f54795b8c04b kernel-devel-6.12.0-55.12.1.el10_0.x86_64.rpm 92610c9a0cf82f31060d168fff17bb31627e0043020a8af461a3645c4b89b948 kernel-devel-matched-6.12.0-55.12.1.el10_0.x86_64.rpm f3e7040857d813270c533d2f390b5272534cf7a79996462506fb4de4d952e5d4 kernel-doc-6.12.0-55.12.1.el10_0.noarch.rpm 30db1e51640edd8a4b7c99aae38a28b8bdce6157ad1dd73f6eba9bd94dff1384 kernel-headers-6.12.0-55.12.1.el10_0.x86_64.rpm 53a260f0c34646b5eac893e2b3241a376bd8abe1361bc1f16bb80dd22528ee30 perf-6.12.0-55.12.1.el10_0.x86_64.rpm 1b4f6ca3e8c6595cc45b6e3ae518627b9e7a7cf780157266759646ee60edae39 python3-perf-6.12.0-55.12.1.el10_0.x86_64.rpm ec999d31b75ffbc7f4df97acbf7cf9a0623f0fd26025b6608a2e322f64403088 rtla-6.12.0-55.12.1.el10_0.x86_64.rpm 86bcfeb980c1143fe71f7899dfbc0754a3196fe45ef3952f9802d64cc2a05d9f rv-6.12.0-55.12.1.el10_0.x86_64.rpm 5b1bca4e3d92b809de9ab3b435bf9f276f37a63afd6fac58d0fd62e949f35c63 RLSA-2025:8047 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbounded name compression could lead to Denial of Service (CVE-2024-8508) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-unbound-1.20.0-10.el10_0.x86_64.rpm 189faad55c71c1103536f0328d17ce4b1f0b23f2e8979dad6a83f427d40b4424 unbound-1.20.0-10.el10_0.x86_64.rpm dd86a42294f9867ee0518a95e4e63134f958701204de2541d6ef388784c85224 unbound-anchor-1.20.0-10.el10_0.x86_64.rpm 0028c3dbb07a1f7d3dd7f4004fbe2ce6ee3835fb242905e5ab4690f198553bc1 unbound-dracut-1.20.0-10.el10_0.x86_64.rpm 3951aa3e66adca42cd1633fb3e4a91d62ffc50b223decd90a222d5a3ac12ff7c unbound-libs-1.20.0-10.el10_0.x86_64.rpm 6ea2493c22b4b81d59b954ed77ebe1f83680298a5a803106bbf5dad90ddc09a4 RLSA-2025:8125 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-128.10.1-1.el10_0.x86_64.rpm b329dbb46adde07165c8d5ffcd03f060f4b87652bd06a0f9eac07b005ad69ce8 RLSA-2025:8128 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. Security Fix(es): * libsoup: Denial of Service attack to websocket server (CVE-2025-32049) * libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header (CVE-2025-32907) * libsoup: Cookie domain validation bypass via uppercase characters in libsoup (CVE-2025-4035) * libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libsoup3-3.6.5-3.el10_0.6.x86_64.rpm f29e0a4b17589325465b8ef7a415ea18a97c013435838f7a6711335c9661abf5 libsoup3-devel-3.6.5-3.el10_0.6.x86_64.rpm 7a1e6c299bc4add67e0c398b48cfb486c204f68abbdc4b56f14245d63c6692ef RLSA-2025:8131 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ruby. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion (CVE-2025-25186) * CGI: Denial of Service in CGI::Cookie.parse (CVE-2025-27219) * uri: userinfo leakage in URI#join, URI#merge and URI#+ (CVE-2025-27221) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms ruby-3.3.8-10.el10_0.x86_64.rpm 70ae95a297053e87cbb2e9341cca336a7c9f8a867ef60ff7a562882f2ae618e6 ruby-bundled-gems-3.3.8-10.el10_0.x86_64.rpm 89936986d2afc2161b8071165951bee3761164715b7cd629a73311473807f9fd ruby-default-gems-3.3.8-10.el10_0.noarch.rpm 2904c2be6de7adbab5728cba1bf5f581345a9ec634bf41d756b327d5df6cdc1d ruby-devel-3.3.8-10.el10_0.x86_64.rpm 5a20093ead897937ce445bc3e2bee224ed290d9cc056ae02cc8d6be710dffba7 rubygem-bigdecimal-3.1.5-10.el10_0.x86_64.rpm 46079b4b796342aa70c1c5894c9b5a877b6532b84c97a2f645e086b6a99b1976 rubygem-bundler-2.5.22-10.el10_0.noarch.rpm d7b4cd0ea6f73904a04b3406e6ae24ec8054e6d370477622248c6da2d0cbba61 rubygem-io-console-0.7.1-10.el10_0.x86_64.rpm 87ac52e2d9bb3ce44e48e6aa84b7e235a5313254aa4356e86d4b7fa13edb477f rubygem-irb-1.13.1-10.el10_0.noarch.rpm 47789a9d47f47375f2265bbfba6a021f98d2f2840f774b8c8dcb2d64a11c79f1 rubygem-json-2.7.2-10.el10_0.x86_64.rpm cccb4ffae8ed26a79e679cc86c735f13ea845a4b1a68b7b52c8408b46b65dede rubygem-minitest-5.20.0-10.el10_0.noarch.rpm 443713643e31df383a0adb8f57a219441de801e241bcb862d3be37542d8c3d72 rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm fd83ea41220fdd4bcd8e00f692c937507141e2fac3adae231441766600ac83a9 rubygem-psych-5.1.2-10.el10_0.x86_64.rpm 6f543d900d338437ce57036bf04f1eb5b08e3f6d5a9e00b6c6d1778abf737c7e rubygem-rake-13.1.0-10.el10_0.noarch.rpm 18f422e254af9edb5743dd00a53c2ce7a4d0e04939a2ab9ac711a7bd264a1e84 rubygem-rbs-3.4.0-10.el10_0.x86_64.rpm d93ff9b87c443fcab891bf9534cfc659b1fa5de3c5c0677e1cd01ad4a075bc4f rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm 656cedbc171c0d9924948b15bb319b8220c71e29a74a040d6f4a4f1b3358dde0 rubygem-rexml-3.3.9-10.el10_0.noarch.rpm f63afbc11ae33c3c780e6b46f2f7274c2ef874656cfb4633779181a508e8cf9a rubygem-rss-0.3.1-10.el10_0.noarch.rpm 312bb55e83f14b500d7a0e5c911f8745d5b5d06a3fcd847fb314c943deb18d1a rubygems-3.5.22-10.el10_0.noarch.rpm bb066d3068ce2da7cefc8f9f89d01e223d2870bd4a509e0aad5ebf7432a860be rubygems-devel-3.5.22-10.el10_0.noarch.rpm d44c057b948919daf238b6b1463d7b1c47c91420a539346ccc8436b77387b527 rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm cde1cbfe9e860af0cd849fb742cffa0fe5128ceb80f93497b3f8571fa0752517 rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm 79fec13dace5e8b27fabccda2bf8904f5279779a88b3a67a4c156db8c03003da ruby-libs-3.3.8-10.el10_0.x86_64.rpm a811f03c640287ffd60053dbd416ee4f060b57912d567fa6e0cba899c6e551ea RLSA-2025:8135 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-tornado. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-tornado-6.4.2-1.el10_0.1.x86_64.rpm a000958cae7270e410a7c66849cbeea85cb91c411d01364bf8bb3416a8798498 RLSA-2025:8137 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CVE-2024-53104) * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-doc-6.12.0-55.13.1.el10_0.noarch.rpm 482583a6393ab29fbb7c2e4e5780c0fe2ec7a06756d38cf0a4b861fc4fa884e3 kernel-debug-devel-6.12.0-55.13.1.el10_0.x86_64.rpm 0e473cc96779d95939d97d4648fcd0736e1438f7861f81b909cda14311d3aab1 kernel-debug-devel-matched-6.12.0-55.13.1.el10_0.x86_64.rpm c4a96f139bb4e7ea209c8bfe95d3792fc664341ce07cf8cf439234fcbbd3230c kernel-devel-6.12.0-55.13.1.el10_0.x86_64.rpm 1f2b8ce29a0f680cf295fbb4c2bcd568c3100f083aa571fc19e74c9ada29da7f kernel-devel-matched-6.12.0-55.13.1.el10_0.x86_64.rpm 808f9e764665bb5ef55d88011c5c058b55da5f6ce93d9111054730d01a2196ba kernel-headers-6.12.0-55.13.1.el10_0.x86_64.rpm 29c925d2c49b81072bb1218216d3fc38b14c0436d9d742661c3f3f717f4a9e8f perf-6.12.0-55.13.1.el10_0.x86_64.rpm c35b0e3aaeb6c807211facdb1e95d7ea5a5adea202a0ca2512b50b58b1a6c3a0 python3-perf-6.12.0-55.13.1.el10_0.x86_64.rpm 33543b6e17ed68ff481215c3b26bdb5dd0b868dc7531f39e52e82a76f4ac21d0 rtla-6.12.0-55.13.1.el10_0.x86_64.rpm d3ed1e1fd6e6baedc1524372e903ea11e259fbd364fcabc05a4f9ebce8c20635 rv-6.12.0-55.13.1.el10_0.x86_64.rpm 2f36f92f43cab8711502edbb5703760c3b4b17dafe19ead82fccc1699c263a0c RLSA-2025:8184 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-3887) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gstreamer1-plugins-bad-free-1.24.11-2.el10_0.x86_64.rpm e6a0104c96cb43068cf5e534fbf4a72ceafd7e5e1d8a0ba846a6506156fbbf31 gstreamer1-plugins-bad-free-libs-1.24.11-2.el10_0.x86_64.rpm 6c4cbda231626cc4a4a0402f167ccc46f39f9cd165f3288a91dfa8dc58f6c3b9 RLSA-2025:8196 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909) * thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875) * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877) * thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-128.10.1-1.el10_0.x86_64.rpm df38eef7d3514705fcb0c7be5a0e458f87fee4b6fa7d6d7a3c1399ea002a4d96 RLSA-2025:8341 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-128.11.0-1.el10_0.x86_64.rpm 3c07a0f3bcc326c61d866fb7492809e20822bb93398d11284404c095be4a1bc8 RLSA-2025:8374 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CVE-2025-21919) * kernel: cifs: Fix integer overflow while processing acregmax mount option (CVE-2025-21964) * kernel: ext4: fix OOB read when checking dotdot dir (CVE-2025-37785) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.14.1.el10_0.x86_64.rpm a286d4a8fdebc5727476c5e58435c8bb9febcce06dc90f3ba1c3be38d1086939 kernel-debug-devel-matched-6.12.0-55.14.1.el10_0.x86_64.rpm 7ef02704d218a561b199fc56dbe367dcfaf1b548957816353819eb292c44e947 kernel-devel-6.12.0-55.14.1.el10_0.x86_64.rpm 55a0a89b2a042954f3f71e9094a0dcecdf86fdc40c50db32a65eaa6be215a9b7 kernel-devel-matched-6.12.0-55.14.1.el10_0.x86_64.rpm 824ff332a9610a73bf137f70c0183d76d1a9827dc973020fdb979d3bddf352d9 kernel-doc-6.12.0-55.14.1.el10_0.noarch.rpm 8adc17da86a9b84bffdd83f8677632954b97112d904de914093596db77ecb321 kernel-headers-6.12.0-55.14.1.el10_0.x86_64.rpm 83ccc50b53adfa3abaee8116d365fbef3818ddedfa3c9bb2b7d4f2171ee6630f perf-6.12.0-55.14.1.el10_0.x86_64.rpm b78a7b431548ea771963da2450a971e69096abd72fcb2d960595a132065d5ea3 python3-perf-6.12.0-55.14.1.el10_0.x86_64.rpm 3318ece7236dd12c5cb8801ff6e6b060250eaa5e9d88dab40fe5df7db2636f58 rtla-6.12.0-55.14.1.el10_0.x86_64.rpm 784c7de5d2b2fba431a0b45f16a9d18fa1c184645d0c284f05654be8d946ed11 rv-6.12.0-55.14.1.el10_0.x86_64.rpm e713ca00b88c18c09ed7307b8eed97dd92992088fccea8717535682e7a6013c0 RLSA-2025:8477 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms golang-tests-1.23.9-1.el10_0.noarch.rpm 3215e7950d792a9a14b68b16cc720ae61ec83fe3b50223d9fb441bcaee76e7c9 golang-1.23.9-1.el10_0.x86_64.rpm 6faa1847c883a4569a060f1f6c9c9d5e36228eaa78c9ff52e60d9a9c2ce57816 golang-bin-1.23.9-1.el10_0.x86_64.rpm 921831308c55a262edbb2eb845c909b54a7e477f08e4c15daba9bd602295478c golang-docs-1.23.9-1.el10_0.noarch.rpm bdd2760b73c9324ad1b4499a8f0ac93db56f828057b077941bb8e625050d26a7 golang-misc-1.23.9-1.el10_0.noarch.rpm 69b802400d4176e7bad9d0c1f1b5d73e5b76c67b3e976c8e150d266ce45a7ced golang-src-1.23.9-1.el10_0.noarch.rpm 431c56db3fafa2e52ebeaf24f7722efd266be7ac65dfbb6ce76ec106d22711b8 go-toolset-1.23.9-1.el10_0.x86_64.rpm a7ab5309bfb0665bcd87d7502ca18178c886850cde21d423ff84b4b2516788f5 RLSA-2025:8493 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for nodejs22. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices. Security Fix(es): * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms nodejs-22.16.0-1.el10_0.x86_64.rpm e0a3bb6b73c924de382fdda4c2e31c8219df51688af75db1ac7adc756c20027c nodejs-devel-22.16.0-1.el10_0.x86_64.rpm 86c85e51c743291cc691708da372f6c57b325c900c35bc4473a0d0304aed0e5c nodejs-docs-22.16.0-1.el10_0.noarch.rpm f120d25fe9ff48ab63fa1691b7c726ce10a6aea9d36e5fd8d312b8da1618d995 nodejs-full-i18n-22.16.0-1.el10_0.x86_64.rpm c1edee59ad58d62edc8dbfd89090e590e5cac438ecd29be812591c4999d714de nodejs-libs-22.16.0-1.el10_0.x86_64.rpm 200941a2cd22cf289eab52ec40b0c5d557fd47af01d2f84a3c4f0a9aa3f3c356 nodejs-npm-10.9.2-1.22.16.0.1.el10_0.x86_64.rpm 87e9b446e12688563c6ab9d6db073d00cf52b91b9f7b9061b6af9cc0c8d7eb96 RLSA-2025:8550 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for varnish. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: request smuggling attacks (CVE-2025-47905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms varnish-7.6.1-2.el10_0.1.x86_64.rpm c20f035f05607334518cae9c3a647021a7f0c65029e69b632c7f535d4bccf3b2 varnish-docs-7.6.1-2.el10_0.1.x86_64.rpm f24c53c020983c8fe892c808c5a30718400dda1446876f02b55ed88d59a2dbd5 RLSA-2025:8608 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-128.11.0-1.el10_0.x86_64.rpm f1c1dc755fe7f836cfdf0b57c7b735be55384302c33d8d3a29c1c10ea837d92c RLSA-2025:8636 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl-FCGI. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FastCGI Perl bindings. Security Fix(es): * perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms perl-FCGI-0.82-13.1.el10_0.x86_64.rpm 22fe2f5b524dee635bbe9b23e8e0bdc3e0e9e9ae2c5fac9a8ab4b6040507c91d RLSA-2025:8666 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms grafana-10.2.6-18.el10_0.x86_64.rpm 62723e03850e9397dd62929a702071525c3b5dab747adf56f2ce0f69b16f0ebc grafana-selinux-10.2.6-18.el10_0.x86_64.rpm 9163eb0ff2c707faa39102249b4a1dbc0be6461aec1be27b53dc25c2af805566 RLSA-2025:8669 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: vsock/virtio: discard packets if the transport changes (CVE-2025-21669) * kernel: net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926) * kernel: xsk: fix an integer overflow in xp_create_and_assign_umem() (CVE-2025-21997) * kernel: net: fix geneve_opt length integer overflow (CVE-2025-22055) * kernel: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CVE-2025-37943) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.16.1.el10_0.x86_64.rpm a9906190190610829e55ad4d0ab0751a45eb5f4f86e25193b142bd511a47c568 kernel-debug-devel-matched-6.12.0-55.16.1.el10_0.x86_64.rpm b1cacbed666ee5c1b45b0d8ace58a6e5a75a0818675765a8d0515751ffe91d89 kernel-devel-6.12.0-55.16.1.el10_0.x86_64.rpm e915c4cd2a1a0c1c9f0dc27b7470d078e2bea7ca50e162db147ca8a5a5f3e807 kernel-devel-matched-6.12.0-55.16.1.el10_0.x86_64.rpm 3a72e23f83e4c44bf58dfc692d60ccffcdaada8a239bb3a0090ec054404ddbda kernel-doc-6.12.0-55.16.1.el10_0.noarch.rpm c6d7acac1e26b0a460bdc40b0adb14fc465b0198f2359a7c8f677efe8321b0e5 kernel-headers-6.12.0-55.16.1.el10_0.x86_64.rpm fb83c9cba4438763ee8a4fd624267dcc943db9b98a340c32c961cc803be3afd9 perf-6.12.0-55.16.1.el10_0.x86_64.rpm 82426a8d77e86caaeba27c2389ddb9f1007bc18e60bde758a6056aefee9e3102 python3-perf-6.12.0-55.16.1.el10_0.x86_64.rpm 86230f71c2a0e6f78881c74d927023a6045594230a332ae167352cf9b79e8ad8 rtla-6.12.0-55.16.1.el10_0.x86_64.rpm f3c79c56a38663eb9031a3d57eae1fe9fd639d3b111756523b7852990cee82aa rv-6.12.0-55.16.1.el10_0.x86_64.rpm c7e6f859ec79bf36cbea6618a8c9f802a215238d02d47d7952c8b7d859f75860 RLSA-2025:8814 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime 8.0.17.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms aspnetcore-runtime-8.0-8.0.17-1.el10_0.x86_64.rpm d7457edcf64104290e89bcd6e67d4888b2dd228c73c898f07eb813922525fc6c aspnetcore-runtime-dbg-8.0-8.0.17-1.el10_0.x86_64.rpm 81b3d47f6a07283b88335cf508da39043582841f6abf74d48e860a0b809d7437 aspnetcore-targeting-pack-8.0-8.0.17-1.el10_0.x86_64.rpm 5ba66ceb0130590205e56adb6d115b7ac8a7d87e75b627d3b500fd529bd9be76 dotnet-apphost-pack-8.0-8.0.17-1.el10_0.x86_64.rpm 20efa2a1037ec127a623051ff884b32c9a0c8bb24caaaee5556002603ec05c4b dotnet-hostfxr-8.0-8.0.17-1.el10_0.x86_64.rpm c7377e1e5e2d62ef184fdfe03aef71d0687b6d67b56728475be71279a71360f4 dotnet-runtime-8.0-8.0.17-1.el10_0.x86_64.rpm 64485edea771c314b7e90d1d3d1da8b69425d90c8c501f916dc6997b3b80cb31 dotnet-runtime-dbg-8.0-8.0.17-1.el10_0.x86_64.rpm de112ccd80614b9347597f4d0e66f3cc6df90ba7f42bfb5dab1f7b2b5d57ab9c dotnet-sdk-8.0-8.0.117-1.el10_0.x86_64.rpm 538191263c89b69b9170ff0d73824be46167996ab7d741c6880899e9d4a58fa7 dotnet-sdk-dbg-8.0-8.0.117-1.el10_0.x86_64.rpm bd7328292046cda9b169fdff431231efd38059fc3bb9da02be930e973fefc795 dotnet-targeting-pack-8.0-8.0.17-1.el10_0.x86_64.rpm b8deca062cf0d57437e15f5d92b16022fc1e861b6fe1fb76978e8d64d1c67bd9 dotnet-templates-8.0-8.0.117-1.el10_0.x86_64.rpm c35bd8d3d10e3984f953fc85da86334b2e69cae1749f0cc99cf4f8cf409d9f0a RLSA-2025:8816 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms aspnetcore-runtime-9.0-9.0.6-1.el10_0.x86_64.rpm 705c491227203f85fe6499e8e02ad3015176324ead6195f39985c5eb01d86f52 aspnetcore-runtime-dbg-9.0-9.0.6-1.el10_0.x86_64.rpm f052f013d30c77fc2ac9c9466a22181bd055019b93d82548dd94fd7e5c9aa3a7 aspnetcore-targeting-pack-9.0-9.0.6-1.el10_0.x86_64.rpm 652ea2e12d972630d963f998463286cc3704f7ade5190a394bf7fa6251c5513a dotnet-apphost-pack-9.0-9.0.6-1.el10_0.x86_64.rpm 32619a78651556c03ed237d2909c8c846f516deb832683d3b207098c30481b02 dotnet-host-9.0.6-1.el10_0.x86_64.rpm bf48a5f3cc792ec3540947f59fccdbfdd9124824c5ffe75939b14de6f0b2ea2d dotnet-hostfxr-9.0-9.0.6-1.el10_0.x86_64.rpm 016df7700bf1c5268e708a87b76369ad7c46c73759b72ad667cf02e47447c9ad dotnet-runtime-9.0-9.0.6-1.el10_0.x86_64.rpm a9034080fadfd40c5c1688fa55cb61f649852fe4441dace19a0db77a3adf107e dotnet-runtime-dbg-9.0-9.0.6-1.el10_0.x86_64.rpm 0ba7bc5bd42669e0ed5b2a8c606f2419fb6a7bbe2dea3780529b1048317abfac dotnet-sdk-9.0-9.0.107-1.el10_0.x86_64.rpm a1dbb49c11eb2d61bb5208edacb66ab385ede8682d8c3a642bd661db6b36e6e7 dotnet-sdk-aot-9.0-9.0.107-1.el10_0.x86_64.rpm a0ca032b71f16e9278c4b46b350b98a851b7866ee782d660da4975c9ea2aae5c dotnet-sdk-dbg-9.0-9.0.107-1.el10_0.x86_64.rpm deb362101e4b64949568e6ecf0b17870eeeeb67490aab4e38a1e3c571d0a529d dotnet-targeting-pack-9.0-9.0.6-1.el10_0.x86_64.rpm 0e123835604160ac584d89fbc0bcd7870d31dedd3b91a49f64d2ec4acf843544 dotnet-templates-9.0-9.0.107-1.el10_0.x86_64.rpm 49adfb4f8c2a633e811b2ab82c20851aea023c299973f1796e56c66104ddb068 netstandard-targeting-pack-2.1-9.0.107-1.el10_0.x86_64.rpm bf590a6382cb40226366e696d9dcef5665ade53de545d21198ea8b16bb1777ce RLSA-2025:8915 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for grafana-pcp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms grafana-pcp-5.2.2-3.el10_0.x86_64.rpm cd3df4b2432f3a954d7188e94c7652e52c30bb1a4bfccfae21d9cec5c528af78 RLSA-2025:9063 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms git-lfs-3.6.1-2.el10_0.x86_64.rpm 1c545e395f9feb53671d3ce7cfcba7a39e8b398c89c03a50dfd19584be853037 RLSA-2025:9079 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764) * kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CVE-2025-21887) * kernel: keys: Fix UAF in key_put() (CVE-2025-21893) * kernel: cifs: Fix integer overflow while processing closetimeo mount option (CVE-2025-21962) * kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (CVE-2025-21969) * kernel: cifs: Fix integer overflow while processing acdirmax mount option (CVE-2025-21963) * kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy (CVE-2025-21979) * kernel: smb: client: fix UAF in decryption with multichannel (CVE-2025-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.17.1.el10_0.x86_64.rpm bb99423b3a9b5a74a0af6e3b095a3e86171b81f49470b8a07431a83412087f8e kernel-debug-devel-matched-6.12.0-55.17.1.el10_0.x86_64.rpm a645684deeda844774231ce9f6d2eadedc3d2e422368603b7059c35312b3184b kernel-devel-6.12.0-55.17.1.el10_0.x86_64.rpm 66bad4a164658704e1c54867b9450c9aa4f137e4baffb5360abd25331a5740a9 kernel-devel-matched-6.12.0-55.17.1.el10_0.x86_64.rpm 1f2fa53b051ed1057f7536df5a4063089c2d8a941ad23571b55d2492e02f7bba kernel-doc-6.12.0-55.17.1.el10_0.noarch.rpm 87ac85377552a790aad9fc9c5706e32c3dcb9be01df4e2dc52840555e14e7cb3 kernel-headers-6.12.0-55.17.1.el10_0.x86_64.rpm 68fc11f3b9a20c06fc867b5e3286f819dea5df6bfaadfbee0a74313bad776675 perf-6.12.0-55.17.1.el10_0.x86_64.rpm e158edc6a0becef1b8dac15c3a169df6cb9110b56e0118bfc9033319e5afff92 python3-perf-6.12.0-55.17.1.el10_0.x86_64.rpm 3a9993904cc19d238960bd0ca2858197e97ea1c672f7b90cf92c32ba89d501ca rtla-6.12.0-55.17.1.el10_0.x86_64.rpm b689ad5e811e2d550e8202e0da07605b4aaa6c62718fabd267e6291e803d0d85 rv-6.12.0-55.17.1.el10_0.x86_64.rpm 3fe1b5b4a5645aeadb34788e327ee209c7bbdb9a44fda0a47737335a0dce52da RLSA-2025:9120 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double-free in libvpx encoder (CVE-2025-5283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libvpx-1.14.1-3.el10_0.x86_64.rpm f1c002b0172b5ffe79cdceac98fb2d2d793ce38280bf84b40704a7f4330d6da0 RLSA-2025:9121 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for wireshark. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix(es): * wireshark: Uncontrolled Recursion in Wireshark (CVE-2025-1492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms wireshark-4.4.2-3.el10_0.x86_64.rpm c6f11b228aea2c3e711af4b8938367d80ef51d2652de6e52fa18dbb8a16d7bf6 wireshark-cli-4.4.2-3.el10_0.x86_64.rpm aeb95e2aeb9a2276ef09580609cb934ede3119b27832303d651492fa572d6176 RLSA-2025:9148 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms buildah-1.39.4-2.el10_0.x86_64.rpm dd92f9af51c1f497e10caa6e8d25ab1bcd044e9c784b31e592a9d474f5d13a54 buildah-tests-1.39.4-2.el10_0.x86_64.rpm 5d6ab8d2b67d54722aa9929e4cc13b1a31221d2004fb4ec158212231e18c33f1 RLSA-2025:9146 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms podman-5.4.0-10.el10_0.x86_64.rpm ac6b808b6d96e1432e7c69cbaf4d400959c8c0336bc934e5d832b88be6c7d5e4 podman-docker-5.4.0-10.el10_0.noarch.rpm 72ee4b59f086d755726270ee648923634a2c7363eaecb7668975444143214d9f podman-remote-5.4.0-10.el10_0.x86_64.rpm ab29ed6dbed2382d192acd0ba0218c1432b7a0dc16f659ae9829acf0cd6648b1 RLSA-2025:9149 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for skopeo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms skopeo-1.18.1-2.el10_0.x86_64.rpm c7c0b6bdc3637038ea43981f6f352e50901b153409a6481ae24d3742922d806a skopeo-tests-1.18.1-2.el10_0.x86_64.rpm 46087c9efe78988ed397604f87cf55f004867f2372a9bcfe25612cee8e2c2806 RLSA-2025:9151 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gvisor-tap-vsock-0.8.5-2.el10_0.x86_64.rpm d8da08df95c7101b812fc44286073a5bd8105e4aa182a10fcc844aafa5612aa4 gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.x86_64.rpm 615e3023b9c853f240e62e60cd3fc850c3d95af1a155e2c09b8e8ff83fc55c37 RLSA-2025:9156 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms ipp-usb-0.9.27-3.el10_0.x86_64.rpm 0c2430bb72e5d3121209085be5a704cde4ab75affd241d021da44da388313ad6 RLSA-2025:9178 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kea. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon. Security Fix(es): * kea: Loading a malicious hook library can lead to local privilege escalation (CVE-2025-32801) * kea: Insecure handling of file paths allows multiple local attacks (CVE-2025-32802) * kea: Insecure file permissions can result in confidential information leakage (CVE-2025-32803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kea-doc-2.6.3-1.el10_0.noarch.rpm 6275f987ab175c2cd3f1d3f921183882763992ecd48cfdf1f198505441ac888d kea-hooks-2.6.3-1.el10_0.x86_64.rpm 420f5a9dd89eb94aa5ad9550af7319cb7dee2fa6835889ca30ac9ef66c0690c4 RLSA-2025:9190 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-4404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms ipa-client-4.12.2-15.el10_0.1.x86_64.rpm db6e504bd578f3415fa12d81edb0f9e2a91fb85775aa9310e0b6bdb72b55b70e ipa-client-common-4.12.2-15.el10_0.1.noarch.rpm 6c1ae01a5131f824bf97c644496f68706f567b22085c430ca56bc03afb053207 ipa-client-encrypted-dns-4.12.2-15.el10_0.1.x86_64.rpm d6a65274cbeeb61ac418a710f7681dafd11ac44cb5af1e36c3a087fb683bbf84 ipa-client-epn-4.12.2-15.el10_0.1.x86_64.rpm bd0c5c3276c9d3b414594cabc0b8a85559da55fcfff3bfc347d0e64ee9485a00 ipa-client-samba-4.12.2-15.el10_0.1.x86_64.rpm 1b2db2f76203e45beaa4dd209eb334b82d7ba40ad12d54f4b78c1e4c3f64ad32 ipa-common-4.12.2-15.el10_0.1.noarch.rpm bd4658263915b86e0754a48dfef208eb3a06aeacef66b87e1e3e413c2c0d9423 ipa-selinux-4.12.2-15.el10_0.1.noarch.rpm 9392af39d79b05f3d3584c5e2f8defe0aa763b7c26df19606b6ae69882e9d7f4 ipa-selinux-luna-4.12.2-15.el10_0.1.noarch.rpm 862cf3612971baf244e116d8f0860b18b99683e48e3a976f62be514c9e5ebe81 ipa-selinux-nfast-4.12.2-15.el10_0.1.noarch.rpm da232069356f6a7fed12c9b12c17d4e08adda805fbe718e9ffe83ce286498881 ipa-server-4.12.2-15.el10_0.1.x86_64.rpm 8bb7773a3a1e38ecfd6f53f344bb266d5ff6ad1bcd55d1745de95ecb8faa7502 ipa-server-common-4.12.2-15.el10_0.1.noarch.rpm 89236fce67fe052cb19173070c2f50c2b514b865567328686e46a6f845ab302c ipa-server-dns-4.12.2-15.el10_0.1.noarch.rpm 7303e5d8311880f7cae2058f4ed51096749cd5afa1d58e4303823207aefcfce4 ipa-server-encrypted-dns-4.12.2-15.el10_0.1.x86_64.rpm 00fe2c1ef71caa6780b937e2d5df5c59aaf3e616c7184b9a77d765411b8fc63c ipa-server-trust-ad-4.12.2-15.el10_0.1.x86_64.rpm ea76d4074cccf30c0a4847af1c0e4109adc09cf47f4ec062dfce5f6385bb0b01 python3-ipaclient-4.12.2-15.el10_0.1.noarch.rpm 3acf20126fa2ebd03bd719db4b3fdee63e40f34cfc4a805cca9042354485004c python3-ipalib-4.12.2-15.el10_0.1.noarch.rpm 8296ccacd4fbd8cea4f94f0f3442e6dac1ef32e62d3c197cdfe69cdb6876b69b python3-ipaserver-4.12.2-15.el10_0.1.noarch.rpm 9c5d1580ae5902f184e00a231e6482c31dcb76da4b9d3d4feaea0d772ff7bbd7 RLSA-2025:9304 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode (CVE-2025-49177) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms xorg-x11-server-Xwayland-24.1.5-4.el10_0.x86_64.rpm 6de43e3d252b64ddb0345445ad0d3fb4f995b2b9bace0d4aa8aa2d1010dd46a7 RLSA-2025:9317 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms delve-1.24.1-2.el10_0.x86_64.rpm 7efb8b95af246a461f1bfa2211d04b463f8c62b92a5ad8870f0887e0dabdc0ef RLSA-2025:9307 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * gnome-remote-desktop: freerdp: Unauthenticated RDP Packet Causes Segfault in FreeRDP Leading to Denial of Service (CVE-2025-4478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms freerdp-3.10.3-3.el10_0.x86_64.rpm 63ea45b480edbf4d06bd0c1cb4d383718aa3e8a032927e7602bc342507878523 freerdp-libs-3.10.3-3.el10_0.x86_64.rpm afd55ffed579ade915ed95ef2773ee4f41e1171fb76301199d01796bd1f1cbb9 libwinpr-3.10.3-3.el10_0.x86_64.rpm aa25ad4ab52995d2eb921fdea33f90ec4be3bd3533ba05d63e26ee4e75dfe18c RLSA-2025:9328 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libblockdev. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fix(es): * libblockdev: LPE from allow_active to root in libblockdev via udisks (CVE-2025-6019) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libblockdev-3.2.0-4.el10_0.x86_64.rpm d3a7f854798a5c6f6bb4621a08f0ec8e3771d7a29b0b61b4cc58dd365a92f7c8 libblockdev-crypto-3.2.0-4.el10_0.x86_64.rpm ce607a7814a0258101428f48a3ba09e03d68537dab4b54f55c8888e6a34a3681 libblockdev-dm-3.2.0-4.el10_0.x86_64.rpm d14ce2625bea643ce8992ac7fb0a1c204d072a3f9484e667b3f7b9f229f56e4b libblockdev-fs-3.2.0-4.el10_0.x86_64.rpm e87b6e47a75db6a58bf782e1985a1dd4a33ea1afd0427e0aa48c9eb7c8b48878 libblockdev-loop-3.2.0-4.el10_0.x86_64.rpm 4543b21854976b9630426528012417f68c24532d1520b10c1ef0cfe1981174cc libblockdev-lvm-3.2.0-4.el10_0.x86_64.rpm 3a92cd5fcede975c771f81d08a5beb23be6a3b8e05c9f0ec190921e87638103d libblockdev-lvm-dbus-3.2.0-4.el10_0.x86_64.rpm 0508435a8b5a3552306013b4b6b733369b5c1693958ab4f6c2541b2795b54fe3 libblockdev-mdraid-3.2.0-4.el10_0.x86_64.rpm be9c8c67a1ca81bc6fc6364a928920b4abd1d633039986949453f02287baad27 libblockdev-mpath-3.2.0-4.el10_0.x86_64.rpm 0c843a1d371bd2d338f6faeb6ebd6e8e19c8a58b6ebe3f631f399670af3979f4 libblockdev-nvdimm-3.2.0-4.el10_0.x86_64.rpm 53a4f5b0e2a3f64d460b9598bb9c5c3723947691dd46f1ffe1c58d1e29dcba88 libblockdev-nvme-3.2.0-4.el10_0.x86_64.rpm 7fd761c59339de103b02bfafe12aeee0f5760217712f74a866268fd59dfbf3ea libblockdev-part-3.2.0-4.el10_0.x86_64.rpm 46c08fbd4a93e47f6e7448ea31117e66cb457ab7509d6938f445a9736452abbd libblockdev-plugins-all-3.2.0-4.el10_0.x86_64.rpm 227a181b251a28d6c4bb8d9d9c6deb9aedfdf14fe18f8cd87c9bfd8989b32d75 libblockdev-smart-3.2.0-4.el10_0.x86_64.rpm 8b698c8a0be374d0f622cb06b9ef608718b17aa47c5b22b826b6b9be60fe037a libblockdev-smartmontools-3.2.0-4.el10_0.x86_64.rpm 8586c0fa291f9ccdcfdebce9b9399d0e78d4fd7b3e16229dc637b19316400ff6 libblockdev-swap-3.2.0-4.el10_0.x86_64.rpm 845e717de94c76b1e951d8447136ba27dc8f623c2fa47c67477745d136213f08 libblockdev-tools-3.2.0-4.el10_0.x86_64.rpm 6601c86706b4cf638ae995220a1d9a696dbb09370864a2a7c1e162c5eae3f920 libblockdev-utils-3.2.0-4.el10_0.x86_64.rpm 11f89b9359ba8e7da8d59181e516c84dab609393f7fad876f82f7f557f677717 python3-blockdev-3.2.0-4.el10_0.x86_64.rpm 07060a3647bd8c164f6c16346c786c8868ee935777f9dac156e75967096a199f RLSA-2025:9348 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999) * kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150) * kernel: ext4: ignore xattrs past end (CVE-2025-37738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.18.1.el10_0.x86_64.rpm 4808878a3d694b273eec89a049f6bb7e87b2c4665ad4fec7388752551a5e0150 kernel-debug-devel-matched-6.12.0-55.18.1.el10_0.x86_64.rpm e961cf7255d52135101a0424e107b0060d59b510c3ea494002d1af476a0e61c8 kernel-devel-6.12.0-55.18.1.el10_0.x86_64.rpm 8a5f0a13077589c56c378ac3234b6cfac3ae2ed7aa6ebe29b3ecd0620f34610c kernel-devel-matched-6.12.0-55.18.1.el10_0.x86_64.rpm 457ba1aa6de9abbaf03a53f2ba6c7cf3daf4a0319384fb69e0419682f38bd4cb kernel-doc-6.12.0-55.18.1.el10_0.noarch.rpm d6aadd95b52b9f9c33bb8c8c4e704754124e5611f141be290c10971bfb810ca6 kernel-headers-6.12.0-55.18.1.el10_0.x86_64.rpm b874ca0b68096e810e873d4ebec086855034b31e16694eaf69cdfc090aefb03b perf-6.12.0-55.18.1.el10_0.x86_64.rpm 04b021ed9faffca1a1ce35cd5cdeb128f4904c12fcb7d350133edb040004233e python3-perf-6.12.0-55.18.1.el10_0.x86_64.rpm aaef7a53e716df5331da37198b5339aca23ee19454d554c9678a887a786b292e rtla-6.12.0-55.18.1.el10_0.x86_64.rpm 6c633186bf5dcb3066d364519c17d9677efe24a4fc17f81a7f8a37abd394d803 rv-6.12.0-55.18.1.el10_0.x86_64.rpm 4b8b8c3295ec6b6540db6b3160e7729c16fb68c805e3d53199fa047a420ada5b RLSA-2025:9418 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for krb5. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions (CVE-2025-3576) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms krb5-devel-1.21.3-8.el10_0.x86_64.rpm 5a0333be689bc59fb6a3a7670b3b68d1806c8e3a198764e430fbdfcba45381c5 RLSA-2025:9420 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Buffer Overflow vulnerability in libarchive (CVE-2025-25724) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms bsdtar-3.7.7-3.el10_0.x86_64.rpm a8981bd985c186474148bac9a0b181e41b3acaa3eb1d19d2ed2414911ee13400 libarchive-devel-3.7.7-3.el10_0.x86_64.rpm 8e5e55d98d07949c4170ea8908f6581732bbc409121264861e1ff0cadc4be747 RLSA-2025:9466 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_proxy_cluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fix(es): * mod_proxy_cluster: mod_proxy_cluster unauthorized MCMP requests (CVE-2024-10306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms mod_proxy_cluster-1.3.22-1.el10_0.2.x86_64.rpm 2e606a51f4c524fa2d00d86a382c16db1e47539ff5edb32c6868bd5ed54a76c1 RLSA-2025:9486 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for qt6-qtbase. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security Fix(es): * qt5: qt6: QtCore Assertion Failure Denial of Service (CVE-2025-5455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms qt6-qtbase-6.8.1-9.el10_0.x86_64.rpm 2de3a60b2ccf066a9ae487a6abf862f85574ad6c89e0a110ce2153ebbdf623c8 qt6-qtbase-common-6.8.1-9.el10_0.noarch.rpm 1cb71dc28df65692eeb4c2716a3648f044980fa7291152664beaccd2b7f5185e qt6-qtbase-devel-6.8.1-9.el10_0.x86_64.rpm 6710f0b133f7348dfab7e7673e7061c516b01d1ce553b1aa979cc5bccb14ecf4 qt6-qtbase-gui-6.8.1-9.el10_0.x86_64.rpm 1e68bcf33a86231f5644a251e479bea888dae70562911fb3e9aedad40cdd7e2e qt6-qtbase-mysql-6.8.1-9.el10_0.x86_64.rpm 4bb179ef2aa0405528af0b57977da96245a7b898ce0c1366f0c3a386e77b626e qt6-qtbase-odbc-6.8.1-9.el10_0.x86_64.rpm 5669abff6d8d77e5bd31c7c68aa16dc0577e9826ed2e2a40b35094dcd60d11c2 qt6-qtbase-postgresql-6.8.1-9.el10_0.x86_64.rpm 91a8f6417b7e9e8235a0d367e8470f52f7856aa607c4b8b26de038285c394a93 RLSA-2025:10073 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Content-Disposition header ignored when a file is included in an embed or object tag (CVE-2025-6430) * firefox: Use-after-free in FontFaceSet (CVE-2025-6424) * firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com (CVE-2025-6429) * firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID (CVE-2025-6425) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-128.12.0-1.el10_0.x86_64.rpm caf622e42b0973dd60f92c487b4c3fcbf93d4117974a26e80143eea23fd77114 RLSA-2025:10140 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435) * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718) * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330) * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517) * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-devel-3.12.9-2.el10_0.2.x86_64.rpm 593aa133133002650452de607d97b87416431d221d0f80011763de96c68b0134 python3-tkinter-3.12.9-2.el10_0.2.x86_64.rpm 400883eda15f3a0839b4d93eddd8c44794c560943dc325164bdb988432e112f8 python-unversioned-command-3.12.9-2.el10_0.2.noarch.rpm 12d530c7bbdb489389b29978850ec791c8d04427d287c3e7041e4c212a7af900 RLSA-2025:10195 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-5986) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-128.12.0-1.el10_0.x86_64.rpm 1a548cb962b29751d4c1496a61f2aeab52c776c11d5da114481e3c686ef04bc9 RLSA-2025:10371 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759) * kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CVE-2025-21991) * kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CVE-2025-37799) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.20.1.el10_0.x86_64.rpm f4bae6a24887e81eb024ff7aa9f381ed98f49218a46dddd50fef7732094787c5 kernel-debug-devel-matched-6.12.0-55.20.1.el10_0.x86_64.rpm 1dcb52d3cfb6b51ad0fc55abfbe47ba81167873762b9bfe7baf2a41e7fca3b6f kernel-devel-6.12.0-55.20.1.el10_0.x86_64.rpm 4ea5d389160d1ec49c07f400dedb5a4409ba99cc4da14d4ca98b0a7c319da9cf kernel-devel-matched-6.12.0-55.20.1.el10_0.x86_64.rpm 7320aab38323214b49a1a45f41378bd3e79ea767a14d1750ba8f75c4beff61e6 kernel-doc-6.12.0-55.20.1.el10_0.noarch.rpm 84e1d7e1d5f97fdcabdfa8801e747413f60ec31266aac03ab1b52efee22825b2 kernel-headers-6.12.0-55.20.1.el10_0.x86_64.rpm 3ffa69afb7f081f05a1ad9fb1d790442e5043fddc9019f5212327cfc2300592e perf-6.12.0-55.20.1.el10_0.x86_64.rpm 41d612770c6c90ee5f5dc3894ecd30e6020953962eae1c80345ef4ed21aca9bb python3-perf-6.12.0-55.20.1.el10_0.x86_64.rpm b2a493c24bf99320be7fa897faee16611a4d5b2907d152e61685b62e5493823e rtla-6.12.0-55.20.1.el10_0.x86_64.rpm 3f38ce2873af235609910d727e0f38fb601cea010dc63005caa28852358cb899 rv-6.12.0-55.20.1.el10_0.x86_64.rpm 8ed5f91edf1f6010f08d4482b4d869c68966ef6f96519df93843342c3a6c0d7c RLSA-2025:10549 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: podman missing TLS verification (CVE-2025-6032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms podman-5.4.0-12.el10_0.x86_64.rpm f55513d20fbf5bd077f99edc0b5a0d087f8b5a39d83755436d1b023f1223fec9 podman-docker-5.4.0-12.el10_0.noarch.rpm 50e57d06c0b4b9b5f81adc49cece6f8a36edbae57426c6f6b3b6cf9939b0ab15 podman-remote-5.4.0-12.el10_0.x86_64.rpm 50e674970307310bd884f2512522086fcc066269629714f3f69cc7cc30f44369 RLSA-2025:10635 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnome-remote-desktop. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment. Security Fix(es): * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gnome-remote-desktop-47.3-2.el10_0.x86_64.rpm d640623005dd3b46759cf12b050d0243b828edde9a7c656d7c334cd5e2625775 RLSA-2025:10630 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794) * libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795) * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796) * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libxml2-devel-2.12.5-7.el10_0.x86_64.rpm 76b257e1d9550dc30e001e44fbf6369b3f1aae18eb52bb4da868acee586bd84c RLSA-2025:10677 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms golang-1.24.4-1.el10_0.x86_64.rpm 47bcbc253bddea0ab4e17a0e7df155ef958cbeb647df179475b38109434c58ed golang-bin-1.24.4-1.el10_0.x86_64.rpm 725364e1f2a3f34187adb648235ef1637638a0dd1d27bf4deb40391005e2e578 golang-docs-1.24.4-1.el10_0.noarch.rpm f55ec9fb24d751ffe3187f8ca6c2726708bdf26cc2e04ed86d7500edf65a2eb9 golang-misc-1.24.4-1.el10_0.noarch.rpm c34922495aa0d17cd7ea49e63ba69169799423420eaf62cebd336663b16ba28a golang-race-1.24.4-1.el10_0.x86_64.rpm d398fefc9e578487f12aeba645b25156f05264fff13cd852d033b3df2ede8dd3 golang-src-1.24.4-1.el10_0.noarch.rpm f49a704a94a6fae26328780398d8a6f588082da9aa5dafa3d777cf1a0eb27434 golang-tests-1.24.4-1.el10_0.noarch.rpm e2ce7eb27332c70ecc199fc129838f7f8b37a285a616b50b04779e5e62e0c77f go-toolset-1.24.4-1.el10_0.x86_64.rpm d8822654a0f59980f51d80b83aea1db0a28173f3de5f5da28a748c1750186ed0 RLSA-2025:10854 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: exfat: fix random stack corruption after get_block (CVE-2025-22036) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.21.1.el10_0.x86_64.rpm 388f9eba5316e4e2c9a6a79294ae9033bde2db76c92c844778298701b01fc0ac kernel-debug-devel-matched-6.12.0-55.21.1.el10_0.x86_64.rpm 724fe79b09e7fbc69a30fc5b73535621b2e0bd1e14d5157bfaaed115c9006098 kernel-devel-6.12.0-55.21.1.el10_0.x86_64.rpm 3d1c257a7433e26a2e50b8a366819988493b8df75316dd8f06377ff5e0320394 kernel-devel-matched-6.12.0-55.21.1.el10_0.x86_64.rpm 87f3c1fa42f58d7b3d6e2a3cd5595fcebad5a76ebc648a5282f466d2fd084d86 kernel-doc-6.12.0-55.21.1.el10_0.noarch.rpm 0fac73f3048e88895bcfd0fe2e3c15ac66aa8975f75064ae479705e011cdcc9a kernel-headers-6.12.0-55.21.1.el10_0.x86_64.rpm 5dff5f4f19211772a18622b1225f85061571a4892b14989ae3022c399a1f1cfc perf-6.12.0-55.21.1.el10_0.x86_64.rpm f9778cadbec6d8e850ec9a32e7dae957ec8a2ccd43be91893b8e196eefbb4ba5 python3-perf-6.12.0-55.21.1.el10_0.x86_64.rpm 593012915a1a3e7d326a342b72f84ad6d18778e6e8a00859b47c2f09e5bf9eb2 rtla-6.12.0-55.21.1.el10_0.x86_64.rpm 95eb571322d18783769ccb7bb2c17ddeab6b37244f54a734e9b2111f2efdc154 rv-6.12.0-55.21.1.el10_0.x86_64.rpm d55df9d66ae8486c64c1da15f88ceceddd8d63f88b0854ea60e2c9752580af77 RLSA-2025:10855 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glib2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib: buffer overflow in set_connect_msg() (CVE-2024-52533) * glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar (CVE-2025-4373) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms glib2-devel-2.80.4-4.el10_0.6.x86_64.rpm 219414b65a022cbc3b6de5400deda19f1fb267a11d0e213b4dcbde3916f8b117 glib2-tests-2.80.4-4.el10_0.6.x86_64.rpm 84f37ced8669579c114b780fe022fca1f5e814326b153ea0d5b5230107e21a7e RLSA-2025:11066 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Vector register overwrite bug in glibc (CVE-2025-5702) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms glibc-devel-2.39-43.el10_0.x86_64.rpm f79e6ee9a084a3d8e4297f35875185609e6efabc34f926b9309e821860bd691f glibc-doc-2.39-43.el10_0.noarch.rpm ed381b944944b79f2ea78160249b79318e5cfb1e89d3a5930194fa31cd0ec093 glibc-locale-source-2.39-43.el10_0.x86_64.rpm 0aeb6e46e38643f868f619170448c75e4457678e56fb93104d15c85d69d93575 glibc-utils-2.39-43.el10_0.x86_64.rpm 7d8a96ca51686318be8a12ba7af1b665a8b626b79b5b52e4c4b725cdd78d19c6 RLSA-2025:10873 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for java-21-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * JDK: Better Glyph drawing (CVE-2025-30749) * JDK: Enhance TLS protocol support (CVE-2025-30754) * JDK: Improve HTTP client header handling (CVE-2025-50059) * JDK: Better Glyph drawing redux (CVE-2025-50106) Bug Fix(es): * In Rocky Linux 9 and Rocky Linux 10 systems, the default graphical display system is Wayland. The use of Wayland in these systems causes a failure in the traditional X11 method that java.awt.Robot uses to take a screen capture, producing a blank image. With this update, the RPM now recommends installing the PipeWire package, which the JDK can use to take screen captures in Wayland systems (Rocky Linux-102683, Rocky Linux-102684, Rocky Linux-102685) * On NUMA systems, the operating system can choose to migrate a task from one NUMA node to another. In the G1 garbage collector, G1AllocRegion objects are associated with NUMA nodes. The G1Allocator code assumes that obtaining the G1AllocRegion object for the current thread is sufficient, but OS scheduling can lead to arbitrary changes in the NUMA-to-thread association. This can cause crashes when the G1AllocRegion being used changes mid-operation. This update resolves this issue by always using the same NUMA node and associated G1AllocRegion object throughout an operation. (Rocky Linux-90307, Rocky Linux-90308, Rocky Linux-90311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms java-21-openjdk-21.0.8.0.9-1.el10.x86_64.rpm 414b7b019f3d764f5085a9391a9da59c4217d3d5fbaa0f6eb528d82d30501c3f java-21-openjdk-demo-21.0.8.0.9-1.el10.x86_64.rpm 51cdacc5c442cfcc0a19b02c6631bc03a410700a02b9dcfb4984c2722d41ac7d java-21-openjdk-devel-21.0.8.0.9-1.el10.x86_64.rpm 75103cb2346fd169dbdf0ebc0f3c505f5028484edaab82597189d240b1cb60ec java-21-openjdk-headless-21.0.8.0.9-1.el10.x86_64.rpm 61e05b22711cd5ac0605a11d66198c1bb013f556e25ee2b1af0b9f343a262eae java-21-openjdk-javadoc-21.0.8.0.9-1.el10.x86_64.rpm f31686b03b8f9653d851f7a888884dc250cc187b6ee3c515db17308b23eb0937 java-21-openjdk-javadoc-zip-21.0.8.0.9-1.el10.x86_64.rpm 20b79b5308c23166b48408ba4eeb67734a4b4d20838f472d9d8f6c2e345876e8 java-21-openjdk-jmods-21.0.8.0.9-1.el10.x86_64.rpm 55f8d134798e069b709c2c46ce4d30ddbb8cbcf7a952b032daccc8017806cf90 java-21-openjdk-src-21.0.8.0.9-1.el10.x86_64.rpm 927695c96d9cd38503339ef6e3d4fff73a528093e984b5f1dcf0b33a7edbc032 java-21-openjdk-static-libs-21.0.8.0.9-1.el10.x86_64.rpm cd93b8ff3d5244e9933e22c1aa8df2e92cb892e1dd69aa4d9a45765db013e3b1 RLSA-2025:11332 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) * tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms tomcat9-9.0.87-5.el10_0.1.noarch.rpm 7c11353e58e4822db9739e90e1b99462f3be11ed491be1beb1be7807545181bd tomcat9-admin-webapps-9.0.87-5.el10_0.1.noarch.rpm 3d6851aa27bf852945314cbad8a11ba59df3e3cbe7ed6ac0e5a5f29c58225d40 tomcat9-docs-webapp-9.0.87-5.el10_0.1.noarch.rpm a9f4d0eeabb6df8ffa9e7a332446f5a161ada29c77a0d38fb801fc826504e033 tomcat9-el-3.0-api-9.0.87-5.el10_0.1.noarch.rpm 38b76b62dec96d2400b4a5030c61a93d6865897a63fd032a2b9f1076eafe9c2d tomcat9-jsp-2.3-api-9.0.87-5.el10_0.1.noarch.rpm cf01a3d83ada8424330926b49aaa536c4dfb24576f057cc989a0b3a14c441883 tomcat9-lib-9.0.87-5.el10_0.1.noarch.rpm 29e509374ef0700c32eb589736d9d80bddbe255b252cd9f927e1e3f21bf5ec3e tomcat9-servlet-4.0-api-9.0.87-5.el10_0.1.noarch.rpm 0ca600cd745cbb59544aafe2278a75381d4da269d7ac01aaeb9b61eba69210df tomcat9-webapps-9.0.87-5.el10_0.1.noarch.rpm f5b988b6558b3992d98428ec7af5cf620fc24157d925e3ab1cb9fa27488fa459 RLSA-2025:11401 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis Stack Buffer Overflow (CVE-2025-27151) * redis: Redis Unauthenticated Denial of Service (CVE-2025-48367) * redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability (CVE-2025-32023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms valkey-8.0.4-1.el10_0.x86_64.rpm 2d12afb4fcd325b1488ccdac49769189bf63f6b732c1a24badd090cb0a7372bb valkey-devel-8.0.4-1.el10_0.x86_64.rpm 23141aafa373e629b37c23cbe6e950f1d2c56d437b8c335ea2863ded3c76a87b RLSA-2025:11428 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Remove dangling pointers (CVE-2024-58002) * kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980) * kernel: wifi: iwlwifi: limit printed string from FW file (CVE-2025-21905) * kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry (CVE-2025-37958) * kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CVE-2025-38089) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.22.1.el10_0.x86_64.rpm eed3475212eb0a5cfb206a9cf8240dee47eb53d80b2f7c0c1f5e06b6696e187c kernel-debug-devel-matched-6.12.0-55.22.1.el10_0.x86_64.rpm a3dfb6b37dd032f15ed60c352fd530af244a40b96c8d5c99acbde43aace1be52 kernel-devel-6.12.0-55.22.1.el10_0.x86_64.rpm 748a67cd5b0e97368c7ea18c4c812d0fa18b16f69fb7db85f065e3bff29cdf5a kernel-devel-matched-6.12.0-55.22.1.el10_0.x86_64.rpm 5724c07e1092cb24d36e1dbfc15fb72a32157f45ce89463c9d2acbdd8a5f9ea9 kernel-doc-6.12.0-55.22.1.el10_0.noarch.rpm 57373126cd581bffae6ce7e61877d24464b49b3c16e4a3101d64c082da094efc kernel-headers-6.12.0-55.22.1.el10_0.x86_64.rpm d6a6fe7266f175d8c12e630b252acaf4d5bb94c91d93b920f6f7458123d37a96 perf-6.12.0-55.22.1.el10_0.x86_64.rpm 2d6b1fab384980c655e0e7c9dee14fdbf78ccd4836ddccf6d9c355c26b776921 python3-perf-6.12.0-55.22.1.el10_0.x86_64.rpm 609463e34f50c0c389489c07a41c67eea282b3dff53193d30bd7fcd54b71cc9a rtla-6.12.0-55.22.1.el10_0.x86_64.rpm 7f8dc0dc8a08740f47ab5726a02f94a7fe072a88ce139a1849df2f3233ec46a0 rv-6.12.0-55.22.1.el10_0.x86_64.rpm bbc87c58238d130b443f2f3296a6da15daa5aebd0da8acaf09f9d4015d93bdb1 RLSA-2025:11537 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: LPE via host option (CVE-2025-32462) * sudo: LPE via chroot option (CVE-2025-32463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms sudo-python-plugin-1.9.15-8.p5.el10_0.2.x86_64.rpm da6a8ab0e6d9f02f34d40301cf473f25b107155f625b22b273cfaedfec20aa34 RLSA-2025:11797 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-128.13.0-1.el10_0.x86_64.rpm ba59deecd32c170f47287be1d7a4f4096af6a9e8232c940727bac9af3aeec264 RLSA-2025:11855 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: RDMA/mlx5: Fix page_size variable overflow (CVE-2025-22091) * kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CVE-2025-22121) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797) * kernel: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (CVE-2025-38088) * kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CVE-2025-38110) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.24.1.el10_0.x86_64.rpm a9e5ce7546f16f56a3c9d49e060a1bc7a9af911c5529f5c9966a37e942c4cb41 kernel-debug-devel-matched-6.12.0-55.24.1.el10_0.x86_64.rpm ed0e2e3845069f739dae6b681a86478bbbe7ea6e7abfa463aafef7c321058e05 kernel-devel-6.12.0-55.24.1.el10_0.x86_64.rpm 401835e62fa49e353503b5a6644c8468f18fe25ee15c43b03cb7c0335bb970e0 kernel-devel-matched-6.12.0-55.24.1.el10_0.x86_64.rpm a28762ec3daa2b80ac015611e3b0415e7736d83fc7955fb7dc8bf9584dbd46a9 kernel-doc-6.12.0-55.24.1.el10_0.noarch.rpm eb25387de4a44c1f7f2648f580ab9c31b3eeba35aee638fc2488206fef99d504 kernel-headers-6.12.0-55.24.1.el10_0.x86_64.rpm 5dfc4a2e64baaed3804d899c091334b19295b0a9c6ba456e8849acd37a75acc6 perf-6.12.0-55.24.1.el10_0.x86_64.rpm 18d61da648b0650a0479754a62857782f0d80e8eba466343559e1fccd1f162dd python3-perf-6.12.0-55.24.1.el10_0.x86_64.rpm 9ecd9d692ebe59b827f668a5581eb22bcc073052529c96bb8f3939622bedfdee rtla-6.12.0-55.24.1.el10_0.x86_64.rpm 109fc6e149336ccacc61c72e7de509c9fbccad7062d9765e18d668b4f904b52b rv-6.12.0-55.24.1.el10_0.x86_64.rpm 73b8decf6d63e5ff4a2b9e5b362cefdfa6a398d6759247236b163dcb55e082a2 RLSA-2025:11888 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for icu. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Security Fix(es): * icu: Stack buffer overflow in the SRBRoot::addTag function (CVE-2025-5222) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms icu-74.2-5.el10_0.x86_64.rpm 28b7470c6797c0a17d056fc51f5c89f7770173507c39ec915b151304799e3b58 libicu-devel-74.2-5.el10_0.x86_64.rpm d2f5b279ec7cbd92d012e31c74f991f7316c3cdb084fee26b1ac4cf05890dc7a RLSA-2025:11933 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sqlite. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: Integer Truncation in SQLite (CVE-2025-6965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms sqlite-3.46.1-5.el10_0.x86_64.rpm f7fd6610f1d89351e69b768842c011f386b9eecf8b24e761ab184804e5195618 sqlite-devel-3.46.1-5.el10_0.x86_64.rpm 4f48b6901f31d710bb596ba64ee2fd3e5b5d95caf6a315e35eb6bb226af8f1a4 RLSA-2025:12056 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for perl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms perl-5.40.2-512.2.el10_0.x86_64.rpm b265994fcf986e3a92ee5a3969a0afb7989c9fa336f4c24305b867e4169d09b7 perl-Attribute-Handlers-1.03-512.2.el10_0.noarch.rpm a50a47c9c8189cf7eec48d586f8816aa6273e5a84e24c8b38c98b3396378e0d7 perl-AutoLoader-5.74-512.2.el10_0.noarch.rpm d11dee873d7d98224cb8b63b805b266025ff6e7a7c0bbddea102a1aef6b4c1ef perl-AutoSplit-5.74-512.2.el10_0.noarch.rpm fc83da5b9f60869db73ea9335d11b087da8977bab44b669d2fc21d5ce7eedbdf perl-autouse-1.11-512.2.el10_0.noarch.rpm 022a86f3a5975a041799ad17b807e59e335f57a29b3fcd9e7624ae13d9fc343f perl-B-1.89-512.2.el10_0.x86_64.rpm d588891d25ed85721f393261d4ce734628f224ef96f7e63fdfbe148473bde45b perl-base-2.27-512.2.el10_0.noarch.rpm 23294c4ee06f04f99e734a520e7118b3f69b4e973afdcfa435e7fdffacb6cb30 perl-Benchmark-1.25-512.2.el10_0.noarch.rpm 7f17cc9401a6998858fbfc634fd8cacb305dd95c5557fa60dd1efc7f9e40dd6c perl-blib-1.07-512.2.el10_0.noarch.rpm 26f1caf1fa8a54fea467f5e126a8b9d295cc763ee5e84029137ee6dd9ad12668 perl-Class-Struct-0.68-512.2.el10_0.noarch.rpm 142b33b254ad949b08e59aa746019c53c09a6f9b1e8f16612c23a2222c7890bd perl-Config-Extensions-0.03-512.2.el10_0.noarch.rpm 088dd306bf83eb27d4800a7dc8a74248a7655b27025f6a1096a32664ad3f7e71 perl-DBM_Filter-0.06-512.2.el10_0.noarch.rpm 594a8f1acb1be8bea0d80d76529e16e209ab76632573ec320a3a255c1d93030d perl-debugger-1.60-512.2.el10_0.noarch.rpm 116632d66aecb227ec01b561039c998967e38b11605a08c26c6975f100d3f363 perl-deprecate-0.04-512.2.el10_0.noarch.rpm f9b6c6d93abe972e0898aed2bd517c9dd7492b589cc43f0f542ef879705eaa16 perl-devel-5.40.2-512.2.el10_0.x86_64.rpm 66ed028cae6824ce85994b61f7ca214e8c41d875e3f608dc8c4e86b46110bb25 perl-Devel-Peek-1.34-512.2.el10_0.x86_64.rpm 6896ad09a4e892ffa003e93c2c5b5b4b68dfb06fcfb64bd0b87faae9b8387001 perl-Devel-SelfStubber-1.06-512.2.el10_0.noarch.rpm 3333f3ddba623e1659029a71773b6fdd8b06009f52f630c617f5f06869d193ab perl-diagnostics-1.40-512.2.el10_0.noarch.rpm 391498cf663012d9ec9bd910b4bf53cf4234304cea25b142debbb91bda3c79ba perl-DirHandle-1.05-512.2.el10_0.noarch.rpm 3b7143910af7251015a7a91b80280ebe2390424ccb7e1ce5172d6fe3a2b579a7 perl-doc-5.40.2-512.2.el10_0.noarch.rpm 1f2e5dc38f4e1c91f43dac6269bb11d7c025b27eb55e7f4eb6461ea0220704ac perl-Dumpvalue-2.27-512.2.el10_0.noarch.rpm 4e035ced3d3eae3c988ec32be73475af7f253d99e8fe456d829cbca7887fd3e6 perl-DynaLoader-1.56-512.2.el10_0.x86_64.rpm 7b230f3a36461975bb796bf60f0dcbca697e0e522b00747f781a01e971680d4f perl-encoding-warnings-0.14-512.2.el10_0.noarch.rpm e0901d24894adcac12d89343604cf3e8775024483b6a83d3d5913153c41faf8a perl-English-1.11-512.2.el10_0.noarch.rpm cace3f6ec93d1dddf2a3880e90a746967df8ad4b18c65e3fab3d6d2837962a59 perl-Errno-1.38-512.2.el10_0.x86_64.rpm 5e32d206bff50b0b9f19b624dad1024ff14f5cda9d41ba6cfb6b6d7dc8aa537f perl-ExtUtils-Constant-0.25-512.2.el10_0.noarch.rpm a5254c20224062ab3e006e8a816d71f6a6f7c392afebeaf67c08189a04820674 perl-ExtUtils-Embed-1.35-512.2.el10_0.noarch.rpm a3a81991583e28184db2748eb512c1a95788568a6da7aafaa5ec0fc4a39b594d perl-ExtUtils-Miniperl-1.14-512.2.el10_0.noarch.rpm bff285dd9b50eac452554962e9533a81440ab5b293a5f8a131ed217e159b4abd perl-Fcntl-1.18-512.2.el10_0.x86_64.rpm 23a9127922cf33f954b1e78053e60c9186f72add5090ccb1b7b90b9b23147673 perl-fields-2.27-512.2.el10_0.noarch.rpm a5185e8c106dd42e6900b9594a894c8640301c4454d6e9130996d1d2c6619743 perl-File-Basename-2.86-512.2.el10_0.noarch.rpm 0e52e24b6fe11614f52f85fac01887550aca5af48322b7297add18f8bae07af8 perl-FileCache-1.10-512.2.el10_0.noarch.rpm ddcec09ad7b7e78312d597efb775fd0795aca5064ba933ac3ba53de6ffb70ed3 perl-File-Compare-1.100.800-512.2.el10_0.noarch.rpm 36d9a304d4513dd8ab9b8e98d02cc609541bdbba22be1ea88b247e37ca61671f perl-File-Copy-2.41-512.2.el10_0.noarch.rpm eed099e78ffcf4332ed8a29bfb6ea948717fc3b61b312e205a8a3bb3783abcb0 perl-File-DosGlob-1.12-512.2.el10_0.x86_64.rpm 5923b9d3b2d251fba23daf25c33a885f065789741fc319819cc7af803b848ea2 perl-File-Find-1.44-512.2.el10_0.noarch.rpm 1d72ea44720cc2edbea27771dd5708935c2b1f1165c12b7bd8053a281e31bff8 perl-FileHandle-2.05-512.2.el10_0.noarch.rpm da293f041854918ba2ed671bc86e0fa2495c7c6bb6bb4ae6c1d1555aa0543ccf perl-File-stat-1.14-512.2.el10_0.noarch.rpm e68ec3b54e4a04236a01260f76f52453974a71e4ba14a85a92357e611f8f0307 perl-filetest-1.03-512.2.el10_0.noarch.rpm d722cf0a055e441a8e7f804a6cb287f292ea823b01ffa0fd6aa6b9232d28a82b perl-FindBin-1.54-512.2.el10_0.noarch.rpm 309befe99d17047346772695df54eb58575c000cd4da46652dfc56edc7da597f perl-GDBM_File-1.24-512.2.el10_0.x86_64.rpm 9dcacfb69263607b53dbe91ba37f0b7127434cb55644e860c653f2c5a55abc3f perl-Getopt-Std-1.14-512.2.el10_0.noarch.rpm 4c704ab2ee391d717797366dd5ed6e0b4972c6915dbaf0ed0079f4cb23dd2fb3 perl-if-0.61.000-512.2.el10_0.noarch.rpm 5f355e52e71146d71223f34451b5ff1c11bc471ae8eeb0a1a84258d15c32594f perl-Hash-Util-0.32-512.2.el10_0.x86_64.rpm 4617726e95f16d7227a56b906129576a3f6ca18ff3e2474e7bdfb25e6bb9a0c4 perl-Hash-Util-FieldHash-1.27-512.2.el10_0.x86_64.rpm 2448474e9a9e2c5c6a95c30af5ea461e5b4230ada3b56b2d348ffa388d8f81f6 perl-I18N-Collate-1.02-512.2.el10_0.noarch.rpm bcba8afa4f930466ff0b74cd168d0223e120524176ce70249b765a1b1b7dd280 perl-I18N-Langinfo-0.24-512.2.el10_0.x86_64.rpm fecbf0ab5d50f8e0f2b71a5afc68cf2ed17e3fb874c1c9fd8d3542c681ed60b8 perl-I18N-LangTags-0.45-512.2.el10_0.noarch.rpm 76f6d8df29b37d36d869d540fe00fab661009cb9985b188caf23892bad7b52a8 perl-interpreter-5.40.2-512.2.el10_0.x86_64.rpm c7f42478109294d799ccbeea3d312babe50e1ec9a5aeb2680e710354474a1e4c perl-IO-1.55-512.2.el10_0.x86_64.rpm c1ff25c73bf4655f6cf840bc9ad42efd17c9e00bde426bc60a4f6f117025c319 perl-IPC-Open3-1.22-512.2.el10_0.noarch.rpm 86b148a2756784bdcbdaff5cff28c5393ac52f4bf0216907756b57a5ba5ca92b perl-less-0.03-512.2.el10_0.noarch.rpm b5e848124b09387112c1d4231c76c8def385bc0538c73b2c6ec9aa685fa9200d perl-lib-0.65-512.2.el10_0.x86_64.rpm e1474e01430a36940d9ce1740d9a4053e50bf6e7990b53983384d96306161067 perl-libnetcfg-5.40.2-512.2.el10_0.noarch.rpm 7efe3f4939bc66049dfb3820be0b55a361dfc104ba96d7878399dee3e3d68a5d perl-libs-5.40.2-512.2.el10_0.x86_64.rpm 2f79c95832a0ea14dca174af34a3537933ec7d06e8bcf81ca9006af5fa9f2c96 perl-locale-1.12-512.2.el10_0.noarch.rpm a9a3b66e223867d6208946406f5b1edf6726034cdb86c60594d1d1df8381fa18 perl-Locale-Maketext-Simple-0.21-512.2.el10_0.noarch.rpm 39e29184aa99c21e97a57e97dc02717f90d377f12a3202b0e93b71ce1ff113c6 perl-macros-5.40.2-512.2.el10_0.noarch.rpm c338c5d3a9bd8a1c1235f1c8da239f29b9d62bf58788f9983355db0106722eaf perl-Math-Complex-1.62-512.2.el10_0.noarch.rpm 6be88deaf0001307cb42142a066d5bbb8355ca3c066f287cc1dfb6c70135de31 perl-Memoize-1.16-512.2.el10_0.noarch.rpm a8b43a7f26e0da134f559117be6ec1246f4403594c78bd2c028b93ee08086207 perl-meta-notation-5.40.2-512.2.el10_0.noarch.rpm e1de3da0d11590cde4c2f31ea22160f937639c4cb14852569b46be28b046c8ee perl-Module-Loaded-0.08-512.2.el10_0.noarch.rpm 3639e9e7b65277a67c7409fe4f020b3913c7ef6b948bf577ed1ae9aa34f71efc perl-mro-1.29-512.2.el10_0.x86_64.rpm 97f250b301202873e08a3f63fb0e06c12863dff43dc267e2d0ebedd4f8241467 perl-NDBM_File-1.17-512.2.el10_0.x86_64.rpm 87a01482c3942b0b1b0ae90f3bb263afb2b2971ec1be2382f43bac9ce83403fc perl-Net-1.04-512.2.el10_0.noarch.rpm 589d4504637d13e2435420455917884df8727581aa80fae5b51020650ac8169f perl-NEXT-0.69-512.2.el10_0.noarch.rpm 6cf667a4e215805092c31399b07088b9b53ac30571429737c26ff5633c93f107 perl-ODBM_File-1.18-512.2.el10_0.x86_64.rpm 5fb3da69617cfaaa0b7e0ef657628c0bfdecf784cc3d47dd4037b77cd0696234 perl-Opcode-1.65-512.2.el10_0.x86_64.rpm 107e99a01aa17849e6803029c1c31ebe52d5c9cbc99d8cdb79a1e3b524b9efbd perl-open-1.13-512.2.el10_0.noarch.rpm e6faf552b3ef8663aa5c008bb0170bd1937c21b052e19b38338b17af0140a2fa perl-overload-1.37-512.2.el10_0.noarch.rpm ef05e1e0a8d4186fd2b5fc8e9726345b0d14a30e4a7eb7a66943aa51c6032a4f perl-overloading-0.02-512.2.el10_0.noarch.rpm 418913e1c6335e9aa8f039fa6903dbba59d713bc902191272692c655b2d8f63b perl-ph-5.40.2-512.2.el10_0.x86_64.rpm e490da935a82dbbf49a8562d6e249e4a09a4afa8d599c33187bce006e3b97ee7 perl-Pod-Functions-1.14-512.2.el10_0.noarch.rpm 9544e913bae26609c973b6fac8ef231fa230e79b79966696f27dc6169b0cce16 perl-Pod-Html-1.35-512.2.el10_0.noarch.rpm 56640ad227c8fb21e7f72fde247757f01d905d585bea3ede000adc8db4072b87 perl-POSIX-2.20-512.2.el10_0.x86_64.rpm 7efa2d4b9ceaf5b2ebc83e68a5257bb49e2de587204fe878202d3e9d248297e8 perl-Safe-2.46-512.2.el10_0.noarch.rpm d8b10fade999abb3271355112bd700b47920bc3556996606e99cc4ac445e682d perl-Search-Dict-1.07-512.2.el10_0.noarch.rpm 7a93698979506fa211d4570b90132e5368cc45829985baec494f877a38ec0061 perl-SelectSaver-1.02-512.2.el10_0.noarch.rpm 4971816006a6fd214274853c95c74c1e4af34acb2fa145d7c36d3533f115969d perl-SelfLoader-1.27-512.2.el10_0.noarch.rpm 15a01d37dcd6c51415b3d2eb973d5e64ffe93455587282661129f31e39a37164 perl-sigtrap-1.10-512.2.el10_0.noarch.rpm d322121627446cea0a0ce9a162ac1e5cbc3c21fed5454a614f9f3231bcd6e819 perl-sort-2.05-512.2.el10_0.noarch.rpm 9a656d27009bec4a4203f84e041407805e48189799413db9637a51d307666867 perl-subs-1.04-512.2.el10_0.noarch.rpm 6f51e398f25184efd9fa656c36b32f4a66b84db33473a0084c09d2564b1fa173 perl-Symbol-1.09-512.2.el10_0.noarch.rpm e44ddbdba11f7108309e1e8268ded90b30b45d4559d329b7598c194491e65cb7 perl-Sys-Hostname-1.25-512.2.el10_0.x86_64.rpm c80b6bc8643d134daf7dffbbdabe21e8083c5bdd95009d04015d8410f84c4ca9 perl-Term-Complete-1.403-512.2.el10_0.noarch.rpm bca25218698dc5bec307ab2833f95c80979801a3a50bde8578e87f5b0a9e9c6e perl-Term-ReadLine-1.17-512.2.el10_0.noarch.rpm eacdcb68a50137a0b436f0c843963dd397f6a08953c66383e62b6cc416203cf0 perl-Test-1.31-512.2.el10_0.noarch.rpm 7e9be4015583373451563d4ec380e02dd4acceb46311be07128844cee2bd3c99 perl-Text-Abbrev-1.02-512.2.el10_0.noarch.rpm 25b62a751bb2a0357cfcf9b4a9e159bbacbefd6cfe0748265e62219dc9683586 perl-Thread-3.05-512.2.el10_0.noarch.rpm 491d0f80e3d887e45c217e46256d581c90fb3cb07830cc546e2a6f5691b629f6 perl-Thread-Semaphore-2.13-512.2.el10_0.noarch.rpm 638204720d76bfff46b4232b6bac608876be8f587b9c7f3d1009e3dedf806dcb perl-Tie-4.6-512.2.el10_0.noarch.rpm 5c0753c9b84119f97ee29a79a6f85d2b9b8e7b43e7ccceff30076e592529fb4e perl-Tie-File-1.09-512.2.el10_0.noarch.rpm 979470cf5a306f3c4dea61028b98b449ca8befcfe02987ef6e147c7321f6d3fa perl-Tie-Memoize-1.1-512.2.el10_0.noarch.rpm caab07ab606928b27eff25c56d245649147171e90b94c8f4ebc6168c2c04d1a6 perl-Time-1.04-512.2.el10_0.noarch.rpm 9f0208c626290f1e4e435ec425e901cb8c2db44c8e1caa64fc244a9172006d4f perl-Time-Piece-1.3401-512.2.el10_0.x86_64.rpm 9eff6fada2e6a517941b7527afbe3cb5532c66b8a87396a9a2d42f929e404de9 perl-Unicode-UCD-0.78-512.2.el10_0.noarch.rpm 8127dfa5d5006949b78316bea4cd438b83f616dbb2c9160dee0d3c88dd354d8e perl-User-pwent-1.05-512.2.el10_0.noarch.rpm 61be0c87a8ef400af759697ab882a54dc62018958aa86f3a3f6a2bac93666b68 perl-utils-5.40.2-512.2.el10_0.noarch.rpm c89e6e8052e14ed8e1c2d3c9c09ef67d1f90be7705d624293c916ee926fd4ae8 perl-vars-1.05-512.2.el10_0.noarch.rpm 877c2bdd38a85c3510e06a9a271b5badc4b80c917109f39f65f3ca4796eca380 perl-vmsish-1.04-512.2.el10_0.noarch.rpm b2e68ff6ffa4970afdeff6e1d9988decbf7cabe45d08dabee3d6b41284f869d7 RLSA-2025:12064 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbound Cache poisoning (CVE-2025-5994) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-unbound-1.20.0-12.el10_0.x86_64.rpm 3f1d7b1511a92a60cbbf5fb6bdc27feb1b86ec07d133c5c7ee971a9d2e2fc502 unbound-1.20.0-12.el10_0.x86_64.rpm 8b6bfb2ad1af3f2986123b4f930110abff31d56c3cacd7923d4dbc59f754bd8e unbound-anchor-1.20.0-12.el10_0.x86_64.rpm bef18b9a20c9eaa3dafc398b2824fbc51fdb104fdd8dfa29846326fd90e7072e unbound-dracut-1.20.0-12.el10_0.x86_64.rpm 447203d5e534856a98c91d8d2c9f72e69ae17ecc0b3202fa1dcd4fb63c3743d2 unbound-libs-1.20.0-12.el10_0.x86_64.rpm fa5d9ac0e91388efaf14e083a357d85380e23bd4d75fdb678876ec11263019bf RLSA-2025:12188 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-128.13.0-3.el10_0.x86_64.rpm 30a11093106c28a6ca4020c2bfdfca6cc81a2a7145fe070a6a25240adb93b1a5 RLSA-2025:12662 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: padata: fix UAF in padata_reorder (CVE-2025-21727) * kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928) * kernel: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CVE-2025-21929) * kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020) * kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113) * kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890) * kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052) * kernel: net: ch9200: fix uninitialised access during mii_nway_restart (CVE-2025-38086) * kernel: net/sched: fix use-after-free in taprio_dev_notifier (CVE-2025-38087) * kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.25.1.el10_0.x86_64.rpm a13ebcf3ceea7057f7c28b16aead52869d0ab4e4295ded21ec53df06ccd1373e kernel-debug-devel-matched-6.12.0-55.25.1.el10_0.x86_64.rpm 22fdf6c06533930f0adbaaab16717bc137bdf48a45a51ddaa8d30b2cf753d37a kernel-devel-6.12.0-55.25.1.el10_0.x86_64.rpm e62b80fd3436320821e480e232ac2757ca58dfde623ad163fbd20c705dc5f17c kernel-devel-matched-6.12.0-55.25.1.el10_0.x86_64.rpm 819c84e04c68c893c61f2fa426f282a4c9b9eeed6cd949c4785a6f1bc263cad2 kernel-doc-6.12.0-55.25.1.el10_0.noarch.rpm 2cb9b732ef69aef143919db2a6e778164052cbc7a74beabbb9ed69c93c76ef69 kernel-headers-6.12.0-55.25.1.el10_0.x86_64.rpm 1525497b1c004074809e828e26136f562a45b98343631bfdd2b0719dca938608 perf-6.12.0-55.25.1.el10_0.x86_64.rpm b95e6f9cce57a7010dd369788ff3686829f64afa31b129d9bd00363c99bfef5a python3-perf-6.12.0-55.25.1.el10_0.x86_64.rpm 106837e3a5d3eb8d6f1458d3139e786e54b3996fe467463cefefa03384a1fb2b rtla-6.12.0-55.25.1.el10_0.x86_64.rpm 3453394d60613d4ee7cffeb11d55fddb58e07aaed3553dc6abd1f65c6680208d rv-6.12.0-55.25.1.el10_0.x86_64.rpm 34c0b722651845dd7b42e4489c9d5ded2689564f613bf1a7a50e8ca144a361b1 RLSA-2025:12850 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms opentelemetry-collector-0.127.0-1.el10_0.x86_64.rpm 2940b974c271bfea1804c3c4dbdbcb0d527235f3ad13b392c9309a310d01c8a3 RLSA-2025:12862 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gdk-pixbuf2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fix(es): * gdk?pixbuf: Heap?buffer?overflow in gdk?pixbuf (CVE-2025-7345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gdk-pixbuf2-2.42.12-4.el10_0.x86_64.rpm 66f9a4dc144d229ffa2350e27492e26ed49a41df8b0f54fea62831b9b1ecd2ad gdk-pixbuf2-devel-2.42.12-4.el10_0.x86_64.rpm d28d66b9305cb75791d81479126e06fcd9cef8dccdb21030df0da970051d7655 gdk-pixbuf2-modules-2.42.12-4.el10_0.x86_64.rpm 954d41c9ee099e28b99b2c821bf03882acd2f44fca29125a20cef2b3700f387e RLSA-2025:13240 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Double free in glibc (CVE-2025-8058) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms glibc-devel-2.39-46.el10_0.x86_64.rpm ad8d9023e71a2ae3cebcdff9e5b22e47d63c500b3654e6a61a32ee83257f2919 glibc-doc-2.39-46.el10_0.noarch.rpm aec94e9135f742ab005553dee9ee0ebbbcc83155e4cbbed46f79b316e801e763 glibc-locale-source-2.39-46.el10_0.x86_64.rpm 639fbe30a9161c26c72d16c6644cd45e57ca02bebbec07c0d6b0cfbd4535c310 glibc-utils-2.39-46.el10_0.x86_64.rpm 06cb841efcc8ffef5a7c5545fa0133be05bb9e29507ad9448e259d3f840707ac RLSA-2025:13429 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) * libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libxml2-devel-2.12.5-9.el10_0.x86_64.rpm 0f15ca67ed747ee3cc2fe6abfee37d30ab4a8d481a9a86876375807bb5699adb RLSA-2025:13598 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) * kernel: wifi: ath12k: fix invalid access to memory (CVE-2025-38292) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.27.1.el10_0.x86_64.rpm f67fd463106dfef49f9cd9e85518aaf90de513dfcfc974b5169f5b9a15cda1a2 kernel-debug-devel-matched-6.12.0-55.27.1.el10_0.x86_64.rpm d005508e72b7509373030fbef91e42b16b4777a403b2a29fafcfe3212c16f68e kernel-devel-6.12.0-55.27.1.el10_0.x86_64.rpm f06dc1295da7be10cf377fd107ce44dede456199eefb19255d46b1a196a4a9f4 kernel-devel-matched-6.12.0-55.27.1.el10_0.x86_64.rpm 920907719f5ed878bd755ab8c216a138d811747824462b7190d63a1053453c0f kernel-doc-6.12.0-55.27.1.el10_0.noarch.rpm 794200da05e099238a3419aae127c59934fcd9d5a559c7a996adaa9da27a7a81 kernel-headers-6.12.0-55.27.1.el10_0.x86_64.rpm f8707d69e00593233213c3b744351fe8af8783ba450661e3cd39902cf1ec42e9 perf-6.12.0-55.27.1.el10_0.x86_64.rpm c2c76d8747d8370be07a19f200a54286ac9b51363e2838710691c7219e17f630 python3-perf-6.12.0-55.27.1.el10_0.x86_64.rpm 45b42aeea7d6c671eb814056086a46a1c472aa33603035036e9069dece8f450b rtla-6.12.0-55.27.1.el10_0.x86_64.rpm 1e0c7892afd4fed00fb640e98b75f776e7a055ca0ac81806283bb2b84b101289 rv-6.12.0-55.27.1.el10_0.x86_64.rpm d3648abed8a20e14a8fdd185ab83ed32eabde6ada30ba48a4727892e0e64474e RLSA-2025:13674 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for toolbox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): * nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit (CVE-2025-23266) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms toolbox-0.2-1.el10_0.x86_64.rpm 8c91f2f041be1a66ed8e4ef273f2b475d7f19c5e2c3310a4d57e6ecfe4341920 RLSA-2025:13941 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms golang-1.24.6-1.el10_0.x86_64.rpm 4773689eb73f17d4dfc979a97cf6f866e9c421587e9e450718119c21d368ea7d golang-bin-1.24.6-1.el10_0.x86_64.rpm 0755f0d4bf4c83bea230a5236c327a42d1fa55261b14c0ace6a6c68d6e85b75a golang-docs-1.24.6-1.el10_0.noarch.rpm c8015b335c5881328c5e1ea21aab8e9487e278ded209f83b111b0a870925aea1 golang-misc-1.24.6-1.el10_0.noarch.rpm 9d833125417d6f49f9dc2a9c19bf9454ea27c78b6d319168faff5c6491b640b7 golang-race-1.24.6-1.el10_0.x86_64.rpm 21d2f7850eb3272690e57cd6e3675fbe62973228227ec905c3e03a8060f3385e golang-src-1.24.6-1.el10_0.noarch.rpm aace02df66e63925e08917bd1704188ea6726490a414e5f5f1f5b9b0ff6051c9 golang-tests-1.24.6-1.el10_0.noarch.rpm e7152f56606fe5f068a38d2d2e40d491f9670cc56cb216e7c1d8fc558ffd4491 go-toolset-1.24.6-1.el10_0.x86_64.rpm a9c32946212048fb0933b6f4b254ba7021fdc56804b34aa806b13da9df58f2f3 RLSA-2025:13944 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for openjpeg2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: OpenJPEG OOB heap memory write (CVE-2025-54874) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms openjpeg2-2.5.2-4.el10_0.1.x86_64.rpm 661a071484cf048ff8d3fd27790cf566fc417093f8820e61124a3cf8eb638260 RLSA-2025:14137 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms bsdtar-3.7.7-4.el10_0.x86_64.rpm 67d09bdb3967de42b5ba19e8b9db8b9c0711e5ae1a637c229104281963094509 libarchive-devel-3.7.7-4.el10_0.x86_64.rpm 780c9b2bcb5c9e92d6d408b384bc384da4888545f9368dd25563a35993455b5e RLSA-2025:14178 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-52434) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms tomcat9-9.0.87-5.el10_0.3.noarch.rpm 74e2a6fbef93fe6dada5062baa99ea2ae81539c66150c379e326ceff3d5f00ae tomcat9-admin-webapps-9.0.87-5.el10_0.3.noarch.rpm d5991ed5ea05046e1b9ded1ee71728137bf6cd5265e7a85fd43cc234b4a63cf1 tomcat9-docs-webapp-9.0.87-5.el10_0.3.noarch.rpm 27e9f00f4b4db5a618c88766816ea04e334e413b81d6df87309f92e797f2af01 tomcat9-el-3.0-api-9.0.87-5.el10_0.3.noarch.rpm 661c5eb96bedd37e4dd1988be1912a09dfb4246df01619be0a95decb6a739a0a tomcat9-jsp-2.3-api-9.0.87-5.el10_0.3.noarch.rpm d564b100d3af37696d23407cbec19f38dc10d5f263bc6463526307f297f9e751 tomcat9-lib-9.0.87-5.el10_0.3.noarch.rpm 56221df788f2fd94b729cbc24645ef14577c2a60e21394c4ccebbe3c466e437a tomcat9-servlet-4.0-api-9.0.87-5.el10_0.3.noarch.rpm 197343759673b4df77e1cd4b653ff18640c1145a111abcf65f293bdf2cd640b3 tomcat9-webapps-9.0.87-5.el10_0.3.noarch.rpm a92fb0bc741de5bed29ded39ffc1090c13d44d8e4663ed876455b9ec62dc79f0 RLSA-2025:14179 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms tomcat-10.1.36-1.el10_0.2.noarch.rpm ecb917e318806b30780490e980d3321c09c3a9d0a55191e03a6e6aa155bb2f9b tomcat-admin-webapps-10.1.36-1.el10_0.2.noarch.rpm a170a83d4db067f3716cc75b312457ae573a69b8abc08e35bf067456dd8d6556 tomcat-docs-webapp-10.1.36-1.el10_0.2.noarch.rpm afc999a8b23e6e5bcd6fa3cb5dd0cec0c53b7092bdb3c8f5763ba7523102d44c tomcat-el-5.0-api-10.1.36-1.el10_0.2.noarch.rpm d74a96e6451c0457caf006ecf5cb3f9c05a335f5155526ff7e43ea76d96de5ec tomcat-jsp-3.1-api-10.1.36-1.el10_0.2.noarch.rpm 40f0d2b7943d8439b32a461f3b324e8add8d7a2eb2989ca4c685b0a4ff0806bd tomcat-lib-10.1.36-1.el10_0.2.noarch.rpm ae430958b25c1ff702c75b963827c5cd5c79c9d0e1b7cc97c10a86e80c3e2625 tomcat-servlet-6.0-api-10.1.36-1.el10_0.2.noarch.rpm eafac0514a1c171b579247cb0bd32de6b9e6446344213797e664d21eb1f5ee3f tomcat-webapps-10.1.36-1.el10_0.2.noarch.rpm b7378649e8898b6bbbbaaf8633261fdfb57139d41c243d6269728b2a2ecaf834 RLSA-2025:14417 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-128.14.0-2.el10_0.x86_64.rpm b97a2317f96b8feef7e492b4cb4ffbbb9782cce5c616b012d86aa3e66abf498e RLSA-2025:14510 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net_sched: ets: Fix double list add in class with netem as child qdisc (CVE-2025-37914) * kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200) * kernel: ice: fix eswitch code memory leak in reset scenario (CVE-2025-38417) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.29.1.el10_0.x86_64.rpm a7ad7aae25ae5182e0228c69e4a3a56b5b9068ccf58ec082a1b03e8579457db6 kernel-debug-devel-matched-6.12.0-55.29.1.el10_0.x86_64.rpm a85c220da16990e895f8a4e61c19b499da8e75413f2ea51f36ebf225378ecb8b kernel-devel-6.12.0-55.29.1.el10_0.x86_64.rpm 4d42161057896f6c720a35b65e13cc511df436d9c6c47b35e3bcdd19bece2df2 kernel-devel-matched-6.12.0-55.29.1.el10_0.x86_64.rpm 254723cfa0397b214dde2a6ecbb9feccb606ae17315d6af192f4008adbea7807 kernel-doc-6.12.0-55.29.1.el10_0.noarch.rpm 69f9d1a4bfddfb638d9fb96b6b6e9bdaaf79156301c0b03028e131716bdc138a kernel-headers-6.12.0-55.29.1.el10_0.x86_64.rpm f78e675bdba32689b05d611f6c20e77b2acb1a4dddd95b9c98b887e39ee6d256 perf-6.12.0-55.29.1.el10_0.x86_64.rpm a35b3b4850c759aedd11cefb15a4825e39158b062abb644cd20fc5c332bc4409 python3-perf-6.12.0-55.29.1.el10_0.x86_64.rpm 3cdf9abbdba96c54891b68277ff89a3bfc4c4a464dfbcfcabd07010a3050e366 rtla-6.12.0-55.29.1.el10_0.x86_64.rpm 5264185961f2cdab38e56e4cefb908a0c9b5daa76100e9a9b60b7deef6897193 rv-6.12.0-55.29.1.el10_0.x86_64.rpm a6934d11a5cc4ef08fddb778b5100901a2c01162f5fa771845286623aede6375 RLSA-2025:14592 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for aide. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fix(es): * aide: improper output neutralization enables bypassing (CVE-2025-54389) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms aide-0.18.6-8.el10_0.2.x86_64.rpm 300101ceefc672071558b57905fdb3c5a96576f3cbe095bf288ced153e54045d RLSA-2025:14625 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_http2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module (CVE-2025-49630) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms mod_http2-2.0.29-2.el10_0.1.x86_64.rpm d1884648d02e52f78744980b0854319fdb9cc81785ecc0adc9539a034921e3ee RLSA-2025:14826 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for postgresql16. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. Security Fix(es): * postgresql: PostgreSQL executes arbitrary code in restore operation (CVE-2025-8715) * postgresql: PostgreSQL code execution in restore operation (CVE-2025-8714) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms postgresql-16.10-1.el10_0.x86_64.rpm 8cd80777b34c819cc7e4bc10b19d6d9ffbaed6ccdc1432f57acc67aa7b8dd396 postgresql-contrib-16.10-1.el10_0.x86_64.rpm 38364941fbc18245b63ddf2b13994fa782ba5024bace018f14f078f99d9d635e postgresql-docs-16.10-1.el10_0.x86_64.rpm 9719920fa164c4907a97074fb5ac02709e7a8d619bc3af175882d865eafd5f25 postgresql-plperl-16.10-1.el10_0.x86_64.rpm 0afb3c1c78b173ed3e796c79329c5274154b2a89078baf31ce09a2cda93f2e22 postgresql-plpython3-16.10-1.el10_0.x86_64.rpm 0960eb82e13777663b28b7d70cf3c723774829f888a095081d9442b8519f38f4 postgresql-pltcl-16.10-1.el10_0.x86_64.rpm 0396a671dbcec458076cae4d8a8a9cfb7b0d0ce3ed754376962614520cd65303 postgresql-private-devel-16.10-1.el10_0.x86_64.rpm 2f7b20cc8990ad2ccac0a23796109cdd66728729a79d650d5ec7aac5330b50d2 postgresql-private-libs-16.10-1.el10_0.x86_64.rpm a4ceb637a258938880c10f69443db1ff9f15fef0444f2ef5158bc4d4a0218e8d postgresql-server-16.10-1.el10_0.x86_64.rpm 3228acafccd043fa04f2b22bb2c6a61db6f1b76e43f461f1798abf3f92ee06e2 postgresql-server-devel-16.10-1.el10_0.x86_64.rpm 7d84eb6ea1f6f578bfa5dbd1c42f3fc1447664b4896607bc3ca31d735ebc9363 postgresql-static-16.10-1.el10_0.x86_64.rpm 1ac5a23e23a31d13be65a39f326d09fde91054f5554d5542575b49cbff5ee1f0 postgresql-test-16.10-1.el10_0.x86_64.rpm 606e819a9f03a218208da7ff34fe8a153c44eeedd1232465ff93e7fcdb717708 postgresql-upgrade-16.10-1.el10_0.x86_64.rpm 0b64a4ea83374fe2b3503613d0542c450a2f1d2a2524ab7b638aa5ac45a81734 postgresql-upgrade-devel-16.10-1.el10_0.x86_64.rpm 669a11b5116fdef6d3304ed23e66b88ab1750688ec45c0b9e81b9493c147f37d RLSA-2025:14844 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-128.14.0-3.el10_0.x86_64.rpm 134e70204196593438adfcb520cc121b4d9e16e69f6b6cb936e7c06f51bf0b33 RLSA-2025:14984 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Cpython infinite loop when parsing a tarfile (CVE-2025-8194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms python3-devel-3.12.9-2.el10_0.3.x86_64.rpm 52493277a725a74ac4ae50a96c085f56439926535286b9e4efa8d1f2f207181e python3-tkinter-3.12.9-2.el10_0.3.x86_64.rpm a1eb8a27d5b3912ba22cd8f86937910d590ef6ec025ba61e21259b79f83ffeac python-unversioned-command-3.12.9-2.el10_0.3.noarch.rpm b37ef9efba6bdaa9eac25323e7e87e04400e496028647b724ec73e7022096fa9 RLSA-2025:15020 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for udisks2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks: Out-of-bounds read in UDisks Daemon (CVE-2025-8067) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libudisks2-2.10.90-5.el10_0.1.x86_64.rpm 40eb9968d41395f4ab6a90b3c9eda76224286c55746be2c0e062a35bc76a8555 udisks2-2.10.90-5.el10_0.1.x86_64.rpm 80ff25c3775358e4d7c4e56c5c53110bac64a7b5ecd378e5c20dbb3b36358a12 udisks2-iscsi-2.10.90-5.el10_0.1.x86_64.rpm cc8c2a8d5c5accfa7602c900d3c24a54a1cdbc2b13e9f5d3f7db736c111655df udisks2-lsm-2.10.90-5.el10_0.1.x86_64.rpm 579dd9b6478a9fda3ed9634977576798c0417a7c5240cf5dd74da8b4ac3f6133 udisks2-lvm2-2.10.90-5.el10_0.1.x86_64.rpm 42b05cc7cbde4ffb55c2e385dda6f6c0ac99711aa89c753da90123d80a83e339 RLSA-2025:15005 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: udp: Fix memory accounting leak. (CVE-2025-22058) * kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CVE-2025-37823) * kernel: ext4: only dirty folios when data journaling regular files (CVE-2025-38220) * kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211) * kernel: tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464) * kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461) * kernel: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.30.1.el10_0.x86_64.rpm 08c498872787c13c42e4cc8aa4dc58535120b69e6657a653be4791fd4bd71d68 kernel-debug-devel-matched-6.12.0-55.30.1.el10_0.x86_64.rpm a0fa769368621a1a91b6cd5e44fe96964fff200534be6d8d98f5326c736769c7 kernel-devel-6.12.0-55.30.1.el10_0.x86_64.rpm e13856e8dabb2a08950c22e04951eeba089f6e184c11e87742a9dcb46071c9d0 kernel-devel-matched-6.12.0-55.30.1.el10_0.x86_64.rpm 70d0e6a15d9e36025e981f6974f17507e9d604009ac0bb6beeee55c5054bd50e kernel-doc-6.12.0-55.30.1.el10_0.noarch.rpm b5e78963af0511b76ad1fa2bd53104ac8a38b0f4d183188311175acdf7c08f07 perf-6.12.0-55.30.1.el10_0.x86_64.rpm a42262bf8e3af9571fde90f0ce0e6ee1e120dac8d962d59794bce27e09a01f67 python3-perf-6.12.0-55.30.1.el10_0.x86_64.rpm 228499686e5e957feb17f6fada3459adb9bd2e1bb9bcaa6922da158a8beb5c4f rtla-6.12.0-55.30.1.el10_0.x86_64.rpm cfc78185e4b30d9915da342bff63bf4332d14993f70f462476bc2d9942006a8c rv-6.12.0-55.30.1.el10_0.x86_64.rpm 774e862a7a6fff421ca8fba07ced89a32e57de97d94ce6087371aa52b34e930e RLSA-2025:15095 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: insufficient escaping of user-supplied data in mod_ssl (CVE-2024-47252) * httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption (CVE-2025-23048) * httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms httpd-2.4.63-1.el10_0.2.x86_64.rpm 39ca4a5d5c294d34d01c023a4b910afc40c33021d06da156f0caa6550ce3b110 httpd-core-2.4.63-1.el10_0.2.x86_64.rpm d7d9671ab8d83e12f24f6dc0a4f56359b97b7f41f13bc27ce4ee3fa6a7e76658 httpd-devel-2.4.63-1.el10_0.2.x86_64.rpm ecc7fb15fb30551214e2903835b6cf18082d7b513634f35bf0b6b4405b881578 httpd-filesystem-2.4.63-1.el10_0.2.noarch.rpm 5be7b3a8027ace91358c2f798e53f4dcc46b2e434314f8c1cca16d3d37b96673 httpd-manual-2.4.63-1.el10_0.2.noarch.rpm f55510c6628918f1cb42924ddff3203f84c000b1cd1e4db33205dc9ed5d67887 httpd-tools-2.4.63-1.el10_0.2.x86_64.rpm 554e7a94a09e954d418849aa0e45d8df9321a0290415f981838c7a1ebd0989bc mod_ldap-2.4.63-1.el10_0.2.x86_64.rpm 34034827fab21af66821cda08bb43f1e4ea58f89d4c831c2506cbc612705ed5d mod_lua-2.4.63-1.el10_0.2.x86_64.rpm 1b98d4a377dd657733e01534beda2d6c3a5e8eacdf86c79753dd72e9bf787d3a mod_proxy_html-2.4.63-1.el10_0.2.x86_64.rpm 51df5b13d065599821869e580bfa170a9ff8ea6bbeee015bf5079d9c4694cec3 mod_session-2.4.63-1.el10_0.2.x86_64.rpm 27967d4859b4993756634ff9cbb356d525f3730ef8cde12008a69689c6e7dbe4 mod_ssl-2.4.63-1.el10_0.2.x86_64.rpm ca37c31b3af38af84a1f1f770d592bbf09713d197046738b794b13c8d136eea8 RLSA-2025:15662 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.32.1.el10_0.x86_64.rpm 1da7ce00cf38cc105030d38bb94b166adfa2d721df618f152dc2ec469cf004f2 kernel-debug-devel-matched-6.12.0-55.32.1.el10_0.x86_64.rpm 633bdfb637a105a9faaa9f03655ca2197a7500b997547ff8f4c647ab18146e6a kernel-devel-6.12.0-55.32.1.el10_0.x86_64.rpm 52f40a66ea33b4f81498d84a1946bca1cf13b2b08710279801205b7985d55c6d kernel-devel-matched-6.12.0-55.32.1.el10_0.x86_64.rpm 5e102595b80096a7baca14549e6cc4a5a8c830a148e4bc033302894c140ed024 perf-6.12.0-55.32.1.el10_0.x86_64.rpm dbc236bb370162cc69f63116f3eee8da7b19c94f45f195e028085cf19d9490b4 python3-perf-6.12.0-55.32.1.el10_0.x86_64.rpm 2c638806f02f029711edc0e8c4868f70bdb6032fcee2a931d8b9e8de5cd4d8e7 rtla-6.12.0-55.32.1.el10_0.x86_64.rpm f50a5bec872f5e165cf5ecff4bcc1c5e9666d446906984325a0ec355a846c562 rv-6.12.0-55.32.1.el10_0.x86_64.rpm fefdeb94bd52f7cefb57e10caef3bb272c7edc0ec3e55020fc9e5977b573ee1b RLSA-2025:15699 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mysql8.4, mysql-selinux. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fix(es): * openssl: Timing side-channel in ECDSA signature computation (CVE-2024-13176) * mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30688) * mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025) (CVE-2025-30699) * mysql: UDF unspecified vulnerability (CPU Apr 2025) (CVE-2025-30721) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30682) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30683) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30715) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21574) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21585) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21588) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30681) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-21577) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30687) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21580) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30696) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30705) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21575) * mysql: Options unspecified vulnerability (CPU Apr 2025) (CVE-2025-21579) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30685) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30704) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21581) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30689) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30695) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30703) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693) * mysql: DDL unspecified vulnerability (CPU Apr 2025) (CVE-2025-21584) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30684) * curl: libcurl: WebSocket endless loop (CVE-2025-5399) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50092) * mysql: mysqldump unspecified vulnerability (CPU Jul 2025) (CVE-2025-50081) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50079) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50077) * mysql: DML unspecified vulnerability (CPU Jul 2025) (CVE-2025-50078) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50091) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50101) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50093) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50099) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50085) * mysql: Components Services unspecified vulnerability (CPU Jul 2025) (CVE-2025-50086) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50082) * mysql: Encryption unspecified vulnerability (CPU Jul 2025) (CVE-2025-50097) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50104) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50087) * mysql: Stored Procedure unspecified vulnerability (CPU Jul 2025) (CVE-2025-50080) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50088) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50083) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50084) * mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025) (CVE-2025-50100) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50094) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50098) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50096) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50102) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms mysql8.4-8.4.6-2.el10_0.x86_64.rpm 9ab4f1b27cce2084ed507afd86531225d9894f5fa19471f3bc107d9f8720f303 mysql8.4-common-8.4.6-2.el10_0.noarch.rpm b00f64905687fb131a234fa7eb8cfbf01c82d55158e117d99ce6b0f8dfff877c mysql8.4-errmsg-8.4.6-2.el10_0.noarch.rpm 4e4119b62c7395860583065fc1a0792e5cf336b0e3820babc0b39cc7de6528f0 mysql8.4-libs-8.4.6-2.el10_0.x86_64.rpm 2e49268285cb97841baf89326dddb5842839c1ceef2f0a8acb4d28b934d2540a mysql8.4-server-8.4.6-2.el10_0.x86_64.rpm 2c4d73fc062ba4634dbf7d31a073d67ce222416ec72d114fc747c7e371e611b7 mysql-selinux-1.0.14-1.el10_0.noarch.rpm 6e96fc73b86d1fcb2205efe0362501f06665351449502bf0ca4bd11e15c17025 RLSA-2025:15701 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for cups. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS (CVE-2025-58364) * cups: Authentication Bypass in CUPS Authorization Handling (CVE-2025-58060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms cups-2.4.10-11.el10_0.1.x86_64.rpm 142dbf19595c46aa44b91bf38d8a17dea63c4340230fd93090813f59f75b9db0 cups-client-2.4.10-11.el10_0.1.x86_64.rpm 7b36ef3368c524c363cc19dd51501234ff9e98eee9feb5321c5153f43726ff15 cups-devel-2.4.10-11.el10_0.1.x86_64.rpm cc149c12b8e4daad3908f1a12dccc6688e9148b17b7ee9258caa62870ca01281 cups-ipptool-2.4.10-11.el10_0.1.x86_64.rpm 9fe56b5a26f7c553a0b2a24c3d777b7c990703f43588b154efe687a60a535bf8 cups-lpd-2.4.10-11.el10_0.1.x86_64.rpm bfa1a1b637f5553f0f9d47c5103b6a700e18fec6a18ce08a5e2e35dee5626744 cups-printerapp-2.4.10-11.el10_0.1.x86_64.rpm 96684b8a6b81fd6a2f6a7248b73d28cd16a679a85bbdcca2f0c0d9491bab1a63 RLSA-2025:15901 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: Podman kube play command may overwrite host files (CVE-2025-9566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms podman-5.4.0-13.el10_0.x86_64.rpm 7d23f0629fb06750e84793a2525875cbd4af6d291d14b0de9558e2faac04e91b podman-docker-5.4.0-13.el10_0.noarch.rpm d244c5274a4dcfb729f6b4dbaa6d690299fe89c525f5c66f69555dfca5fe9963 podman-remote-5.4.0-13.el10_0.x86_64.rpm 0ea8eb676c816bc60039e71c10f4f8bd94c93161cdca61b52d21c52254b74c2e RLSA-2025:16109 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms firefox-140.3.0-1.el10_0.x86_64.rpm 2345152d5d4165f4c5e39aea5b178b188c25f7ba240a8a485df5a0d0143448f5 RLSA-2025:16115 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnutls. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: Vulnerability in GnuTLS certtool template parsing (CVE-2025-32990) * gnutls: Vulnerability in GnuTLS SCT extension parsing (CVE-2025-32989) * gnutls: Vulnerability in GnuTLS otherName SAN export (CVE-2025-32988) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (CVE-2025-6395) Bug Fix(es) and Enhancement(s): * gnutls: Vulnerability in GnuTLS certtool template parsing (BZ#2359620) * gnutls: Vulnerability in GnuTLS SCT extension parsing (BZ#2359621) * gnutls: Vulnerability in GnuTLS otherName SAN export (BZ#2359622) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (BZ#2376755) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms gnutls-c++-3.8.9-9.el10_0.14.x86_64.rpm 9a215d62a4178267ccbdef1ab82d7729956a0a7b5f65b16c1f4c664455affb3e gnutls-dane-3.8.9-9.el10_0.14.x86_64.rpm cb08afc3ced01a03aadcf25b7de3ce8a780c5278dc4bea34bb42bd5b83a03cb6 gnutls-devel-3.8.9-9.el10_0.14.x86_64.rpm aa8b516d419029c90143f8d05b8a85ba466683e23648ce257e2ff0033e79fd8a gnutls-fips-3.8.9-9.el10_0.14.x86_64.rpm 7ce224ba72dd021dd0128aab2c92992b51623096e5b3ca8aaaf4c801dd3ae7c2 gnutls-utils-3.8.9-9.el10_0.14.x86_64.rpm aafc4e1ed2e6e8c6ef7432feea29f33322406b4d460b0d774e9bb1d1530dd228 RLSA-2025:16157 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms thunderbird-140.3.0-1.el10_0.x86_64.rpm a2f2ebef365786d8c0e92016e86ef41ec86f473eda609b9e7301be160c661282 RLSA-2025:16354 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length (CVE-2025-37810) * kernel: sunrpc: fix handling of server side tls alerts (CVE-2025-38566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms kernel-debug-devel-6.12.0-55.34.1.el10_0.x86_64.rpm 363c61ac02686dfba87c11d6540a2aee4ba2676e5d75683d4966c407fd1dd11a kernel-debug-devel-matched-6.12.0-55.34.1.el10_0.x86_64.rpm 80f4d011ac3af896cab71ccc9b88e149bc1b9ecc293090e492ad89449bd39562 kernel-devel-6.12.0-55.34.1.el10_0.x86_64.rpm 920eefeb986b140dd4f5c41059f08984fc090bd177e01aaf684a3661e4b42b3b kernel-devel-matched-6.12.0-55.34.1.el10_0.x86_64.rpm 7798940ccc9aac950b2042ca4258f960ac7dff5cc0826e5fe570aa887bdf4b61 kernel-doc-6.12.0-55.34.1.el10_0.noarch.rpm f9fb5270006daa120355ae10c42284aa2f0091619a2cb1c1fda623e07bec156e perf-6.12.0-55.34.1.el10_0.x86_64.rpm 9d258bf9cf6bd6fb644f2254227f47ce4ea05770700e28b22473c7c45c293b7c python3-perf-6.12.0-55.34.1.el10_0.x86_64.rpm 8373bd48b8fe33f8c2faa0c5bcdd6871afe7fbcc2b5e676459118e3ca280fe97 rtla-6.12.0-55.34.1.el10_0.x86_64.rpm 41d7d8f60842fc05f152a101e3f774d891692df944ac43777bb527c5b808cb33 rv-6.12.0-55.34.1.el10_0.x86_64.rpm f59f02f3991c51ad081dc5cf51b02be020f358f97d5cbec51239fd432fe3611d RLSA-2025:16432 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms opentelemetry-collector-0.127.0-3.el10_0.x86_64.rpm 0fa9ee24ea481ad6ad221feb3d4898453ec90b7f5c4cb474738130a9eee8d061 RLSA-2025:16428 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libtpms. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtpms is a library providing Trusted Platform Module (TPM) functionality for virtual machines. Security Fix(es): * libtpms: Libtpms Out-of-Bounds Read Vulnerability (CVE-2025-49133) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms libtpms-0.9.6-11.el10_0.x86_64.rpm 12dd8cdfc9050211f18b483635b05acddb0e961ed09c239b7fb360177b474f04 RLSA-2025:16441 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for avahi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Security Fix(es): * avahi: Avahi Wide-Area DNS Uses Constant Source Port (CVE-2024-52615) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-x86-64-appstream-rpms avahi-devel-0.9~rc2-1.el10_0.1.x86_64.rpm f52e07cfa3fbe5a2afd30e7458ca8963c3879b93903f6489ca5ee90fd899ce84 avahi-glib-0.9~rc2-1.el10_0.1.x86_64.rpm 11da2dc9d7b27fd635a0fec80ad1d0e7270ef33411caa924b620532232d7a2b4 avahi-tools-0.9~rc2-1.el10_0.1.x86_64.rpm 379df227079af1efb4a9870c7e185c1fd78be23bb74540661f58b28d0c68dfd0