Moderate: kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396) * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527) * kernel: cifs: Fix the smbd_response slab to allow usercopy (CVE-2025-38523) * kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682) * kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698) * kernel: s390/sclp: Fix SCCB present check (CVE-2025-39694) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.37.1.el10_0.ppc64le.rpm 99afc3bc878b9368cb9a4a90f4fd0362bd63cf547009a54384f43ce16bf39524 kernel-debug-devel-matched-6.12.0-55.37.1.el10_0.ppc64le.rpm 9892b8443a00b0f7b1afc03d29d5ee92782305c64455e3c2babd074da21a4a5f kernel-devel-6.12.0-55.37.1.el10_0.ppc64le.rpm 89cce4785f9acc1c1faec43cbbf87cbf148713caf90f95ff6189956198a71c79 kernel-devel-matched-6.12.0-55.37.1.el10_0.ppc64le.rpm ee0388db87fe29f8dda4d2a0b1234d759c89129a34a5eb92b8716966fa1d4af0 kernel-doc-6.12.0-55.37.1.el10_0.noarch.rpm a1ac32c34607833c710c5902cfc1018a04e20d4788d7266a6ccb821f47643d9b perf-6.12.0-55.37.1.el10_0.ppc64le.rpm 2cf4ec875125a2a666ea06fcaac47dfde17fd3e78b6fc1420250af9e513d2805 python3-perf-6.12.0-55.37.1.el10_0.ppc64le.rpm 1ac14f3f69f14c87ef26a2c28dba2368b0f75641190dc6e571f0e65f3b27d773 rtla-6.12.0-55.37.1.el10_0.ppc64le.rpm 8e8d1ae7ed669a186dfea58995184569790710ed40e9392524270b4165580dc3 rv-6.12.0-55.37.1.el10_0.ppc64le.rpm fb101817d5ebf536e025c1f163e87b7adc6769dcfb877958d98788ce50d39a8d RLSA-2025:17085 Important: ipa security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-7493) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms ipa-client-4.12.2-15.el10_0.4.ppc64le.rpm f389a32428dacbac1d264a0ff4365eed95bb35a1f23af242bd450169eea279d0 ipa-client-common-4.12.2-15.el10_0.4.noarch.rpm bf2ffd4b0910fc72cae5d3600870555b49c6996b5ffe3867900c2b05488185ab ipa-client-encrypted-dns-4.12.2-15.el10_0.4.ppc64le.rpm b12703b3a3946335871f1aa571f79ccfd7e8dda484cb8423c4035e982bfb3afa ipa-client-epn-4.12.2-15.el10_0.4.ppc64le.rpm 9ebd76b424efa48741ebbd4637a20feb07776b14bb0dbec42a5f7ab6759f263e ipa-client-samba-4.12.2-15.el10_0.4.ppc64le.rpm cf3206729669ea52a129493c91a852e7728bd167ba00f67cf4f833aec5083f35 ipa-common-4.12.2-15.el10_0.4.noarch.rpm b669a87218c94c65720ded545b0be47d09d53823ffde3e44b2c800a7e960c40f ipa-selinux-4.12.2-15.el10_0.4.noarch.rpm 9fcc498fdbeb59c1f3666a1fb65744fd3309ea356e2daa95b5f488134c90fc85 ipa-selinux-luna-4.12.2-15.el10_0.4.noarch.rpm 027300560ce6195962457cfbd64af0060014a378f1c90bcfe1dac67ec716839e ipa-selinux-nfast-4.12.2-15.el10_0.4.noarch.rpm b0ce410d8e96f7ac938714aedf2a6088ffc94cb80fd7d3f6e5dc92863e80eaa1 ipa-server-4.12.2-15.el10_0.4.ppc64le.rpm 826070bfdddc550bbf4a3bc52acfb6ac36445b744dc843dc92d4abe05c1cfb66 ipa-server-common-4.12.2-15.el10_0.4.noarch.rpm 2d4629a5a13c49f35fa9ca50e3257dfec870ea8d687bf18bd9f9ec7b53fcf2d5 ipa-server-dns-4.12.2-15.el10_0.4.noarch.rpm 13cb1b4a2b64c0636a2902942e932bba7691219c1c0b1b6105ad6d4db00c6ba5 ipa-server-encrypted-dns-4.12.2-15.el10_0.4.ppc64le.rpm 830a9846814cddb9f21f77b1bae3efe154084d08603062365c213c5c6be35e65 ipa-server-trust-ad-4.12.2-15.el10_0.4.ppc64le.rpm a871e5aefae5e1c7a4f0196c21b6ccfc6888a56e75b8c6b2e1d9081b022af07a python3-ipaclient-4.12.2-15.el10_0.4.noarch.rpm 71d58a186df583d49049166b6469053fdca1b8f222122ce67b52f7da9a81e0ab python3-ipalib-4.12.2-15.el10_0.4.noarch.rpm ed44dd38a1d5d1918c30602fbb7e80d254231254f0d053b82b347d34c0246e98 python3-ipaserver-4.12.2-15.el10_0.4.noarch.rpm 24f51609ea8226d2f14c8873ec839e2e8bcaa6c00297792a1f09bc4e1d53b650 RLSA-2025:17776 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556) * kernel: wifi: ath12k: Decrement TID on RX peer frag setup error handling (CVE-2025-39761) * kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CVE-2025-39757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.39.1.el10_0.ppc64le.rpm 0735e7e5f6cb4cf334f6a63c509c806e1bb1d8cdf0346cbfd35e5c09ef4e9566 kernel-debug-devel-matched-6.12.0-55.39.1.el10_0.ppc64le.rpm 0926bd717f06e752760ef5018a22523fffaa6cb42c07c84860f8a3a64022051a kernel-devel-6.12.0-55.39.1.el10_0.ppc64le.rpm e964b9d3fc98ccf04e6f649fd6e0961f8c6f8b5e9af93e2b365d9cfaf5ee89c8 kernel-devel-matched-6.12.0-55.39.1.el10_0.ppc64le.rpm b01c9ca8bac9a90af47cef8607ed24191baba401212339d434ba897ed76b05c2 kernel-doc-6.12.0-55.39.1.el10_0.noarch.rpm 19b6b4434908ca12c6b1f4cc2098ffab94503ac7ca8c408909c9ab9423a9d87d perf-6.12.0-55.39.1.el10_0.ppc64le.rpm 75d9172cdaac5d9bd5a12eea4561418cd90cefd0ec8489b1ef72a0005515e4c3 python3-perf-6.12.0-55.39.1.el10_0.ppc64le.rpm ce5f1dd66ece276476d88e26611c40361729f046398b5e48de5398ca010acba9 rtla-6.12.0-55.39.1.el10_0.ppc64le.rpm 844d5aafc48411a53ca1e9448083612fea54862e06a129ea1c118719a4fe887c rv-6.12.0-55.39.1.el10_0.ppc64le.rpm b182c82bceabf8324a9f5b8a68cff2b00279e5a7f57a620282bcfb8729036913 RLSA-2025:17913 Moderate: vim security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for vim. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: Vim path traversal (CVE-2025-53906) * vim: Vim path traversial (CVE-2025-53905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms vim-common-9.1.083-5.el10_0.1.ppc64le.rpm 5fa48e789706e4235334a41845644104ec43da91de938b82be608cfc64772755 vim-enhanced-9.1.083-5.el10_0.1.ppc64le.rpm 1a00bde2257e1a39fac771804dd4ba9256dfb2fc9c715fabd0e74aba70df7024 vim-X11-9.1.083-5.el10_0.1.ppc64le.rpm fbd1bf3f0019ea25a0fe829f80ade30d0a2419eb88a42bd88d5156d94cc5e2e0 xxd-9.1.083-5.el10_0.1.ppc64le.rpm ce92acbdb380f393fd72fa171bfd46e5afb21a8e3a3178d841eb171fc06b3ac1 RLSA-2025:18154 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * thunderbird: firefox: Memory safety bugs (CVE-2025-11714) * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709) * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710) * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708) * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715) * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-140.4.0-3.el10_0.ppc64le.rpm a100340e24bee106a7b3ec062a2f982ebde06b5c585390d64897751039e66914 RLSA-2025:18152 Important: .NET 8.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime 8.0.21.Security Fix(es): * dotnet: .NET Information Disclosure Vulnerability (CVE-2025-55248) * dotnet: .NET Security Feature Bypass Vulnerability (CVE-2025-55315) * dotnet: .NET Denial of Service Vulnerability (CVE-2025-55247) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-8.0-8.0.21-1.el10_0.ppc64le.rpm 1fdbc7d324647d2af6c7fd62dbbb334f3d7fa18a7079f60d74adafbde0093dc8 aspnetcore-runtime-dbg-8.0-8.0.21-1.el10_0.ppc64le.rpm 16d651197fd34b97a441cab9aba2cf1a62080ebb86b7d0559825baa2b448bc7b aspnetcore-targeting-pack-8.0-8.0.21-1.el10_0.ppc64le.rpm 4c3cc17cc5a8d34abb81e054d42bd7f7d85407c77514f8fb7156873a6a68689b dotnet-apphost-pack-8.0-8.0.21-1.el10_0.ppc64le.rpm 107628f6872c7cacbde5152171065d1225befd60b3b8faa5284af6a96a731395 dotnet-hostfxr-8.0-8.0.21-1.el10_0.ppc64le.rpm 24312b82c94e86207cffffce706192d01cf8aa112d434572577cca64c6f3739d dotnet-runtime-8.0-8.0.21-1.el10_0.ppc64le.rpm 27deedb3551a8e315dfaae365203cdb60706935e2083c46c31e37cba1f573095 dotnet-runtime-dbg-8.0-8.0.21-1.el10_0.ppc64le.rpm 56b506a1e66eb78ae9e48b0a42696bcca954a3c360cfc7ae4313af73047d801d dotnet-sdk-8.0-8.0.121-1.el10_0.ppc64le.rpm c7d4a0de30b6f29df22111418b6ea7993b17f2e7b4288767d0365f344a6a06da dotnet-sdk-dbg-8.0-8.0.121-1.el10_0.ppc64le.rpm 58c23e05af1289a36d2647979d2d83c37a7024b00426a8ca2be4524d54705978 dotnet-targeting-pack-8.0-8.0.21-1.el10_0.ppc64le.rpm bd336b1d88c244c3286b6d32fb82368e056ab3d86396b3b882d532032609bedc dotnet-templates-8.0-8.0.121-1.el10_0.ppc64le.rpm e0644b1a706fd7ac43dbbb2b80ec1334d049fbca85f51c7d6ad94f48b5768f32 RLSA-2025:18153 Important: .NET 9.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime 9.0.10.Security Fix(es): * dotnet: .NET Information Disclosure Vulnerability (CVE-2025-55248) * dotnet: .NET Security Feature Bypass Vulnerability (CVE-2025-55315) * dotnet: .NET Denial of Service Vulnerability (CVE-2025-55247) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-9.0-9.0.10-1.el10_0.ppc64le.rpm 40fa5f528858419a9fa0f957bb3a0f4177b7765fb8067495835407430e1fff28 aspnetcore-runtime-dbg-9.0-9.0.10-1.el10_0.ppc64le.rpm ec472fd3ff21305c4be673deaaddf632058c18bd30a0002fdc3d8ca8336352f5 aspnetcore-targeting-pack-9.0-9.0.10-1.el10_0.ppc64le.rpm f7d058ce5fccf0bc299e995cfc8685b14fb659c2c5931de0db2e2f36dd2a8d10 dotnet-apphost-pack-9.0-9.0.10-1.el10_0.ppc64le.rpm 50ec23c510e0ef6e7c950aa897d30e98dcf3d15ee1d2c8717ad3b54417242391 dotnet-host-9.0.10-1.el10_0.ppc64le.rpm 6e06fbae59e4c3c24815d5ebd8875d29085ac61bf73c6cdc1df1f4ec74b8ea7f dotnet-hostfxr-9.0-9.0.10-1.el10_0.ppc64le.rpm b27b1e85a40f5d54b3f2c921a07f9ca597ea412f436d74e49b5ea03355b55009 dotnet-runtime-9.0-9.0.10-1.el10_0.ppc64le.rpm 558025cbcd40525d5abcc8595908633901d066a0234d600d8c6bfddde77ae00c dotnet-runtime-dbg-9.0-9.0.10-1.el10_0.ppc64le.rpm 9ef44b0d79979c5e6c706909f48186ff4485786bfadef46ef30d4e84dd3a0692 dotnet-sdk-9.0-9.0.111-1.el10_0.ppc64le.rpm 145ef5a296b8ea6d05cf38ce4fb9194ec347b15c6c5395117a218042ca9b9742 dotnet-sdk-dbg-9.0-9.0.111-1.el10_0.ppc64le.rpm 6c2915df71c19f7d8db6edc2a48787ceeb2e178b98b0a0e34beca63f6af8f88f dotnet-targeting-pack-9.0-9.0.10-1.el10_0.ppc64le.rpm 6c55c4dcb261e5024ffc769df55cb68a36d496b073f8a0d31fbc2fdcdb062a0c dotnet-templates-9.0-9.0.111-1.el10_0.ppc64le.rpm d0be9ec8e2a32854f211997533c449c46fa7f065b95f0052f97b48c3ba50846f netstandard-targeting-pack-2.1-9.0.111-1.el10_0.ppc64le.rpm 737ebda3880ce138f00b010c32291a638479b3d2eb863aacde419cfb989409a4 RLSA-2025:18183 Important: libsoup3 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. Security Fix(es): * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libsoup3-3.6.5-3.el10_0.7.ppc64le.rpm 6429a05672ab309f1e15c715af7e6290af4e70c4da3ff84a7cebec51aeae7ce3 libsoup3-devel-3.6.5-3.el10_0.7.ppc64le.rpm 92f58930c91a3540654621e37f86b412e540f3b82c597d6e6ef156a516a49bbc RLSA-2025:18231 Moderate: libssh security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): * libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libssh-devel-0.11.1-4.el10_0.ppc64le.rpm 5dca939a1205def8d0779c88b431b1f88eb7a2b56dad2f4bf07595c1c168b4ea RLBA-2025:6597 Critical:libxml2 bug fix and enhancement update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-ppc64le-appstream-rpms libxml2-devel-2.12.5-5.el10_0.ppc64le.rpm 396d3b1e7bed5d807287d051a9478a87bc7bb531372fc330b13627e8e37cd275 RLBA-2025:6470 Critical:rsync bug fix and enhancement update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for rsync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-ppc64le-appstream-rpms rsync-daemon-3.4.1-2.el10.noarch.rpm 05b44dbb42deda398ce20f4b8d63426798dd81d5d172a998c62a84d59c74c958 rsync-rrsync-3.4.1-2.el10.noarch.rpm 18ccf31ba09020a528cd9660f1adfc5ff1717215ccd5f6ef92924fbde44d4989 RLBA-2025:5309 Moderate:mod_proxy_cluster bug fix and enhancement update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_proxy_cluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10.0 Release Notes linked from the References section. rocky-linux-10-0-ppc64le-appstream-rpms mod_proxy_cluster-1.3.21-1.el10.ppc64le.rpm 75fddaa79eaeb59ceacf6d16ac7083f35b4c3d2b1c5a2d50c2a6b738f6ef8655 RLSA-2025:7496 Important: libxslt security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libxslt. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libxslt-1.1.39-7.el10_0.ppc64le.rpm bbb137e3a36b77de72ede7a3d7387f537eccaac8ead1eb0bcc9f1af2a6925049 libxslt-devel-1.1.39-7.el10_0.ppc64le.rpm ea9a5ca6ab7867af2df744b7563231ffe77791b65414c64515f8a57e53e2adef RLSA-2025:7466 Moderate: delve and golang security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve, golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341) * golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336) * crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms delve-1.24.1-1.el10_0.ppc64le.rpm a068857d8c215dfa0f1144869b78c627d6da600ae27179f16379bb965024e649 golang-1.23.7-1.el10_0.ppc64le.rpm aaebd2d14fdabf28ca2e2dd7ae3c68c691e6c55f942032d2d8cc24dc66f64302 golang-bin-1.23.7-1.el10_0.ppc64le.rpm bb1268254943ccbf3c8e4593bcf3036527be19f80e52a9947048bb2fc7a65838 golang-docs-1.23.7-1.el10_0.noarch.rpm a173b0da2e4752bfec1cf06f363224f6fa16ddba7370e6f2ffb8247587a4bcf4 golang-misc-1.23.7-1.el10_0.noarch.rpm 7bc05ee75edf98cb9343ef66d21fe35c1c592c61ba91484f778ac863170b4c0f golang-src-1.23.7-1.el10_0.noarch.rpm 96f3dbb87940a6cfb09e7cc728c9fa35b1823688d51cdc133a0f9d051890835a golang-tests-1.23.7-1.el10_0.noarch.rpm 859c5d5d9e4832afaeaf815e3564bfe80ada878f8e9efec2845d1c0e0cadbe4f go-toolset-1.23.7-1.el10_0.ppc64le.rpm 09a3e329a7906a0b2391f0df2c585ae71401f75c26e681ef7515755b4b1a5665 RLSA-2025:7476 Important: python-jinja2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-jinja2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gvisor-tap-vsock-0.8.5-1.el10_0.ppc64le.rpm c5ec77866c66900ee2de1c82464fa9fe6daad80844cd0890b89c15fc8ccca6ae gvisor-tap-vsock-gvforwarder-0.8.5-1.el10_0.ppc64le.rpm d33ef319403a82e649fbbd937fed592a41c06d98fbb2e74523e7581c6e60d8e2 RLSA-2025:7510 Moderate: libarchive security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: heap buffer over-read in header_gnu_longlink (CVE-2024-57970) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms bsdtar-3.7.7-2.el10_0.ppc64le.rpm fa696beebaddcb685d89fd5617e78dad5369320f1655b5a34d38de157bc5a98e libarchive-devel-3.7.7-2.el10_0.ppc64le.rpm 5397eb5917f923e45a53938ef123831c6f8612b3ecfd049657cc83674ce6ff58 RLSA-2025:7500 Important: perl security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes (CVE-2024-56406) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms perl-5.40.2-512.1.el10_0.ppc64le.rpm 18135929bd09d45ff8a63df92eb5be2bfa99ff1a92cc2b88ee7310e20a82e369 perl-Attribute-Handlers-1.03-512.1.el10_0.noarch.rpm df82bff8696134f3dc521dd8b8443178771c46142a732b5626990b8c50b7f322 perl-AutoLoader-5.74-512.1.el10_0.noarch.rpm 2b4fca6da03e83a1f282dd4752b9f8f01c285fbabd0ff41d03ab8726d63cf223 perl-AutoSplit-5.74-512.1.el10_0.noarch.rpm 47d60990ce13c089eea37d3a61fcd0f19f9cd592c76e7f37c61feabc2dc9b63e perl-autouse-1.11-512.1.el10_0.noarch.rpm 2aed9a5c5c3c64195602f3745dfae8ce3810635d8cffadc3c000cc890ddd103c perl-B-1.89-512.1.el10_0.ppc64le.rpm 3a28c4f900361c76cd07de9b71302b34041530615513f5f9bcc9aad583180184 perl-base-2.27-512.1.el10_0.noarch.rpm 64cb01cd07d0b974b1fe31dafc1ee5b2de90cd38f9e6a7885ec3903b83e8f0b4 perl-Benchmark-1.25-512.1.el10_0.noarch.rpm 74ac8e111917550e3ae4bdc752e4021ce8d84ac96ea09db372c5902e59db11ae perl-blib-1.07-512.1.el10_0.noarch.rpm 9105b51ea0d25e084761b4c0090ac6a7920e6ec963b8205050ef0bd5953b9adf perl-Class-Struct-0.68-512.1.el10_0.noarch.rpm b0a5b9a9669ac59df8d16e5f193cc73e2cf6533f56f865fafc28ef0c9bcbe536 perl-Config-Extensions-0.03-512.1.el10_0.noarch.rpm 6f685d02211fce93b0617d99de4c02719ee94e418aaafa7e907a88e11fd861ec perl-DBM_Filter-0.06-512.1.el10_0.noarch.rpm 6f8f99b4dd16050e8554ca0dd65a11c063a26dfdffb224a626ccb3ae0633c5f8 perl-debugger-1.60-512.1.el10_0.noarch.rpm 8fc7bfa0a4fe63fd2e0da152b148598355d27c933e2460d2e9cc79050b352a65 perl-deprecate-0.04-512.1.el10_0.noarch.rpm 9f0afea047f8b7135faf0867cddc951eb1866c137a2cdc16ed9d99c6498aba75 perl-devel-5.40.2-512.1.el10_0.ppc64le.rpm 63286206684164cbe3156669a77158b3684476ce708083c4e72caeef28c8d4ed perl-Devel-Peek-1.34-512.1.el10_0.ppc64le.rpm 656d1a66f3201af9b257f34904df99db692d823f603e9ee2d84641ecb7df7a28 perl-Devel-SelfStubber-1.06-512.1.el10_0.noarch.rpm c5e20dc46a76c81d39581bec7dba3cd34e8bcbd55d0d1695738030c898c97bed perl-diagnostics-1.40-512.1.el10_0.noarch.rpm 9b993ecbf537f9b8cf7fcc2bba8e9237dcbe10fbd1e00fe8b8055b5e3d6a7a8f perl-DirHandle-1.05-512.1.el10_0.noarch.rpm d64e1eccf3366c9be2a3998b26bdb732314caedfede71f45729f2b66e700a3aa perl-doc-5.40.2-512.1.el10_0.noarch.rpm ccbbf526615bcc2b8076d26e5b957bd587df1185b8a89f10050c80049edd50fc perl-Dumpvalue-2.27-512.1.el10_0.noarch.rpm cae22391d31b927192b3be47b2727061f4455c0a2102000ae3ccdec554d5e0f6 perl-DynaLoader-1.56-512.1.el10_0.ppc64le.rpm 3f229420db61ede8501df39d6b67c87a777fc5f4830e32182ef4adad04786dc4 perl-encoding-warnings-0.14-512.1.el10_0.noarch.rpm 1fbd441fd14bde577f07caa18c9a65a54555bbc379fc93216692240e744d8d74 perl-English-1.11-512.1.el10_0.noarch.rpm b29f221e1a50532d874cd57b0640ccdab73bef336d474dc63b91370b064faa06 perl-Errno-1.38-512.1.el10_0.ppc64le.rpm d696001791c30aae9fbe7472a558b2c32fa5ba18ca418cbdc66c9fc1398fe19d perl-ExtUtils-Constant-0.25-512.1.el10_0.noarch.rpm 673d5d8970de686dee8373ff9f98ac1c2402e68c83f39265122a76385961bc96 perl-ExtUtils-Embed-1.35-512.1.el10_0.noarch.rpm fdb1db30f202624588f7cbf745a4a6c8fca01afdf97210a5770510e7b9c2ace5 perl-ExtUtils-Miniperl-1.14-512.1.el10_0.noarch.rpm e72582fed4537442ae4e4a003b1dda5d9698598fb496633807bc081f0e9c15b9 perl-Fcntl-1.18-512.1.el10_0.ppc64le.rpm bbabf9836f92be622a8c37c9bb9176e38026a639b8d8610541167a675c5a73c7 perl-fields-2.27-512.1.el10_0.noarch.rpm 76406839f2803d7b0cb0e251407e0b2a962badf80d05a23875258f25fce023b6 perl-File-Basename-2.86-512.1.el10_0.noarch.rpm 18fe7a38257dc997a05f6c6c28982b7eeb3b2f3e5faf691fb96d0e937841428a perl-FileCache-1.10-512.1.el10_0.noarch.rpm 2b487ea17c1aa09778b7dbbd7ac1b47dc6a93b26530fe20371b2bdb51258ad20 perl-File-Compare-1.100.800-512.1.el10_0.noarch.rpm 1881005b6b2bde554c16be1802d9bbcd5a909de38ee51ffec32a02583ddb0382 perl-File-Copy-2.41-512.1.el10_0.noarch.rpm fba17e4e04679f16bd6d6504978b8c6d087c92272c84dee25556d094a11c6d74 perl-File-DosGlob-1.12-512.1.el10_0.ppc64le.rpm 5856110c8454ab037b3f05292f85131bc1d0a2ac84f9aef8b6f976d86c8f90fd perl-File-Find-1.44-512.1.el10_0.noarch.rpm 4340329aebc6d4e2a20a4a0262490a02eab3c3f8c14cdbc56167041bfc406da6 perl-FileHandle-2.05-512.1.el10_0.noarch.rpm 3e39fb116ad7d27753bedcef1a6e820f63a60b4c5063bc43fdb243b9650a993a perl-File-stat-1.14-512.1.el10_0.noarch.rpm 69584b304b37a71085d1b1999832552e3dc1f121fa56d4f69a4e29a2e537fa65 perl-filetest-1.03-512.1.el10_0.noarch.rpm 40840e2b871078b6563e722341b7b125b6c9d53966929daeca5120eb6c5dd388 perl-FindBin-1.54-512.1.el10_0.noarch.rpm 9cad58324085e230d93182830c46360a175d1a0ffba308ceebc7b25f5a7a8038 perl-GDBM_File-1.24-512.1.el10_0.ppc64le.rpm a5d91617747a078013ce0af2ca6ddb8f3fff97425957457ecd1451475f67734d perl-Getopt-Std-1.14-512.1.el10_0.noarch.rpm 99dcfad5e06149134c3ec786f6740c6c72b20ab6edb1cdc03369e2d4b2eb7767 perl-Hash-Util-0.32-512.1.el10_0.ppc64le.rpm da76cedc7e2c682caf56a0fb20f51984c919ca41c188829fde96007cc388cdf7 perl-Hash-Util-FieldHash-1.27-512.1.el10_0.ppc64le.rpm fa7aa5f900251fa35f73fa9a70a9b3bba97ad83546cabd2db2c26b8ca00c056d perl-I18N-Collate-1.02-512.1.el10_0.noarch.rpm 6d20a8498404c9197de54883101b165edfe2b93c5c62070b361e40ae8e3b7f30 perl-I18N-Langinfo-0.24-512.1.el10_0.ppc64le.rpm 54255dbe62a9be23bfe8e535ebbadd82d5a7b4b209b430cae159f2ad310709cf perl-I18N-LangTags-0.45-512.1.el10_0.noarch.rpm 7f3c00984f9daf4674a3946e5cd3e42d38241c28cd50a538ad65b933038acb3b perl-if-0.61.000-512.1.el10_0.noarch.rpm 0e7302913d6133623cbe84b6f7cac2e372e6b05d5f79158b1856baf46a731c51 perl-interpreter-5.40.2-512.1.el10_0.ppc64le.rpm 395b1e3ed45b1264fcd78fa0ce73fa672c5db9e1685714b6eb2bc94637b5d6f5 perl-IO-1.55-512.1.el10_0.ppc64le.rpm 5b7ea07fe2b92efaeab4852e29be44f51577e30c4b9b478026759cf6c730e93c perl-IPC-Open3-1.22-512.1.el10_0.noarch.rpm b457c4435a6f06fbc648180db5a51c4438d66b150001498f77ea7c211b372769 perl-less-0.03-512.1.el10_0.noarch.rpm 670ebc3d46f7503f84b3d69f79b0cb7ff7958b8e7253c1b33c195be31fc9e680 perl-lib-0.65-512.1.el10_0.ppc64le.rpm 20a2eb126e54f7f84d503913c7c51af9f06fdd759e01ce5e3053edcce0c4587a perl-libnetcfg-5.40.2-512.1.el10_0.noarch.rpm 41de6c67a452247623014006b4ddb34678ea17acceb43e9df3d2c76725d51ae2 perl-libs-5.40.2-512.1.el10_0.ppc64le.rpm 04856621c2836e541b0daf355f87f154d92b3fbd0859634704515884a9ee78de perl-locale-1.12-512.1.el10_0.noarch.rpm d20218fb1d4cfb6ba774c3c65ada3fc3ed221a352046a7888d828c9cc1f04b53 perl-Locale-Maketext-Simple-0.21-512.1.el10_0.noarch.rpm 0748651e441428a3fe630edd8e59c7c4bd1298c11f73609870dd47f6f1fdbdea perl-macros-5.40.2-512.1.el10_0.noarch.rpm 29508d63ad1c04709cc244b49fee772f1b739c98a5cf40ef77655047e9cb9ab4 perl-Math-Complex-1.62-512.1.el10_0.noarch.rpm c65895672c9bb24c35443a82c397d44f2f1eaba3153f78cac25c474240025754 perl-Memoize-1.16-512.1.el10_0.noarch.rpm d7bce1afae95fba04201089bb45eda58f4a6dffe75e15396ae01735f47020508 perl-meta-notation-5.40.2-512.1.el10_0.noarch.rpm ceb2b652e10eb44fa6b0ab9d404ea5d1a504148c788298974b7f0dda845c996b perl-Module-Loaded-0.08-512.1.el10_0.noarch.rpm c4802ec4db4c080bf27de5740f4460b02dac0afcf04c90e96895d73d81e70caa perl-mro-1.29-512.1.el10_0.ppc64le.rpm 185c2cfcc2c49cc213e591e65313f415bfe2a14540939301e6bb02fab8a1a20b perl-NDBM_File-1.17-512.1.el10_0.ppc64le.rpm 8608798125648d4ec472bb6376dc20da06172b76cba998e82fcf68e31e6d13f5 perl-Net-1.04-512.1.el10_0.noarch.rpm 3f05fb3a1ccdbf490a8da8d17a6b2f49eb891ce079d12d37896a678226717001 perl-NEXT-0.69-512.1.el10_0.noarch.rpm 9bc98bc8feb85d727a82b56b0005d351538fa826649abcdc0d7f94dda0a3f72a perl-ODBM_File-1.18-512.1.el10_0.ppc64le.rpm a95de6bcb5df09e2e51b8d59a2e4560a951fcc41b821efc2534df6443fe18f1b perl-Opcode-1.65-512.1.el10_0.ppc64le.rpm 2b7953689ad3377cd5168f983d276f08b2d9f429ae508f487210f2e97efaf9bf perl-open-1.13-512.1.el10_0.noarch.rpm 5805aba0d8aac827b89fa9b1c6af7998c911c1189b0967b32307a0216270d0d5 perl-overload-1.37-512.1.el10_0.noarch.rpm 9c701c301917c4cd0a536917ee80b2fc29c532745afa6d840aac1e73ae420502 perl-overloading-0.02-512.1.el10_0.noarch.rpm 1567b7808f7d0a3664abddb60175c5009f301886b2b15a1c81ead50987300c5b perl-ph-5.40.2-512.1.el10_0.ppc64le.rpm c10f4e58eba544124f5ac410e894eb5e21a037d215a42f24861cbfce84ef7398 perl-Pod-Functions-1.14-512.1.el10_0.noarch.rpm eeb09288b3ad9d99f248311e87142e9a46f7bc9989727a881b363ba4f6005c22 perl-Pod-Html-1.35-512.1.el10_0.noarch.rpm 8221ab5df8c2b1ee30ecb1582bbdf7ec18586516e5c84ebf0cb4f6555da9a7c2 perl-POSIX-2.20-512.1.el10_0.ppc64le.rpm 6a1bbacbb21be77005401ee07f1e4bb223854ccef9ffda396a003bb6b735dbaa perl-Safe-2.46-512.1.el10_0.noarch.rpm 6144a8a3c79c9e5a80b8607af9c539b134abb4008bcfa2eb0880a18a8459441f perl-Search-Dict-1.07-512.1.el10_0.noarch.rpm 51c258972fdd46bbd373502c17e6b48644f119ea220152a0d3a4b51c1700a0c5 perl-SelectSaver-1.02-512.1.el10_0.noarch.rpm 8431cdd6e9d962bbf1298e488b9e5af8bc7f184ecb81ddadb8fadf58ca223e88 perl-SelfLoader-1.27-512.1.el10_0.noarch.rpm 28d0a2be3dc6a6d05b9e81f46a68fee3d91b26b4461388400dce5b0f27966800 perl-sigtrap-1.10-512.1.el10_0.noarch.rpm d02f886ef561027bc19c4418b8de4b5bc7537fe3d35a17db4c2be08d5db132f6 perl-sort-2.05-512.1.el10_0.noarch.rpm f1430143b9693f9bc1e12d1a9df1544d48cd424fc43c3ba61502be710bc60740 perl-subs-1.04-512.1.el10_0.noarch.rpm 8918c1a21617b7914d8634e7eac6abde85e395b50e6a6e321b93a3968e7f3da4 perl-Symbol-1.09-512.1.el10_0.noarch.rpm 17ead97396a311f64f762f306ccf538c25d49404c16e5012fcfff7795db9a969 perl-Sys-Hostname-1.25-512.1.el10_0.ppc64le.rpm c053e32b88f1e41419a549407f3899cf11833515f7c6c587a2f98ab258a26b47 perl-Term-Complete-1.403-512.1.el10_0.noarch.rpm 66b362c03c004559eb0df57b25449a54fee5c3c473bf9ad824a949a0b9b7de9a perl-Term-ReadLine-1.17-512.1.el10_0.noarch.rpm 9634510df64298d518d9da81f0498e3c32b5770f5b09ca13b173d29b223c7621 perl-Test-1.31-512.1.el10_0.noarch.rpm 526ad97e3b7dcd8863fc3e778974b1472368f7d1a8f17b80a05788fa8a6fdd98 perl-Text-Abbrev-1.02-512.1.el10_0.noarch.rpm 4281e15c48c90708addcc97d41dd25ed9b69c773df3edfc024191d6446d1a506 perl-Thread-3.05-512.1.el10_0.noarch.rpm cc65ce65130f119bce6de89dccb7175ccb960bd6bbbbb2adfc271c4f74ea68cd perl-Thread-Semaphore-2.13-512.1.el10_0.noarch.rpm 86a92e6eb3c9000fb6ea1184ee93b94e0fb0a3ebb51fc4a69672ddf1dbb39749 perl-Tie-4.6-512.1.el10_0.noarch.rpm c504397313693520cb3b5ac42a41f4e460526b0a166eba98ebfe0267c58f9aff perl-Tie-File-1.09-512.1.el10_0.noarch.rpm 81d7b7e5cbc4c391f219ebb42adc67dabfe157c3f33b1d3f1ad9e54aa2b884d4 perl-Tie-Memoize-1.1-512.1.el10_0.noarch.rpm 21cc178b7ea848ba45ef3ffa2fe36ed8904fcae31f89b18a48d6cc535ac83a09 perl-Time-1.04-512.1.el10_0.noarch.rpm 1086aba3487a8b2a57d839272fb1e3cf43753f814604070a7469ef0e965d27ed perl-Time-Piece-1.3401-512.1.el10_0.ppc64le.rpm 7408d193d98dcc57576e30f47ec6d25f4d3b0bf2fc27728e983448bbf05668ff perl-Unicode-UCD-0.78-512.1.el10_0.noarch.rpm e946bb7b7bea19f5129b8a8f51f60b33fb9ef11f48252c61ba0821caa8348088 perl-User-pwent-1.05-512.1.el10_0.noarch.rpm 2e134003c8129f2b32aa4fe533959d092ec05a46c8dcca4388ba21cc680aef6e perl-utils-5.40.2-512.1.el10_0.noarch.rpm b57e93b65d5b1b9382282af8ae96173bc97169fa2afabb3eb3890745f973e30a perl-vars-1.05-512.1.el10_0.noarch.rpm 5a825accc7d995c71c719ec15ab84221c533a3abe6be6b061381d7606a4854b6 perl-vmsish-1.04-512.1.el10_0.noarch.rpm 1105ceabfffbdb6623a09ef153437cf83399cf3c9e90886af08debdef5ea9efb RLSA-2025:7494 Moderate: tomcat9 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms tomcat9-9.0.87-5.el10_0.noarch.rpm b437e4fc937d6b74f899196746d369a6a92329101a31896fa56218c02f46d8f2 tomcat9-admin-webapps-9.0.87-5.el10_0.noarch.rpm 9d89438b2d7d2e13b6ca687b167d642ffaeaa56759ff8ae29ed4b0c6f999c116 tomcat9-docs-webapp-9.0.87-5.el10_0.noarch.rpm da4573e35e6a878c5d8b183fca36afb47d21bd6ddf6986b5036c8fda3a50c899 tomcat9-el-3.0-api-9.0.87-5.el10_0.noarch.rpm 633995220500848334199accb63d5fb50138965dc0ea0be7ba15ff6781f0bfcf tomcat9-jsp-2.3-api-9.0.87-5.el10_0.noarch.rpm 6998f6dff03a9fe84d0f74fe7d58d24d7e852dc4120eece360bfad99e4fd026b tomcat9-lib-9.0.87-5.el10_0.noarch.rpm b4ad34cca71a8de6a211fca37ab3c96e9b9c7ea305fed7b854295b1b4b834f5c tomcat9-servlet-4.0-api-9.0.87-5.el10_0.noarch.rpm 18e71ac028c3f2d5029044ab9c6f2b8b1f9e7807d493ae50a4cc5ca943de0197 tomcat9-webapps-9.0.87-5.el10_0.noarch.rpm 249400041e694a3f0a2163c207d03ea61a785931ebc8a089e7b48bfaf645da9e RLSA-2025:7497 Moderate: tomcat security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316) * tomcat: Apache Tomcat: DoS in examples web application (CVE-2024-54677) * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms tomcat-10.1.36-1.el10_0.noarch.rpm 4cf0f9042968d70ef2898c37fac49a01de1b1cfa3c328bb07b209e3d8dbff610 tomcat-admin-webapps-10.1.36-1.el10_0.noarch.rpm 9d6f90224fc1711fe2b7abdd716b0731eeffed54dd5cc1aa367e2b363761005f tomcat-docs-webapp-10.1.36-1.el10_0.noarch.rpm 6d0065b1bf9c100520228fb27d19e05a21a94c08f7afb93cccc1b8c481217c8a tomcat-el-5.0-api-10.1.36-1.el10_0.noarch.rpm 3976c9f95398f8f87e813ac6f2c3a79195a292f9e82730aa3c2eaaf89eb584c5 tomcat-jsp-3.1-api-10.1.36-1.el10_0.noarch.rpm e1d02f3b4da77ba27efd41c2081f47ff826e02cdb6f7178d694c7f0d690a79ff tomcat-lib-10.1.36-1.el10_0.noarch.rpm ea3e898fec9e468462d24e57789c94a1715e2bee582c87c2323232f238570be5 tomcat-servlet-6.0-api-10.1.36-1.el10_0.noarch.rpm ef37f975774200329ec5683bb10febc6cd7f6be8d8713a6834f245f604f6cf1e tomcat-webapps-10.1.36-1.el10_0.noarch.rpm 5001b035bd821674c28eca7704f915abfad1d76546fce19420e00a3452040571 RLSA-2025:7490 Important: mod_auth_openidc security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for mod_auth_openidc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix(es): * mod_auth_openidc: mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data (CVE-2025-31492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms mod_auth_openidc-2.4.15-4.el10_0.1.ppc64le.rpm 0303375be4cf9fe87cc6fee1e16bf4415d3427b3e53221898701ec2a5ddf9416 RLSA-2025:7458 Important: xorg-x11-server-Xwayland security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms xorg-x11-server-Xwayland-24.1.5-3.el10_0.ppc64le.rpm 7e28ad5c3692aa32513d9cb7b918e21a63869b210e1fad6dcaa37af1c9836641 RLSA-2025:7462 Important: podman security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms podman-5.4.0-9.el10_0.ppc64le.rpm 98301a60404ffd8645176c7e931505cdae08bd79eeca8b771872c929d08b7767 podman-docker-5.4.0-9.el10_0.noarch.rpm 7ae66cfa21aa2ec6ca3c8a9071719dbd74044bbae59aa125845f0deb025a6329 podman-remote-5.4.0-9.el10_0.ppc64le.rpm 767051642c5a18e0b5fcf03cb17c43831fae87e6c21757eb81d5d749b732e4c5 RLSA-2025:7482 Moderate: git security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: The sideband payload is passed unfiltered to the terminal in git (CVE-2024-52005) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms git-2.47.1-2.el10_0.ppc64le.rpm b9174ec550433b97637a026725e17ddac1a3ad0c6f4a3054e060275f4b50c77d git-all-2.47.1-2.el10_0.noarch.rpm bdac5c5ba4bfafed747139711d4f1914945210296dc86facf5432c7f99084f22 git-core-2.47.1-2.el10_0.ppc64le.rpm 9a9854b835ed3867a4b2dd3189ff1ad7fdfc7eac23ac277731db9f20b52a6d3d git-core-doc-2.47.1-2.el10_0.noarch.rpm dff88d5bf97778c8ffa84c94fba0c513a974d8a22377dacb9d0d3d144e8ac113 git-credential-libsecret-2.47.1-2.el10_0.ppc64le.rpm 124faca609e02a23259c98099e44c4671d3bd22c170c90282974e9fd8d84a53b git-daemon-2.47.1-2.el10_0.ppc64le.rpm 74b73d862857537b3b2b8521d5733642985fc4107bbdf0d0183893de8bbcf015 git-email-2.47.1-2.el10_0.noarch.rpm 302cbdefd3aeef9e3cb6a60171ca3ff7359992cb4a9152b7108d104ea115f6d9 git-gui-2.47.1-2.el10_0.noarch.rpm d7de5ac4a009799fac2ddf54a02931c705ee1a98dfbb9c68d7896e07dd1d639a git-instaweb-2.47.1-2.el10_0.noarch.rpm a7b51b56a736417cf73bce8edb49e630148261994fafcf7452aadc661590c3f7 gitk-2.47.1-2.el10_0.noarch.rpm b3aee409817b28b7d56de0fb83098e1cc9beb2e16a62e94090dd8cfdebab8fcc git-subtree-2.47.1-2.el10_0.noarch.rpm 46242bbebcd1ad2839abfd60513fb03fd03784110b4f23a33292b9b36b2767e2 git-svn-2.47.1-2.el10_0.noarch.rpm 3bcd83dd028d37947088d1f3cd86a662a008b0ca693c9e3540f7e9b50b858c28 gitweb-2.47.1-2.el10_0.noarch.rpm 0decb63454ebe01d56cde889e20f36c21e1a53be754ff0371ace2d49352d47cd perl-Git-2.47.1-2.el10_0.noarch.rpm a71275b85f0a971d28ad5a09f367052c44662020585c0053e7ae7dda0527c0db perl-Git-SVN-2.47.1-2.el10_0.noarch.rpm 43f3df75d8bf0c722c592f13c33b87d3e1cb0939f38aa0849043d9b7a60c20b0 RLSA-2025:7478 Moderate: corosync security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fix(es): * corosync: Stack buffer overflow from 'orf_token_endian_convert' (CVE-2025-30472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms corosynclib-3.1.9-1.el10_0.1.ppc64le.rpm efa6cfb7a663cd82a632d2939910af1cf4771b73a0b3ad57e8d6517e0cb932a6 RLSA-2025:7489 Important: php security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for php. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217) * php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736) * php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734) * php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219) * php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861) * php: Reference counting in php_request_shutdown causes Use-After-Free (CVE-2024-11235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms php-8.3.19-1.el10_0.ppc64le.rpm 27365e7b68ae85357b71996e9937eb94138d846c49719112593c69aec5b7c55a php-bcmath-8.3.19-1.el10_0.ppc64le.rpm 24f6c813aedac52f21028c90edbab4187b5705cae6c38f3e4968d8f705ef9a76 php-cli-8.3.19-1.el10_0.ppc64le.rpm 10fa3ba78886f133c2bbd3337c483fd28f7328edada8f71f4747dd6461397ac2 php-common-8.3.19-1.el10_0.ppc64le.rpm 9d3c667b8388d36f7df36ed2901997145c34c255006aad65b71e754b2a876623 php-dba-8.3.19-1.el10_0.ppc64le.rpm 090c068e3b781c2a8c31d706db2badfe39215b8da5c606d92af19cab2a892063 php-dbg-8.3.19-1.el10_0.ppc64le.rpm 0cd8e72d6d7f5c826e2fe39510c400691971f62b5746d355bb47873d3c3f877d php-devel-8.3.19-1.el10_0.ppc64le.rpm 1051f18a59393016f81b511512f7bfc695cd549746c04938beaa8ad1e009b1a1 php-embedded-8.3.19-1.el10_0.ppc64le.rpm 9a589e03cfb3c7d2848a274c2d6d243e70cc4bb89b24e33c3cee061a7f0a7308 php-enchant-8.3.19-1.el10_0.ppc64le.rpm ca0f7747c40399312bd17b0ec9f7ec9574cdab7138598dd595eddecf588d9696 php-ffi-8.3.19-1.el10_0.ppc64le.rpm 01cc8c54101310f72a799322fe79a508d7b61bde4bb25d09e1c6116148a5d771 php-fpm-8.3.19-1.el10_0.ppc64le.rpm 2ae783aa3f3aa40c91fcaea90fe14b0b147842019463d5093fc2648276aa601b php-gd-8.3.19-1.el10_0.ppc64le.rpm a8605b6dad7c0bccbc275cebdba6a710a3a8edadf5112785215a62ddbc99eb02 php-gmp-8.3.19-1.el10_0.ppc64le.rpm 216447cde7c5818d0f493ad13b413821e6c7030c6c758cbfdee288c4f860c817 php-intl-8.3.19-1.el10_0.ppc64le.rpm 3044158e268516c1cc73fcc33b21eb053ede566c87e0791714dbbcdb199ab06b php-ldap-8.3.19-1.el10_0.ppc64le.rpm 2d264b5e0c300a7fc1c62a221638442ff30026bf3eb6daab4ab470bf8b88bfd1 php-mbstring-8.3.19-1.el10_0.ppc64le.rpm 17ffb0bd4f058c5812cb39f552d00c8637c21b6351d39678401f645e0aa0dcf6 php-mysqlnd-8.3.19-1.el10_0.ppc64le.rpm d2ecbf02f95489e27c9a5ab905904748bd75cd8ba415aee1ba16cbee5ce6e860 php-odbc-8.3.19-1.el10_0.ppc64le.rpm ac901186dc405e9dfe56bafc2bf2ad3276c671370e0e2873d5800ed31759ab3c php-opcache-8.3.19-1.el10_0.ppc64le.rpm a0ba671731a17392726082e98a4c3df340215eaad9d5cf5959d2de7343600595 php-pdo-8.3.19-1.el10_0.ppc64le.rpm c8c2fa575f4cd013f4d83eb5fc89aeb3c0ff21abc225802a2f994ec42678c344 php-pgsql-8.3.19-1.el10_0.ppc64le.rpm e8d1a0a7e956fcade09ef28cd3f9feeb26067fe41be5364f84a08ccf7ddc5578 php-process-8.3.19-1.el10_0.ppc64le.rpm 3027f0f72be9474693aac549e7f64399d97511973151cf0b915c9c0e3009544f php-snmp-8.3.19-1.el10_0.ppc64le.rpm 0ce114e92d911cbdd320bd3133a53787095e1119a293d46081c32790239b81b8 php-soap-8.3.19-1.el10_0.ppc64le.rpm a0b4a2a8aa0e4cd05cf1e088fd4ad640254bde937cd945ea5efbb25e631fdf8e php-xml-8.3.19-1.el10_0.ppc64le.rpm 5e3131d55234f618d66a9f6e5e3b3d490b4e7c6c43f98694dd209099d1e8e3b4 RLSA-2025:7479 Important: opentelemetry-collector security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868) * github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786) * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms opentelemetry-collector-0.107.0-9.el10_0.ppc64le.rpm a9946197365450b5879f916d5a727ab5b4d9891c80c63b0f4ee60000fd7a5995 RLSA-2025:7509 Important: valkey security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (CVE-2025-21605) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms valkey-8.0.3-1.el10_0.ppc64le.rpm 1f56ca9e37ad0f52661ea2e5499e8a1064d390c604f18267bebe490010405371 valkey-devel-8.0.3-1.el10_0.ppc64le.rpm bc91efedf1607b816e09ddfcca73c244e399c2944d398580993fcafaec0f36ef RLSA-2025:7517 Important: sqlite security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sqlite. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * SQLite: integer overflow in SQLite (CVE-2025-3277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms sqlite-3.46.1-4.el10_0.ppc64le.rpm a84d43d7675f3d2029ed8229dbb299654c6e5723a7aede5b8f9ea723c3091669 sqlite-devel-3.46.1-4.el10_0.ppc64le.rpm 18f05430c8f091acd920275e6b8967c99d0c85583e7c97da8b16344a5cde2d78 RLSA-2025:7467 Moderate: skopeo security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for skopeo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms skopeo-1.18.1-1.el10_0.ppc64le.rpm f609f7b6e71675f72bfad6d904a233741b724b33324db69f507696201f5ea6a9 skopeo-tests-1.18.1-1.el10_0.ppc64le.rpm fd06a629cae9e182709b69ed95661a21616b870d1824821381850b1ed960b27d RLSA-2025:7459 Moderate: buildah security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms buildah-1.39.4-1.el10_0.ppc64le.rpm 62b782f632141f48bec05cc000ffb09ffc41a2de582c41d99d91e6955da161e5 buildah-tests-1.39.4-1.el10_0.ppc64le.rpm 3794c6956e53aa6e26e98a7e06e53a5702648a56924ba0f661a1bcd339437124 RLSA-2025:7512 Moderate: expat security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Expat is a C library for parsing XML documents. Security Fix(es): * libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms expat-devel-2.7.1-1.el10_0.ppc64le.rpm 2eca0b9b9dfa54f52d85add9b09e9582cff7490b10a2904e40fa9f95fd3f961f RLSA-2025:7457 Moderate: exiv2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for exiv2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fix(es): * exiv2: Use After Free in Exiv2 (CVE-2025-26623) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms exiv2-0.28.3-3.el10_0.2.ppc64le.rpm 00c8b18c1eaacc8ac16b80adb43ba19caa329f0a64eaab9e994c36e2e91e9bf4 exiv2-libs-0.28.3-3.el10_0.2.ppc64le.rpm 9c2423a7ab0c06fdfc187811bbb80e5b9fc4ba126592629bb37f4be42f427bea RLSA-2025:7524 Important: xz security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xz. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * xz: XZ has a heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms xz-devel-5.6.2-4.el10_0.ppc64le.rpm 65ac1e9f03cca5dccfe0ba152051c639569d51ba36018e536f9612a1d57d3d09 xz-lzma-compat-5.6.2-4.el10_0.ppc64le.rpm d51776468f64589c761d727e39b793cf789c3008bddb4713f5305ba2f0d6c2f7 RLSA-2025:7592 Important: yggdrasil security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fix(es): * yggdrasil: Local privilege escalation in yggdrasil (CVE-2025-3931) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms yggdrasil-0.4.5-3.el10_0.ppc64le.rpm 1dd07d2c0c82d15e100379ad4c81f80b151d9d26e1cf830223f9366d9e451fc9 RLSA-2025:7593 Moderate: ghostscript security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ghostscript. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * Ghostscript: NPDL device: Compression buffer overflow (CVE-2025-27832) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms ghostscript-10.02.1-16.el10_0.ppc64le.rpm 9f7e1583d76d48df150c53529d9012078a994427a63641e97179df8498afa9d9 ghostscript-doc-10.02.1-16.el10_0.noarch.rpm f4914cfd80f9e897646ac8e36f35e168dff0f5d687bedd1ecc1e5136f57ddfa7 ghostscript-tools-fonts-10.02.1-16.el10_0.noarch.rpm c86349f057a12bd7dcb6abc7f6f0724a83df500266b99fe894462a62ef242058 ghostscript-tools-printing-10.02.1-16.el10_0.noarch.rpm f20d5ba7b32a253d2c2a24a263142c8d24062116a76f8bb2d82a0ece4b9875ea libgs-10.02.1-16.el10_0.ppc64le.rpm 260c71f6227a5a80bf7ffcf3ca3f3ff22b75c540f71431f967e6b5bb893acca0 RLSA-2025:7599 Important: .NET 8.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-8.0-8.0.16-1.el10_0.ppc64le.rpm 9bd4ec09bea0814527c88e47ee7fdfd3501aff8bcfedd9db52fe6313cb4a0323 aspnetcore-runtime-dbg-8.0-8.0.16-1.el10_0.ppc64le.rpm 23465245e42be90ed89d4ae401565b55b72591eec2079c57e371f117c0bb8cf7 aspnetcore-targeting-pack-8.0-8.0.16-1.el10_0.ppc64le.rpm 45bbdd2086422713f7f791604895d5ee66862cdc18510259aab4c1c880216d69 dotnet-apphost-pack-8.0-8.0.16-1.el10_0.ppc64le.rpm e5ce4adff34cfe8179a1b8a9c84bba94733ce5860841311c8a218a7b37b4fece dotnet-hostfxr-8.0-8.0.16-1.el10_0.ppc64le.rpm 6370820ad69372d6a39ac74ae4257d6c7ebe7ce6b9e3beb5feb3fac28dd3ad6f dotnet-runtime-8.0-8.0.16-1.el10_0.ppc64le.rpm 3ba2b7b44a21d02a8fcb8dec93a28bbef54f34f195a68c2dc9d240b7a248054b dotnet-runtime-dbg-8.0-8.0.16-1.el10_0.ppc64le.rpm 769e703b90cb2b1072659c6e71a6d00c9898d8cc4ef14fdd1c2f4eec50a4e97e dotnet-sdk-8.0-8.0.116-1.el10_0.ppc64le.rpm 3ac1c82cc79e06dc0992509d1c1f18903e114f0488a1b1f308ebd0ef3897d3b1 dotnet-sdk-dbg-8.0-8.0.116-1.el10_0.ppc64le.rpm f797b5a97a0c11df32c58e64842e507ea1b16561dc483179aa43d4bf8b68fcbb dotnet-targeting-pack-8.0-8.0.16-1.el10_0.ppc64le.rpm 345c5127f6c1b530ceeab096370c2bfa0acdac25b1163a4fd5176e442a902d6e dotnet-templates-8.0-8.0.116-1.el10_0.ppc64le.rpm a784c534a5028f9ffcf8b81d54570e3d438dff06c911d7054d788f4bf9680cc8 RLSA-2025:7601 Important: .NET 9.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-9.0-9.0.5-1.el10_0.ppc64le.rpm cd6633f51c0d6d1ea21543cfac6aa8c63806dd55fd7e95558d7324bc2ee6b576 aspnetcore-runtime-dbg-9.0-9.0.5-1.el10_0.ppc64le.rpm a35830e2b531b0a0f4e5fb1c496e3aaf82fea163d097298a15371fe8a6e63271 aspnetcore-targeting-pack-9.0-9.0.5-1.el10_0.ppc64le.rpm d4c00ce04e2efc5c4c145099ef48606c8b4984a5f33c16361828e5e7d4d76291 dotnet-apphost-pack-9.0-9.0.5-1.el10_0.ppc64le.rpm ca3b5bb8233e17d3271a57d122310f780e7e05c37b2b1caea2d4dc7b9bcf3f93 dotnet-host-9.0.5-1.el10_0.ppc64le.rpm c8dadd6dec479a9a2511c16c26696c1ba8fc63304ba8eacd99ba34ad440897ea dotnet-hostfxr-9.0-9.0.5-1.el10_0.ppc64le.rpm 1f78a6f8f55f1f3f21d9d26709de0ae6ef3eb010866bbb7f7b9c3282476d8f62 dotnet-runtime-9.0-9.0.5-1.el10_0.ppc64le.rpm b5e43c832a743bfbf274937d4c4e3e41df362c40ce738e8242ccd86f5758eb98 dotnet-runtime-dbg-9.0-9.0.5-1.el10_0.ppc64le.rpm 60f91ca556e03dd110405789e24c1b47e145aa196217c0ab29943b0128bd2e8d dotnet-sdk-9.0-9.0.106-1.el10_0.ppc64le.rpm 7a4ba181012b733f65a69a2333eac397a354de7e8fe5f87cebb224d8ba8a821e dotnet-sdk-dbg-9.0-9.0.106-1.el10_0.ppc64le.rpm ca777a3bbc6db77ff0cded8bfa51523c2101c53982cd9afc20776e9876947fb2 dotnet-targeting-pack-9.0-9.0.5-1.el10_0.ppc64le.rpm 73187d17f0732892040a87ea85dd5fdfbff912016f8e3629fdb3435c64b5f521 dotnet-templates-9.0-9.0.106-1.el10_0.ppc64le.rpm f1a78aed33f133ba3a76b2cc16fc3e3bfc3b0989f9e225fd13c4490ab3324e66 netstandard-targeting-pack-2.1-9.0.106-1.el10_0.ppc64le.rpm 66280a9917200474ec7b04f599457b001b395a1e9bfe2e0d325180f6e9a206b5 RLSA-2025:7892 Important: grafana security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect (CVE-2025-4123) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms grafana-10.2.6-17.el10_0.ppc64le.rpm 3e30f59c6544dddcecabb1c0d5be119587f48d4475e6cf8066a8175d050c75d8 grafana-selinux-10.2.6-17.el10_0.ppc64le.rpm 60d8116f0d798dcabdf599d738a81dc9cc70756193be5853e7dbc26cc35c7684 RLSA-2025:7956 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CVE-2025-21966) * kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CVE-2025-21993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.12.1.el10_0.ppc64le.rpm 0c192df2d5ea7b2aaf8abfd98475d049cd480793dd84b0acf8f92bd373165470 kernel-debug-devel-matched-6.12.0-55.12.1.el10_0.ppc64le.rpm 49990e0f556c068fb62caad3d1cfd35b0da77e436158c7f6c98792376da2cda4 kernel-devel-6.12.0-55.12.1.el10_0.ppc64le.rpm c695d77d5ac55ddb7ec135cbb68e6915bde90345faf1e63623da63d74a91b1ff kernel-devel-matched-6.12.0-55.12.1.el10_0.ppc64le.rpm 50eaaeb6daa8a4406c3ac563578ecb1c5d01a22ca145e07137e492acd4d48544 kernel-doc-6.12.0-55.12.1.el10_0.noarch.rpm 30db1e51640edd8a4b7c99aae38a28b8bdce6157ad1dd73f6eba9bd94dff1384 kernel-headers-6.12.0-55.12.1.el10_0.ppc64le.rpm 0109fb4e728b33efbef73b0033ab51b91aa8d35c5e3e3ee0a31f962c5c7c3245 perf-6.12.0-55.12.1.el10_0.ppc64le.rpm cc3708813031948af8bdb62bc475916763ec22569c532bd21d79be5745470e33 python3-perf-6.12.0-55.12.1.el10_0.ppc64le.rpm 060e851ebc1cddc61785b9e8c467f645074a7e3bed2fa2d606a7d05d10e50917 rtla-6.12.0-55.12.1.el10_0.ppc64le.rpm 6aea412db891961b994a062d8bbd26db78a39a97192c94ee57676da3804cb5a4 rv-6.12.0-55.12.1.el10_0.ppc64le.rpm 7fb59e839b30b62d106f2cf9e8f58924cd870c8f5248746eece9e6317b0cc5b4 RLSA-2025:8047 Moderate: unbound security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbounded name compression could lead to Denial of Service (CVE-2024-8508) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms python3-unbound-1.20.0-10.el10_0.ppc64le.rpm aa884ea858af7338b1a7cbd71e6ec4722cfb60f2a69da35c81dd4d7c3d83096f unbound-1.20.0-10.el10_0.ppc64le.rpm e42a3cef2767dc514e06dc6bc37281ce3f0ec08756c62bca5540efd11ea61f4a unbound-anchor-1.20.0-10.el10_0.ppc64le.rpm 034b93d5a0ec0789fe8b006e97bb6500fba2e21748c33bfa5a1226b61ceeedf4 unbound-dracut-1.20.0-10.el10_0.ppc64le.rpm 6a672ec79903ba56c2b7be13ccca3aa0bdd4f193e1eeb90f7a25702c533bef3d unbound-libs-1.20.0-10.el10_0.ppc64le.rpm 412b092c060eac45e30b61de3dea8a1be49e280d490a84083381e78e29422847 RLSA-2025:8125 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-128.10.1-1.el10_0.ppc64le.rpm d955aa08f4ca30fb6bdb96647212a14c5302097b36cc568ac2ee831a0974a992 RLSA-2025:8128 Important: libsoup3 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. Security Fix(es): * libsoup: Denial of Service attack to websocket server (CVE-2025-32049) * libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header (CVE-2025-32907) * libsoup: Cookie domain validation bypass via uppercase characters in libsoup (CVE-2025-4035) * libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libsoup3-3.6.5-3.el10_0.6.ppc64le.rpm c0a7913dc19a670bc229688f68f088c639c0ae65310c04c2ec03b5020e6bb77a libsoup3-devel-3.6.5-3.el10_0.6.ppc64le.rpm 83008cd0e04d094d6d2cd386e00da182f4fb952149521068cc70c0458eddcb05 RLSA-2025:8131 Moderate: ruby security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ruby. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion (CVE-2025-25186) * CGI: Denial of Service in CGI::Cookie.parse (CVE-2025-27219) * uri: userinfo leakage in URI#join, URI#merge and URI#+ (CVE-2025-27221) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms ruby-3.3.8-10.el10_0.ppc64le.rpm 7719b8b5125998ecef59320531d9817e9df36a8d474d7c7545c5b4b18df57e5c ruby-bundled-gems-3.3.8-10.el10_0.ppc64le.rpm b306ed3b2cdec955598f8bad56c49641a57871bff736ab1904bf0d396e3eebb0 ruby-default-gems-3.3.8-10.el10_0.noarch.rpm 2904c2be6de7adbab5728cba1bf5f581345a9ec634bf41d756b327d5df6cdc1d ruby-devel-3.3.8-10.el10_0.ppc64le.rpm 735c4a625fecfdf255e2cdaf67a4dea40df0cfdefce6227afabb0003240312a9 rubygem-bigdecimal-3.1.5-10.el10_0.ppc64le.rpm 1b09d7af584b956ee8ba0957b45d2cb07311b36c2012d1c12f5f393ab14678b3 rubygem-bundler-2.5.22-10.el10_0.noarch.rpm d7b4cd0ea6f73904a04b3406e6ae24ec8054e6d370477622248c6da2d0cbba61 rubygem-io-console-0.7.1-10.el10_0.ppc64le.rpm 89685d9151bcff5ef9fabb375dfcec6187207836b9fdde9ef1230334dba258cd rubygem-irb-1.13.1-10.el10_0.noarch.rpm 47789a9d47f47375f2265bbfba6a021f98d2f2840f774b8c8dcb2d64a11c79f1 rubygem-json-2.7.2-10.el10_0.ppc64le.rpm 6c2f02dd847158bd7441d92dcba331585272c8e16fd103e386b7d6ed2caff945 rubygem-minitest-5.20.0-10.el10_0.noarch.rpm 443713643e31df383a0adb8f57a219441de801e241bcb862d3be37542d8c3d72 rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm fd83ea41220fdd4bcd8e00f692c937507141e2fac3adae231441766600ac83a9 rubygem-psych-5.1.2-10.el10_0.ppc64le.rpm 5e8801a3ecca9bb53755a22a3237dbb924595473878f0db6c34b862e54b5d8b8 rubygem-rake-13.1.0-10.el10_0.noarch.rpm 18f422e254af9edb5743dd00a53c2ce7a4d0e04939a2ab9ac711a7bd264a1e84 rubygem-rbs-3.4.0-10.el10_0.ppc64le.rpm bdad8453dd4d3f5663d0faa4185fef28923c6161093bd3bd437f87da7d160bed rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm 656cedbc171c0d9924948b15bb319b8220c71e29a74a040d6f4a4f1b3358dde0 rubygem-rexml-3.3.9-10.el10_0.noarch.rpm f63afbc11ae33c3c780e6b46f2f7274c2ef874656cfb4633779181a508e8cf9a rubygem-rss-0.3.1-10.el10_0.noarch.rpm 312bb55e83f14b500d7a0e5c911f8745d5b5d06a3fcd847fb314c943deb18d1a rubygems-3.5.22-10.el10_0.noarch.rpm bb066d3068ce2da7cefc8f9f89d01e223d2870bd4a509e0aad5ebf7432a860be rubygems-devel-3.5.22-10.el10_0.noarch.rpm d44c057b948919daf238b6b1463d7b1c47c91420a539346ccc8436b77387b527 rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm cde1cbfe9e860af0cd849fb742cffa0fe5128ceb80f93497b3f8571fa0752517 rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm 79fec13dace5e8b27fabccda2bf8904f5279779a88b3a67a4c156db8c03003da ruby-libs-3.3.8-10.el10_0.ppc64le.rpm 40e561334f5e044c700de6c780498ce479164f63c17b0520081fd0700bec2cc0 RLSA-2025:8135 Important: python-tornado security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-tornado. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CVE-2024-53104) * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-doc-6.12.0-55.13.1.el10_0.noarch.rpm 482583a6393ab29fbb7c2e4e5780c0fe2ec7a06756d38cf0a4b861fc4fa884e3 RLSA-2025:8184 Important: gstreamer1-plugins-bad-free security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-3887) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gstreamer1-plugins-bad-free-1.24.11-2.el10_0.ppc64le.rpm 45bafaa771ad41efb3a98e5f1dedbb9d07ec7246c7c7471f273d2b25c80cf07f gstreamer1-plugins-bad-free-libs-1.24.11-2.el10_0.ppc64le.rpm 5e368152e47cdbd30a9befc2ca02082b24f633b611a48cf42a5f3f3a2de6df7f RLSA-2025:8196 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909) * thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875) * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877) * thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-128.10.1-1.el10_0.ppc64le.rpm 07ff1675b9a60ee4889509419923b90f5071f486f7b9c45d936661f28e2294af RLSA-2025:8341 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-128.11.0-1.el10_0.ppc64le.rpm cc5d2a9040dacb480f8bb2ea0a6606da13ba7866adf8eb3ddb6965e74425261b RLSA-2025:8374 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CVE-2025-21919) * kernel: cifs: Fix integer overflow while processing acregmax mount option (CVE-2025-21964) * kernel: ext4: fix OOB read when checking dotdot dir (CVE-2025-37785) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.14.1.el10_0.ppc64le.rpm bb7f932c992ebcb6d30336678db8c671301bbcb1fdee1fd683d560394bc364aa kernel-debug-devel-matched-6.12.0-55.14.1.el10_0.ppc64le.rpm 66fb9e1b8cf9595c26877c32f5d091dd955d54cfa7ef7d39e22ce915dbfb5e98 kernel-devel-6.12.0-55.14.1.el10_0.ppc64le.rpm 4a2b5a10f1331cd561d84a74cec389436c2dba0bafecd1be700eca564b066e6b kernel-devel-matched-6.12.0-55.14.1.el10_0.ppc64le.rpm 4831b41eed7dbb13aa7255c6169a7d6deb441dd7376c485f7547f3445ef7bcba kernel-doc-6.12.0-55.14.1.el10_0.noarch.rpm 8adc17da86a9b84bffdd83f8677632954b97112d904de914093596db77ecb321 kernel-headers-6.12.0-55.14.1.el10_0.ppc64le.rpm 3ede4d3fdfecba5dd966e4a9afcb97699a01d762870ae379523af4244e330033 perf-6.12.0-55.14.1.el10_0.ppc64le.rpm 95af157b1e2b5b562cef70bb28810f0fa4668a36e134ee266cc703b92d48a160 python3-perf-6.12.0-55.14.1.el10_0.ppc64le.rpm 16b96476c81c81586646ed3018df98a0d18417d880cb39ea6fc9ff50aca4497d rtla-6.12.0-55.14.1.el10_0.ppc64le.rpm 0cb68ea446832e474f584d057fc7871f7b334f99961bbd46f14e0e19f9b5556b rv-6.12.0-55.14.1.el10_0.ppc64le.rpm 0d496568b5add0fb218f5de2ae4979a156478957a1c31c75bd5e978af9abfc1e RLSA-2025:8477 Moderate: golang security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms golang-1.23.9-1.el10_0.ppc64le.rpm c2d98a48ff94b5709843e9de4ed516a755049c6f236a7778407a0815101446dc golang-bin-1.23.9-1.el10_0.ppc64le.rpm adfc81a51a9052069d1a4b8723e31dce43f8399fd2255346e5bf97b96ded2432 golang-docs-1.23.9-1.el10_0.noarch.rpm bdd2760b73c9324ad1b4499a8f0ac93db56f828057b077941bb8e625050d26a7 golang-misc-1.23.9-1.el10_0.noarch.rpm 69b802400d4176e7bad9d0c1f1b5d73e5b76c67b3e976c8e150d266ce45a7ced golang-src-1.23.9-1.el10_0.noarch.rpm 431c56db3fafa2e52ebeaf24f7722efd266be7ac65dfbb6ce76ec106d22711b8 golang-tests-1.23.9-1.el10_0.noarch.rpm 3215e7950d792a9a14b68b16cc720ae61ec83fe3b50223d9fb441bcaee76e7c9 go-toolset-1.23.9-1.el10_0.ppc64le.rpm 4b83b3ae2316442102b81c8fb4f2128172d640dbadf216496f05aafb11acc23a RLSA-2025:8493 Important: nodejs22 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for nodejs22. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices. Security Fix(es): * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms nodejs-22.16.0-1.el10_0.ppc64le.rpm 77876e19dfda570a1d76b69c37b07aa87e0441ef04d16edec6523b93e46127bc nodejs-devel-22.16.0-1.el10_0.ppc64le.rpm df52a1bf9bd72055d5a0a8e93704d42504e5acfbdfcf7f4274d1829a5c356397 nodejs-docs-22.16.0-1.el10_0.noarch.rpm f120d25fe9ff48ab63fa1691b7c726ce10a6aea9d36e5fd8d312b8da1618d995 nodejs-full-i18n-22.16.0-1.el10_0.ppc64le.rpm 34be15973076114f476adbf6599c7ff437d5fd6900c89e3295d21be4981e0054 nodejs-libs-22.16.0-1.el10_0.ppc64le.rpm 804ac396031ff526b6658fdb7ebac1477546d084ec5e689ecfea493a9d0d6cbb nodejs-npm-10.9.2-1.22.16.0.1.el10_0.ppc64le.rpm 4bbfdc18a76256ccfa4400fa82da495a12e0e4df7ac800cf1ac362e3a14510c5 RLSA-2025:8550 Important: varnish security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for varnish. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: request smuggling attacks (CVE-2025-47905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms varnish-7.6.1-2.el10_0.1.ppc64le.rpm 0dd5802c006772c443a13204943110ed83fbf752d9a889a449e5da7edeae1732 varnish-docs-7.6.1-2.el10_0.1.ppc64le.rpm 83e7779118ee667d190412ded06196abd493a11d0ec2b9477aff1438e1c07e7d RLSA-2025:8608 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-128.11.0-1.el10_0.ppc64le.rpm 971f634394b1a11512569c837bd3fe0d76658406f5558ec6d17bdc52a49973ab RLSA-2025:8636 Important: perl-FCGI security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl-FCGI. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FastCGI Perl bindings. Security Fix(es): * perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms perl-FCGI-0.82-13.1.el10_0.ppc64le.rpm 8a62689e2eda86046a963fd8e38694aaa816252d6cc3a905954c0ca6fc1c58ad RLSA-2025:8666 Moderate: grafana security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms grafana-10.2.6-18.el10_0.ppc64le.rpm 3f348bc98ec160a4f81d2eb0c5253cefeb88d389a6cb6c8ce7506865b96bc6fa grafana-selinux-10.2.6-18.el10_0.ppc64le.rpm 422f48a81d41b71a015964b13a456581efa985e707c04093ca97e16a021f8f40 RLSA-2025:8669 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: vsock/virtio: discard packets if the transport changes (CVE-2025-21669) * kernel: net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926) * kernel: xsk: fix an integer overflow in xp_create_and_assign_umem() (CVE-2025-21997) * kernel: net: fix geneve_opt length integer overflow (CVE-2025-22055) * kernel: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CVE-2025-37943) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.16.1.el10_0.ppc64le.rpm a9ebef5bfecb74848472e33a673182440629bf36101b5ca488f9755096c1b262 kernel-debug-devel-matched-6.12.0-55.16.1.el10_0.ppc64le.rpm 902ca4b6fd7fa5c71b56325f32543f76fc03795a0501e067b4fbb38f28ff8c0c kernel-devel-6.12.0-55.16.1.el10_0.ppc64le.rpm 2d03e5189914e79d09a52e97e8a9a204bbc66cec39b7bbd1bcfb6b6a69685ecc kernel-devel-matched-6.12.0-55.16.1.el10_0.ppc64le.rpm 20aadf16264fd705cf8de9b7f82659b1a846d4153571b4332b45211501200d5e kernel-doc-6.12.0-55.16.1.el10_0.noarch.rpm c6d7acac1e26b0a460bdc40b0adb14fc465b0198f2359a7c8f677efe8321b0e5 kernel-headers-6.12.0-55.16.1.el10_0.ppc64le.rpm 8e3b8ec8920cb525356107977b5010c06caf908d06ed211cf1f6368596d27449 perf-6.12.0-55.16.1.el10_0.ppc64le.rpm 3194b4c64a2993788386539a86141fca428a37d6784e89e8be7c7cafe8356144 python3-perf-6.12.0-55.16.1.el10_0.ppc64le.rpm de425f0c7432c5df06503b20384ca73d5e843f0a361006cbffacdb69c3f44593 rtla-6.12.0-55.16.1.el10_0.ppc64le.rpm 9e498f80e2ccdd24d452b57d061c76df9affc84fa4f943dd29fd296ed2b085bb rv-6.12.0-55.16.1.el10_0.ppc64le.rpm d21cb387420d7672148a06c4eabc0988d3ef7363f102e1b6bf582b5f7fa5cd0e RLSA-2025:8814 Important: .NET 8.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime 8.0.17.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-8.0-8.0.17-1.el10_0.ppc64le.rpm f2363182f1c07d814ca5174423a5f719d2adbbad14385e69e127afe6fa33447d aspnetcore-runtime-dbg-8.0-8.0.17-1.el10_0.ppc64le.rpm ddfd32f61d03d6704d7f8830a3d6a78b0e3580e68a56ad295b3832a94d3c4f5e aspnetcore-targeting-pack-8.0-8.0.17-1.el10_0.ppc64le.rpm 2aec363648dac33266dd132ac89e93ab59c8d289093b7c4579aac322d65c3945 dotnet-apphost-pack-8.0-8.0.17-1.el10_0.ppc64le.rpm f0bfb61595c79a56ed7db31fd2c1f577b8cbfda0369f73d127aa59f3f818ebf1 dotnet-hostfxr-8.0-8.0.17-1.el10_0.ppc64le.rpm 7d4d8dfce7e5e128bdae703e279be5c95b515eb69a90d70ead99575f14ad687f dotnet-runtime-8.0-8.0.17-1.el10_0.ppc64le.rpm 694c6964ac0d3433e9f452c75dc0d451bb82e3852970c89c54fa1bcf97830a34 dotnet-runtime-dbg-8.0-8.0.17-1.el10_0.ppc64le.rpm 38e87b84d96eec3adec7cddbb765ca62da8fbbceaf55a97120777617680c7970 dotnet-sdk-8.0-8.0.117-1.el10_0.ppc64le.rpm 8e7d6db41fe3b539f8c598e0c4178a0a024bf1a78ea66ecf0b9f8af222adad35 dotnet-sdk-dbg-8.0-8.0.117-1.el10_0.ppc64le.rpm cdcc072281771505be647edf99e499151d3b2ef972292d74450b4295d6c8125f dotnet-targeting-pack-8.0-8.0.17-1.el10_0.ppc64le.rpm 7d157710386dcfaeb36574155d5d5bd42b977f397c490aa5fc7c9e3e4368f55c dotnet-templates-8.0-8.0.117-1.el10_0.ppc64le.rpm d96354ded365fdd75e301f9d831af20f1b785b18a63d6634bf4021fc24fdbceb RLSA-2025:8816 Important: .NET 9.0 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aspnetcore-runtime-9.0-9.0.6-1.el10_0.ppc64le.rpm 99cdd0826209de6a9a97329272af861d61becc93611048f8693099c373c9b987 aspnetcore-runtime-dbg-9.0-9.0.6-1.el10_0.ppc64le.rpm 69747b6afb147b45ae696b175d70f958381418c0f0b25eea045987f03d6805ba aspnetcore-targeting-pack-9.0-9.0.6-1.el10_0.ppc64le.rpm 90c284cafba231e004decadfd4e3a2a30d4b8f40c0a3599084848b3ce349c4d6 dotnet-apphost-pack-9.0-9.0.6-1.el10_0.ppc64le.rpm 7ff6d3c920e33196df9dd1745fe96e1e8ececcdbfaf5b6e285d9dc40a45c9593 dotnet-host-9.0.6-1.el10_0.ppc64le.rpm 4f1dd84301a7171a8d41e6d3992e0354385319c8adb440282b7c6f9a4813b25c dotnet-hostfxr-9.0-9.0.6-1.el10_0.ppc64le.rpm 05b0f608b055bec11bf3f0aa6492a106e28997f6a8127af06abb96a7fd7a75fe dotnet-runtime-9.0-9.0.6-1.el10_0.ppc64le.rpm af6b50bf9c42ffcd29edc7385d6356404535ed43f026377d858a31829c04f0af dotnet-runtime-dbg-9.0-9.0.6-1.el10_0.ppc64le.rpm 372f251016f19b61af8034f14f9a4a5e515d6bafd6921acd3f4b34d574d8de9b dotnet-sdk-9.0-9.0.107-1.el10_0.ppc64le.rpm 7b027907b4740640d8e9c516fc0f74698de393dfd1b38d7458351622fbcddf62 dotnet-sdk-dbg-9.0-9.0.107-1.el10_0.ppc64le.rpm 222d8108af1781ed34dfb5b1d1e075232b1c150d6af3e9a825dd704f4157b130 dotnet-targeting-pack-9.0-9.0.6-1.el10_0.ppc64le.rpm d188821106f4881c725fda4bffe34b553048439ea6bb2916471cce90074c8a75 dotnet-templates-9.0-9.0.107-1.el10_0.ppc64le.rpm 3f84b21588aa4fcd35ab742974c5c6acdcb45517bb371fd7e4e4b45dec44cf8c netstandard-targeting-pack-2.1-9.0.107-1.el10_0.ppc64le.rpm 43386ce97daa47d366c1ee96f9d976d6f1b2a3d3dba285b18d56a66136963873 RLSA-2025:8915 Moderate: grafana-pcp security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for grafana-pcp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms grafana-pcp-5.2.2-3.el10_0.ppc64le.rpm b8a3e0d7fd971839bdb11db20e7fef482daf88dc9f9fea3e5c19813b8eca2714 RLSA-2025:9063 Moderate: git-lfs security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms git-lfs-3.6.1-2.el10_0.ppc64le.rpm 7603e1a0790f9afe219881db9c4abc5be7f793f91f02d2b7c02355e0f7990989 RLSA-2025:9079 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764) * kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CVE-2025-21887) * kernel: keys: Fix UAF in key_put() (CVE-2025-21893) * kernel: cifs: Fix integer overflow while processing closetimeo mount option (CVE-2025-21962) * kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (CVE-2025-21969) * kernel: cifs: Fix integer overflow while processing acdirmax mount option (CVE-2025-21963) * kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy (CVE-2025-21979) * kernel: smb: client: fix UAF in decryption with multichannel (CVE-2025-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.17.1.el10_0.ppc64le.rpm 346aca22f9de829b46cc9d69ebb4df0eeb5f4d062cdd0b39aeb65339ee3b5a3b kernel-debug-devel-matched-6.12.0-55.17.1.el10_0.ppc64le.rpm 9e4068d92d5930dcf66e3cb121779bad5373e3b419bd3ff2cf729c2d786193dd kernel-devel-6.12.0-55.17.1.el10_0.ppc64le.rpm 7385cf6314cbf06929db4d23dd59fe0bd7c578f79822992096da84c236bc64f6 kernel-devel-matched-6.12.0-55.17.1.el10_0.ppc64le.rpm 56dda64636b4246e9728bf8b6757ce767dd6d7c68c470010952c2cee40e62fce kernel-doc-6.12.0-55.17.1.el10_0.noarch.rpm 87ac85377552a790aad9fc9c5706e32c3dcb9be01df4e2dc52840555e14e7cb3 kernel-headers-6.12.0-55.17.1.el10_0.ppc64le.rpm 3d305d55e00b0781294e0963374f1aa7988b4f7f12e82ed8a37831c846dc3ddd perf-6.12.0-55.17.1.el10_0.ppc64le.rpm 9685fdc71d4fbf03ca4950fe4ecfcf25aac922eb2488c99269185387188dcb00 python3-perf-6.12.0-55.17.1.el10_0.ppc64le.rpm 1dccea524929c2df1deb010b91a9f60284b3dfb5143ecf8af70324f7d8cc099b rtla-6.12.0-55.17.1.el10_0.ppc64le.rpm 308d8c86943895942fff95e098ef8813c3d4e71c9171dbe84ad2b12055b435dc rv-6.12.0-55.17.1.el10_0.ppc64le.rpm f65f61d0400c48dfcc125ba26167351a16f90596db819f2decc592a5e1768c7b RLSA-2025:9120 Important: libvpx security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double-free in libvpx encoder (CVE-2025-5283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libvpx-1.14.1-3.el10_0.ppc64le.rpm 7a13e3097090103520fd2f8d048f71fe9b59f5ece7224cafaafd4ead006fd1cc RLSA-2025:9121 Moderate: wireshark security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for wireshark. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix(es): * wireshark: Uncontrolled Recursion in Wireshark (CVE-2025-1492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms wireshark-4.4.2-3.el10_0.ppc64le.rpm 064e0f8461f5fb71aaa103dc111977d438923c88f44cde3224e72e412b7300be wireshark-cli-4.4.2-3.el10_0.ppc64le.rpm b66f031a5fd5509267ae0c8c1a5597d07888ec488cc680c0951857ba05cae25f RLSA-2025:9148 Moderate: buildah security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms buildah-1.39.4-2.el10_0.ppc64le.rpm d95d14e90606fbfe7088696ef0838dbf8bb7f9be983be507d5b6f90f4b38aa90 buildah-tests-1.39.4-2.el10_0.ppc64le.rpm 55ae074dbf91442102294caa7bf28660546c9bbb9c82d9c7a2870fce272436f1 RLSA-2025:9146 Moderate: podman security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms podman-5.4.0-10.el10_0.ppc64le.rpm 13e9a39540bffc8c993898b49c401cac9614e2f70b37cdbfda4b264afe4888eb podman-docker-5.4.0-10.el10_0.noarch.rpm 72ee4b59f086d755726270ee648923634a2c7363eaecb7668975444143214d9f podman-remote-5.4.0-10.el10_0.ppc64le.rpm ad564d62bc40e5a2d2cf3ada37e566a725b2cb828b0b2622957df7d91eeb9df3 RLSA-2025:9149 Moderate: skopeo security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms skopeo-1.18.1-2.el10_0.ppc64le.rpm afe3f9be49e17482dc5544aa6f40f08c93d8270577e7cbdec83891e2f232d140 skopeo-tests-1.18.1-2.el10_0.ppc64le.rpm 9f4d3d7f0cb0360426561ff8da3723607b65310a57520d8d6fa656540fa6a4ca RLSA-2025:9151 Moderate: gvisor-tap-vsock security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gvisor-tap-vsock-0.8.5-2.el10_0.ppc64le.rpm 8a35fcbfdaa968c7d9b875708cb04e66cc92890f01b28fce5703f24474157910 gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.ppc64le.rpm c6dad32bc06e92f29ef375bcf10ca5fbbf8310a0763576f326497aa39bcc47a9 RLSA-2025:9156 Moderate: golang-github-openprinting-ipp-usb security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms ipp-usb-0.9.27-3.el10_0.ppc64le.rpm 89d9a708850a6bff9af6d3a02b8e512178978a296fc1496cd2218350134e2926 RLSA-2025:9178 Important: kea security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kea. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon. Security Fix(es): * kea: Loading a malicious hook library can lead to local privilege escalation (CVE-2025-32801) * kea: Insecure handling of file paths allows multiple local attacks (CVE-2025-32802) * kea: Insecure file permissions can result in confidential information leakage (CVE-2025-32803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kea-doc-2.6.3-1.el10_0.noarch.rpm 6275f987ab175c2cd3f1d3f921183882763992ecd48cfdf1f198505441ac888d kea-hooks-2.6.3-1.el10_0.ppc64le.rpm 95c4cf6e1f3e74436b1f4726e1465fa3698d738432d1d07f64861beb87e0cc3a RLSA-2025:9190 Important: ipa security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-4404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms ipa-client-4.12.2-15.el10_0.1.ppc64le.rpm 12ed97a766e4487f5d6ad47a9f8255e17c4d0172b2d85b7d7643fb52ff9693b0 ipa-client-common-4.12.2-15.el10_0.1.noarch.rpm 6c1ae01a5131f824bf97c644496f68706f567b22085c430ca56bc03afb053207 ipa-client-encrypted-dns-4.12.2-15.el10_0.1.ppc64le.rpm 1e12165431f9c843def81b3e7f417e5c089b3aed2add26d02c1760cccc4283ea ipa-client-epn-4.12.2-15.el10_0.1.ppc64le.rpm 1c7e32c3c7065c05d2535fb9f375fb176f9ef36a7a003e931511f83798a5399d ipa-client-samba-4.12.2-15.el10_0.1.ppc64le.rpm 7ca09b30a86d10580441d8df70baf8d5b35aa942ed6429aedacca12a59ea94f0 ipa-common-4.12.2-15.el10_0.1.noarch.rpm bd4658263915b86e0754a48dfef208eb3a06aeacef66b87e1e3e413c2c0d9423 ipa-selinux-4.12.2-15.el10_0.1.noarch.rpm 9392af39d79b05f3d3584c5e2f8defe0aa763b7c26df19606b6ae69882e9d7f4 ipa-selinux-luna-4.12.2-15.el10_0.1.noarch.rpm 862cf3612971baf244e116d8f0860b18b99683e48e3a976f62be514c9e5ebe81 ipa-selinux-nfast-4.12.2-15.el10_0.1.noarch.rpm da232069356f6a7fed12c9b12c17d4e08adda805fbe718e9ffe83ce286498881 ipa-server-4.12.2-15.el10_0.1.ppc64le.rpm 420d28ee18760d3aec50f1f49c4a66c1f27c20e6843d47154647b7da54eafafe ipa-server-common-4.12.2-15.el10_0.1.noarch.rpm 89236fce67fe052cb19173070c2f50c2b514b865567328686e46a6f845ab302c ipa-server-dns-4.12.2-15.el10_0.1.noarch.rpm 7303e5d8311880f7cae2058f4ed51096749cd5afa1d58e4303823207aefcfce4 ipa-server-encrypted-dns-4.12.2-15.el10_0.1.ppc64le.rpm ddf2d5742c9f5c755d5bdb4fc31c553ef1235510431e3a75e0edef14fb071635 ipa-server-trust-ad-4.12.2-15.el10_0.1.ppc64le.rpm 7889be23a4aa24a6daa80265ec131b9acff5de333eaf6a986461600a05ee76ff python3-ipaclient-4.12.2-15.el10_0.1.noarch.rpm 3acf20126fa2ebd03bd719db4b3fdee63e40f34cfc4a805cca9042354485004c python3-ipalib-4.12.2-15.el10_0.1.noarch.rpm 8296ccacd4fbd8cea4f94f0f3442e6dac1ef32e62d3c197cdfe69cdb6876b69b python3-ipaserver-4.12.2-15.el10_0.1.noarch.rpm 9c5d1580ae5902f184e00a231e6482c31dcb76da4b9d3d4feaea0d772ff7bbd7 RLSA-2025:9304 Important: xorg-x11-server-Xwayland security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode (CVE-2025-49177) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms xorg-x11-server-Xwayland-24.1.5-4.el10_0.ppc64le.rpm 8573851261300da7182da0b618dd359131e9e815f478cec4d1e440bb35450159 RLSA-2025:9317 Moderate: delve security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * gnome-remote-desktop: freerdp: Unauthenticated RDP Packet Causes Segfault in FreeRDP Leading to Denial of Service (CVE-2025-4478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms freerdp-3.10.3-3.el10_0.ppc64le.rpm f4d4e7785c4ef5c8c45040f7f71462638a0ca8f3da7add75e34918a706d9b409 freerdp-libs-3.10.3-3.el10_0.ppc64le.rpm de1f0b059ad8d543fcacfd34cd41dc384c07d59e8aa589bced6c9ef040879e62 libwinpr-3.10.3-3.el10_0.ppc64le.rpm c1379305477cf4943da1df306af21ec5e39cb33ea587e787204d335dc0ed2f17 RLSA-2025:9328 Important: libblockdev security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libblockdev. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fix(es): * libblockdev: LPE from allow_active to root in libblockdev via udisks (CVE-2025-6019) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libblockdev-3.2.0-4.el10_0.ppc64le.rpm 226ce7711dfa087f71257bd3a7613f1c0d4310bff2ebcaebe503e9cdfd2ab490 libblockdev-crypto-3.2.0-4.el10_0.ppc64le.rpm cf17d113527e71d4f650020632f6173dbc0406595df8c8bb8d8d2e2eba9bb7ee libblockdev-dm-3.2.0-4.el10_0.ppc64le.rpm 950639cf5630d956b7b31b9db528c48335f20e3d7a28c74b903ae2b30b62a443 libblockdev-fs-3.2.0-4.el10_0.ppc64le.rpm c4ad6b122a4ae2322ba007ab6482e779c8eb4b9395e5fb49cb4e46d89fb32dc7 libblockdev-loop-3.2.0-4.el10_0.ppc64le.rpm f6e150cb8a5e1f75beafd75425d3d411e7d3143e22434c4bff922af5509a1c02 libblockdev-lvm-3.2.0-4.el10_0.ppc64le.rpm 4221a626c44e33a13e7f262e3566e91596e951dc7ccf3374a241772384b30d93 libblockdev-lvm-dbus-3.2.0-4.el10_0.ppc64le.rpm 13ce041d6cc767efc793ed8ad2acb3cbbf08aabd72793c2174f9ff8fa1b21d22 libblockdev-mdraid-3.2.0-4.el10_0.ppc64le.rpm 04c0aff9b269c5a765b16ce2f0025f4204ffd717c8587925d3a98bc3348a7f3e libblockdev-mpath-3.2.0-4.el10_0.ppc64le.rpm 929d8420ca04bba453ccb13a6ac214d9534af48f1601c74ddf37926ff6f89bb1 libblockdev-nvdimm-3.2.0-4.el10_0.ppc64le.rpm bfbf8fbe38f76f416a9bbf988239f7c2c12d415df3de1a43a82a5f72267d3ae5 libblockdev-nvme-3.2.0-4.el10_0.ppc64le.rpm e864bd90e01b7ecc742ee586ea0b71e6d7999811f73b2c676f80eaf70fbb665b libblockdev-part-3.2.0-4.el10_0.ppc64le.rpm b03fe6ecfee6711c249552e74d824dfc468294946c11f356482cd17dc3d54364 libblockdev-plugins-all-3.2.0-4.el10_0.ppc64le.rpm 7d9b2874542be70920bc751c050aab850df59c36736f50592c3ccf9d5e78a1a7 libblockdev-smart-3.2.0-4.el10_0.ppc64le.rpm 3d58b8537fd97e1afad48faf4d7444aab6f751d35508f7581737430126001e84 libblockdev-smartmontools-3.2.0-4.el10_0.ppc64le.rpm 76dc247674341349309e65701fe78a655a34a275d48286223d697d3cc4b18db4 libblockdev-swap-3.2.0-4.el10_0.ppc64le.rpm 5a09111f18d88737726491952d481a1a9a313b820da61cadfb1bd92a9b316715 libblockdev-tools-3.2.0-4.el10_0.ppc64le.rpm 721c747960426d9b3ee1cbb360fcd7ad7c7b31be7f12976af4a6c08a568af115 libblockdev-utils-3.2.0-4.el10_0.ppc64le.rpm 773cf0e0e86d88f4c18d76545ac25e0f4bb67a322617c7ba1fd9eed551e7f119 python3-blockdev-3.2.0-4.el10_0.ppc64le.rpm b9158cb742c9545e994aaf1f0adbef49f10978579728ba8cf18e9ef9dd10e6c0 RLSA-2025:9348 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999) * kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150) * kernel: ext4: ignore xattrs past end (CVE-2025-37738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.18.1.el10_0.ppc64le.rpm d1ff6542e364720d5b612e211f392914fbeea2ba309b07e78dcfc774ea9ba96d kernel-debug-devel-matched-6.12.0-55.18.1.el10_0.ppc64le.rpm 67e3bd2eb3ab0024bd6fdd9815ad229699e2b311c1327ebd912c227a78e1f89f kernel-devel-6.12.0-55.18.1.el10_0.ppc64le.rpm ae7a1c67459ab69a4a3eeec95d5428c608d314e6316b3e43342e0fab9145e0ec kernel-devel-matched-6.12.0-55.18.1.el10_0.ppc64le.rpm 8ba5e8736bcae7fabb3f76c96901115635064fe8f6b7922377933fda0d38d3e8 kernel-doc-6.12.0-55.18.1.el10_0.noarch.rpm d6aadd95b52b9f9c33bb8c8c4e704754124e5611f141be290c10971bfb810ca6 kernel-headers-6.12.0-55.18.1.el10_0.ppc64le.rpm 5835ce1d2463af84f5a0248bfae56eda02bb0547c86eb28a724df44ce2cbac9a perf-6.12.0-55.18.1.el10_0.ppc64le.rpm 00826d8be502845a1d95fc5f5935d30374038c80f99518c807078eede34b85ab python3-perf-6.12.0-55.18.1.el10_0.ppc64le.rpm a2e79db7a03cbd507d4d21e5738137675b18c206973783d600d1b294dd06af3c rtla-6.12.0-55.18.1.el10_0.ppc64le.rpm 4e0a97130da6bd28893c1e6a6befaca1ef4e57a5eacb5a1c77b4f45c7f32a7ea rv-6.12.0-55.18.1.el10_0.ppc64le.rpm 84b3594fe5317bb209b6647b3a3b3dd94068271cd32ab133d95a4f9912827046 RLSA-2025:9418 Moderate: krb5 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for krb5. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions (CVE-2025-3576) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms krb5-devel-1.21.3-8.el10_0.ppc64le.rpm e62651a08b6306fe2d543dbb55203e0cde08076f6603214624fb153846b7153c RLSA-2025:9420 Moderate: libarchive security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Buffer Overflow vulnerability in libarchive (CVE-2025-25724) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms bsdtar-3.7.7-3.el10_0.ppc64le.rpm c23e7558c711fb2f81ccbe4b7601dad62fe3518bd850bd3c2700715c51c56db2 libarchive-devel-3.7.7-3.el10_0.ppc64le.rpm 69b33ed2174b354c6932b2e9a0ffd9ea185227c695b11d15b1c41ee04ac163dd RLSA-2025:9466 Moderate: mod_proxy_cluster security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fix(es): * mod_proxy_cluster: mod_proxy_cluster unauthorized MCMP requests (CVE-2024-10306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms mod_proxy_cluster-1.3.22-1.el10_0.2.ppc64le.rpm 975136108f1d50ca650d434c7c907223ff32a5bada25f7b34c17b7613b1eb93b RLSA-2025:9486 Moderate: qt6-qtbase security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for qt6-qtbase. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security Fix(es): * qt5: qt6: QtCore Assertion Failure Denial of Service (CVE-2025-5455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms qt6-qtbase-6.8.1-9.el10_0.ppc64le.rpm 478d34baebec30e704cc043d3ef7604d6e782f7bcfaa0c9d0bdb35ffc54b65c6 qt6-qtbase-common-6.8.1-9.el10_0.noarch.rpm 1cb71dc28df65692eeb4c2716a3648f044980fa7291152664beaccd2b7f5185e qt6-qtbase-devel-6.8.1-9.el10_0.ppc64le.rpm d78daf9780f648063df29f63ee46a86c4b62d28497dd3641c7a19931fd3640c6 qt6-qtbase-gui-6.8.1-9.el10_0.ppc64le.rpm 3990e3ec80abc8fb3e1cd37872cdc9a8052cea6a119feb7900386ad2ec769928 qt6-qtbase-mysql-6.8.1-9.el10_0.ppc64le.rpm 9534f4b58df22744217e1cb9740c051cff7e00dabeb92961ec6a2134a0f58786 qt6-qtbase-odbc-6.8.1-9.el10_0.ppc64le.rpm 8481a5187ad0481fd3888b09727c765947aa7cc72319c08c4cb1dbf9112c2c4f qt6-qtbase-postgresql-6.8.1-9.el10_0.ppc64le.rpm 137e9451620b9a9a54df29db2497ccc9c9ebe46754e8baf0322f0eae1e4849e1 RLSA-2025:10073 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Content-Disposition header ignored when a file is included in an embed or object tag (CVE-2025-6430) * firefox: Use-after-free in FontFaceSet (CVE-2025-6424) * firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com (CVE-2025-6429) * firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID (CVE-2025-6425) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-128.12.0-1.el10_0.ppc64le.rpm 904be00dd88d57027c74484b43c7b2e9fbd1a24f3dcb3abde7b963a4c0e19221 RLSA-2025:10140 Important: python3.12 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435) * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718) * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330) * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517) * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms python3-devel-3.12.9-2.el10_0.2.ppc64le.rpm 11f0f6a7dd64edb2660356c8a760cf9e8fbf35c7d0211f2efac408b10e457fb5 python3-tkinter-3.12.9-2.el10_0.2.ppc64le.rpm 9f5f4aab8096df056d961de6351ae5b776fe9cba4152c33d487d65e88e1509fe python-unversioned-command-3.12.9-2.el10_0.2.noarch.rpm 12d530c7bbdb489389b29978850ec791c8d04427d287c3e7041e4c212a7af900 RLSA-2025:10195 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-5986) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-128.12.0-1.el10_0.ppc64le.rpm 19252d6a82542afa9ada6b573b6a524e5dfafbd805f88a10e24696cdf40f7f06 RLSA-2025:10371 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759) * kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CVE-2025-21991) * kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CVE-2025-37799) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.20.1.el10_0.ppc64le.rpm ab447c58bb7ba9f3aaac48d6b9fb58fd944fcf05e1a26701ead168a69916fa01 kernel-debug-devel-matched-6.12.0-55.20.1.el10_0.ppc64le.rpm eb72206037a865fa95e5e4d1c7023aeed8fdb86febf61f3f1308d807af25d68e kernel-devel-6.12.0-55.20.1.el10_0.ppc64le.rpm cf43b290feff99931e8df5542827bb3c0c04fbb805ce146d40e2b5750d442c35 kernel-devel-matched-6.12.0-55.20.1.el10_0.ppc64le.rpm 63290524addde3a5714af34fbe95d41bc0d87d3fc0f55f902a7b54f102c74328 kernel-doc-6.12.0-55.20.1.el10_0.noarch.rpm 84e1d7e1d5f97fdcabdfa8801e747413f60ec31266aac03ab1b52efee22825b2 kernel-headers-6.12.0-55.20.1.el10_0.ppc64le.rpm 2adbb8e35cecc7e07ab444f941b54b94154d7dec8e1778bf6199afdc3455a4fd perf-6.12.0-55.20.1.el10_0.ppc64le.rpm 9f9ca29bf2b28f6862fbeaa4fea55314248dbfd0ffcbe914358a21f344651633 python3-perf-6.12.0-55.20.1.el10_0.ppc64le.rpm 45bbdfc6b0e0ca00dc7256bb1d15abc5ac0a697bd60fcec66631fa18496d901f rtla-6.12.0-55.20.1.el10_0.ppc64le.rpm 0853ebda6eee0080d4add3046e7dda06ac9105f335912fbc7f0af0eba3f48c56 rv-6.12.0-55.20.1.el10_0.ppc64le.rpm 6066f8d526e5a2aa0d71b9d6d23cc8b08fab31c04a88e271d8627a37a090d9cd RLSA-2025:10549 Important: podman security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: podman missing TLS verification (CVE-2025-6032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms podman-5.4.0-12.el10_0.ppc64le.rpm 1e491312e38d5c65a938d4bcd30a55c63e0c3e31b3606fc989ca3c43416cfe3a podman-docker-5.4.0-12.el10_0.noarch.rpm 50e57d06c0b4b9b5f81adc49cece6f8a36edbae57426c6f6b3b6cf9939b0ab15 podman-remote-5.4.0-12.el10_0.ppc64le.rpm fc170c5db79ed14b41cf3e32a9d559f99cdc716fac911e7f819ba67efa9aacb3 RLSA-2025:10635 Moderate: gnome-remote-desktop security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnome-remote-desktop. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment. Security Fix(es): * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gnome-remote-desktop-47.3-2.el10_0.ppc64le.rpm 7426fd8e41574c6d1afefd6afdad421b924bd573367e8161c6dca453ab2b5224 RLSA-2025:10630 Important: libxml2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794) * libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795) * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796) * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libxml2-devel-2.12.5-7.el10_0.ppc64le.rpm 814779c4746af76b0c52ca84c26f57d6d8d5af2488194332733f53f22179e8d6 RLSA-2025:10677 Moderate: golang security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms golang-1.24.4-1.el10_0.ppc64le.rpm cf38b25b9bd77347f9137cf8b120010807c4e028012b2a0353dbf5690c53a44d golang-bin-1.24.4-1.el10_0.ppc64le.rpm 01b07ff34f8102fdd1e586cf1acf8e830a37cad1451117d1fb304e341400cd3d golang-docs-1.24.4-1.el10_0.noarch.rpm f55ec9fb24d751ffe3187f8ca6c2726708bdf26cc2e04ed86d7500edf65a2eb9 golang-misc-1.24.4-1.el10_0.noarch.rpm c34922495aa0d17cd7ea49e63ba69169799423420eaf62cebd336663b16ba28a golang-race-1.24.4-1.el10_0.ppc64le.rpm f1530d81f303c6506edf40d168e0a582da1ae8ee05640a749658c14e1a0935a9 golang-src-1.24.4-1.el10_0.noarch.rpm f49a704a94a6fae26328780398d8a6f588082da9aa5dafa3d777cf1a0eb27434 golang-tests-1.24.4-1.el10_0.noarch.rpm e2ce7eb27332c70ecc199fc129838f7f8b37a285a616b50b04779e5e62e0c77f go-toolset-1.24.4-1.el10_0.ppc64le.rpm 0aeea8cc3aee168b1b8abd20449b15dea8e93b38c382f71144a2e59ca65a74f3 RLSA-2025:10854 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: exfat: fix random stack corruption after get_block (CVE-2025-22036) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.21.1.el10_0.ppc64le.rpm f0125e8fd3588d1c4cb11366a41e0dff75d3996e773fa1912334b2008f79e93a kernel-debug-devel-matched-6.12.0-55.21.1.el10_0.ppc64le.rpm 5c048cc71eea0ee5744783520185aeef83080a3a6cfd03fcf17188b1147bdfbd kernel-devel-6.12.0-55.21.1.el10_0.ppc64le.rpm 4c5d4bb9b9806ff821a273d927aae81f5b59a24c30639bd728df2b44ad49236a kernel-devel-matched-6.12.0-55.21.1.el10_0.ppc64le.rpm 81b09c6070bda2f248f4bf23d94ca291f87dd83b83591950facf3e5038f35f6f kernel-doc-6.12.0-55.21.1.el10_0.noarch.rpm 0fac73f3048e88895bcfd0fe2e3c15ac66aa8975f75064ae479705e011cdcc9a kernel-headers-6.12.0-55.21.1.el10_0.ppc64le.rpm 73ad2b64a4281979837c144924593a10baa1850afff13be0cab419f63eccafea perf-6.12.0-55.21.1.el10_0.ppc64le.rpm fbeb690009f096209d7a2d0b82451419e8d4c240a32e9ddb7bc69532f12b627e python3-perf-6.12.0-55.21.1.el10_0.ppc64le.rpm f0429893e4f30220760cb5fce2efc3b32f772105205a1646314d557aaf020d01 rtla-6.12.0-55.21.1.el10_0.ppc64le.rpm 761262717789fe812e9db4abf23d338048793f6e6ed9423ec38ceba2177bf480 rv-6.12.0-55.21.1.el10_0.ppc64le.rpm f48df0e8a255ea4863def74bfc91d6266ef82dd74fb89b7fad675a8fd817808a RLSA-2025:10855 Moderate: glib2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glib2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib: buffer overflow in set_connect_msg() (CVE-2024-52533) * glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar (CVE-2025-4373) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms glib2-devel-2.80.4-4.el10_0.6.ppc64le.rpm 4ecd55d85108d5c52d6385b8b7d6d0a6b24734b3fd194e390f3f91e8482996cc glib2-tests-2.80.4-4.el10_0.6.ppc64le.rpm 5cbdcbae87018442a981fea71571e29c1c55a51a10a7bd1ce3f230726e37bbc1 RLSA-2025:11066 Moderate: glibc security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Vector register overwrite bug in glibc (CVE-2025-5702) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms glibc-devel-2.39-43.el10_0.ppc64le.rpm 59799c70c1632e7974799e38b476cea7840d707999c31a931a4c8165979ffe37 glibc-doc-2.39-43.el10_0.noarch.rpm ed381b944944b79f2ea78160249b79318e5cfb1e89d3a5930194fa31cd0ec093 glibc-locale-source-2.39-43.el10_0.ppc64le.rpm 2a98c57de6261c03e558e77799152392ddeaa66a4bb7abb1b1242358dd3e17a9 glibc-utils-2.39-43.el10_0.ppc64le.rpm 5a32dfe5e7eb900719c0f36a704fefd67850d8ea5e104a4b520c737018db46c7 RLSA-2025:10873 Important: java-21-openjdk security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for java-21-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * JDK: Better Glyph drawing (CVE-2025-30749) * JDK: Enhance TLS protocol support (CVE-2025-30754) * JDK: Improve HTTP client header handling (CVE-2025-50059) * JDK: Better Glyph drawing redux (CVE-2025-50106) Bug Fix(es): * In Rocky Linux 9 and Rocky Linux 10 systems, the default graphical display system is Wayland. The use of Wayland in these systems causes a failure in the traditional X11 method that java.awt.Robot uses to take a screen capture, producing a blank image. With this update, the RPM now recommends installing the PipeWire package, which the JDK can use to take screen captures in Wayland systems (Rocky Linux-102683, Rocky Linux-102684, Rocky Linux-102685) * On NUMA systems, the operating system can choose to migrate a task from one NUMA node to another. In the G1 garbage collector, G1AllocRegion objects are associated with NUMA nodes. The G1Allocator code assumes that obtaining the G1AllocRegion object for the current thread is sufficient, but OS scheduling can lead to arbitrary changes in the NUMA-to-thread association. This can cause crashes when the G1AllocRegion being used changes mid-operation. This update resolves this issue by always using the same NUMA node and associated G1AllocRegion object throughout an operation. (Rocky Linux-90307, Rocky Linux-90308, Rocky Linux-90311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms java-21-openjdk-21.0.8.0.9-1.el10.ppc64le.rpm dfaa5acf05f1830d338b7d05e15f0c508c631182a2a58fc5e929419031992a98 java-21-openjdk-demo-21.0.8.0.9-1.el10.ppc64le.rpm 17df7f6beb2b57b96d05eff79e57c1d25a6d80662e68266993ff64245bae3693 java-21-openjdk-devel-21.0.8.0.9-1.el10.ppc64le.rpm da244ad298fb5b1be2ecc36b59df42b45f6e2f6fe0b1cd1d8ef8bb5148425aa8 java-21-openjdk-headless-21.0.8.0.9-1.el10.ppc64le.rpm c40287e317dee387b5b68624b08a5580e3241b939306c200cd8757e2e0ad0d44 java-21-openjdk-javadoc-21.0.8.0.9-1.el10.ppc64le.rpm 092ba4065cb7bdc278f704c81520b1fa36a5760df11717879415b1fa2484ec59 java-21-openjdk-javadoc-zip-21.0.8.0.9-1.el10.ppc64le.rpm b3acfe433cd3665bb909b2eee35f6a1b2c61bc664add1e0ee8c9471974d6a63c java-21-openjdk-jmods-21.0.8.0.9-1.el10.ppc64le.rpm e251cdfd84acc55349b1d5a670e96c59b247e6d88fca759387e2a86c2911222a java-21-openjdk-src-21.0.8.0.9-1.el10.ppc64le.rpm 13f3a07f171df295f2320802d884e4ddddf637811e027d423ec33bdb5bca4639 java-21-openjdk-static-libs-21.0.8.0.9-1.el10.ppc64le.rpm 425e9b3332ed6fd6377319f8a968297d8816e455125a746571eb9425bd83ce68 RLSA-2025:11332 Important: tomcat9 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) * tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms tomcat9-9.0.87-5.el10_0.1.noarch.rpm 7c11353e58e4822db9739e90e1b99462f3be11ed491be1beb1be7807545181bd tomcat9-admin-webapps-9.0.87-5.el10_0.1.noarch.rpm 3d6851aa27bf852945314cbad8a11ba59df3e3cbe7ed6ac0e5a5f29c58225d40 tomcat9-docs-webapp-9.0.87-5.el10_0.1.noarch.rpm a9f4d0eeabb6df8ffa9e7a332446f5a161ada29c77a0d38fb801fc826504e033 tomcat9-el-3.0-api-9.0.87-5.el10_0.1.noarch.rpm 38b76b62dec96d2400b4a5030c61a93d6865897a63fd032a2b9f1076eafe9c2d tomcat9-jsp-2.3-api-9.0.87-5.el10_0.1.noarch.rpm cf01a3d83ada8424330926b49aaa536c4dfb24576f057cc989a0b3a14c441883 tomcat9-lib-9.0.87-5.el10_0.1.noarch.rpm 29e509374ef0700c32eb589736d9d80bddbe255b252cd9f927e1e3f21bf5ec3e tomcat9-servlet-4.0-api-9.0.87-5.el10_0.1.noarch.rpm 0ca600cd745cbb59544aafe2278a75381d4da269d7ac01aaeb9b61eba69210df tomcat9-webapps-9.0.87-5.el10_0.1.noarch.rpm f5b988b6558b3992d98428ec7af5cf620fc24157d925e3ab1cb9fa27488fa459 RLSA-2025:11401 Important: valkey security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis Stack Buffer Overflow (CVE-2025-27151) * redis: Redis Unauthenticated Denial of Service (CVE-2025-48367) * redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability (CVE-2025-32023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms valkey-8.0.4-1.el10_0.ppc64le.rpm 97961d5ab5d066abcb4053616945f1f4483998456f1ecb44005baaa7eb135a4d valkey-devel-8.0.4-1.el10_0.ppc64le.rpm ca1c013a53b0b83b5d7f7b3921770d07fcab2b22ba07e472f6d4bad1846ec2fa RLSA-2025:11428 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Remove dangling pointers (CVE-2024-58002) * kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980) * kernel: wifi: iwlwifi: limit printed string from FW file (CVE-2025-21905) * kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry (CVE-2025-37958) * kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CVE-2025-38089) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-doc-6.12.0-55.22.1.el10_0.noarch.rpm 57373126cd581bffae6ce7e61877d24464b49b3c16e4a3101d64c082da094efc RLSA-2025:11537 Important: sudo security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: LPE via host option (CVE-2025-32462) * sudo: LPE via chroot option (CVE-2025-32463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms sudo-python-plugin-1.9.15-8.p5.el10_0.2.ppc64le.rpm 2bd7d51bc1dd57204d6fc0b10f78da9e806910e67151dc55f6f284212dca1eda RLSA-2025:11797 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-128.13.0-1.el10_0.ppc64le.rpm 3140a63855c75ef9bd4fd2653fb07e3ee9e50034e07496b1898d8c31165ac05d RLSA-2025:11855 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: RDMA/mlx5: Fix page_size variable overflow (CVE-2025-22091) * kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CVE-2025-22121) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797) * kernel: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (CVE-2025-38088) * kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CVE-2025-38110) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.24.1.el10_0.ppc64le.rpm 3169c86befca62e01dd500901552e055707c6abe712ca1d01b73574bd82e0fe1 kernel-debug-devel-matched-6.12.0-55.24.1.el10_0.ppc64le.rpm 5b61e60c3dedb521ec75f98f796dd1167e37a374769ca46489d69213b9628f90 kernel-devel-6.12.0-55.24.1.el10_0.ppc64le.rpm e5df1b0053fa3e3884e836b9fb8735e395a244e004fa86f8d770024ff48d8ee5 kernel-devel-matched-6.12.0-55.24.1.el10_0.ppc64le.rpm eb380aa8febe6444a1f01dd82c47b20619e80ab2830f6f37700be9dce20e655b kernel-doc-6.12.0-55.24.1.el10_0.noarch.rpm eb25387de4a44c1f7f2648f580ab9c31b3eeba35aee638fc2488206fef99d504 kernel-headers-6.12.0-55.24.1.el10_0.ppc64le.rpm 095a3bb48e6b8c11dfe04fdc7e119684cf478f67a21cb758a38db6070be410f6 perf-6.12.0-55.24.1.el10_0.ppc64le.rpm 7e2cbdae910f5dface1ab76eb784f707e3c61d711122bd13ee114b2f95a2a6c9 python3-perf-6.12.0-55.24.1.el10_0.ppc64le.rpm eecf2da6840891184cacb0ebc8166b9d79f7f53fcce6abef38e3eaefe5fd0d31 rtla-6.12.0-55.24.1.el10_0.ppc64le.rpm b6b1b780bf9f59487204d611c13d41a4f9d06cd341afd9b8964f77e39c4489e7 rv-6.12.0-55.24.1.el10_0.ppc64le.rpm 69ee45ecc11c9b6a4d796caaa5d39d1bf11cd809ad0be33ab81a8c9239280055 RLSA-2025:11888 Moderate: icu security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for icu. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Security Fix(es): * icu: Stack buffer overflow in the SRBRoot::addTag function (CVE-2025-5222) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms icu-74.2-5.el10_0.ppc64le.rpm b8144a167f0ccbf446f4c80f49968e154a1346f16975df52b3b206c8f4f2d6f8 libicu-devel-74.2-5.el10_0.ppc64le.rpm 9e106aecf8d9d32e0fe1ea3960306219cc3cdb506372f2a189141d4da82a7cef RLSA-2025:11933 Important: sqlite security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: Integer Truncation in SQLite (CVE-2025-6965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms sqlite-3.46.1-5.el10_0.ppc64le.rpm 66c848433187554e60c534052ca8516a25494afa691adeda76dcff82fc5e3ab6 sqlite-devel-3.46.1-5.el10_0.ppc64le.rpm 77ca0a8927765ed99578baa17d448bee71010189debd3b3fea83fcb11b6549e1 RLSA-2025:12056 Moderate: perl security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms perl-5.40.2-512.2.el10_0.ppc64le.rpm e0974f9748c382d076974de7b86799ae146d882371b6ab23b2c0e50af7ac7093 perl-Attribute-Handlers-1.03-512.2.el10_0.noarch.rpm a50a47c9c8189cf7eec48d586f8816aa6273e5a84e24c8b38c98b3396378e0d7 perl-AutoLoader-5.74-512.2.el10_0.noarch.rpm d11dee873d7d98224cb8b63b805b266025ff6e7a7c0bbddea102a1aef6b4c1ef perl-AutoSplit-5.74-512.2.el10_0.noarch.rpm fc83da5b9f60869db73ea9335d11b087da8977bab44b669d2fc21d5ce7eedbdf perl-autouse-1.11-512.2.el10_0.noarch.rpm 022a86f3a5975a041799ad17b807e59e335f57a29b3fcd9e7624ae13d9fc343f perl-B-1.89-512.2.el10_0.ppc64le.rpm 5c418ff850ceacda6cfa2f2446f6006bba6f6adc007f164eea916225429f4044 perl-base-2.27-512.2.el10_0.noarch.rpm 23294c4ee06f04f99e734a520e7118b3f69b4e973afdcfa435e7fdffacb6cb30 perl-Benchmark-1.25-512.2.el10_0.noarch.rpm 7f17cc9401a6998858fbfc634fd8cacb305dd95c5557fa60dd1efc7f9e40dd6c perl-blib-1.07-512.2.el10_0.noarch.rpm 26f1caf1fa8a54fea467f5e126a8b9d295cc763ee5e84029137ee6dd9ad12668 perl-Class-Struct-0.68-512.2.el10_0.noarch.rpm 142b33b254ad949b08e59aa746019c53c09a6f9b1e8f16612c23a2222c7890bd perl-Config-Extensions-0.03-512.2.el10_0.noarch.rpm 088dd306bf83eb27d4800a7dc8a74248a7655b27025f6a1096a32664ad3f7e71 perl-DBM_Filter-0.06-512.2.el10_0.noarch.rpm 594a8f1acb1be8bea0d80d76529e16e209ab76632573ec320a3a255c1d93030d perl-debugger-1.60-512.2.el10_0.noarch.rpm 116632d66aecb227ec01b561039c998967e38b11605a08c26c6975f100d3f363 perl-deprecate-0.04-512.2.el10_0.noarch.rpm f9b6c6d93abe972e0898aed2bd517c9dd7492b589cc43f0f542ef879705eaa16 perl-devel-5.40.2-512.2.el10_0.ppc64le.rpm f1bbfd39ff69566413ead66033d09f9247fb0210ef73c56318c2a930cefc31ac perl-Devel-Peek-1.34-512.2.el10_0.ppc64le.rpm 251bb93e78fd93661b39828c2ddabbbd0578f5e5da98368ec988a18f5a75efd5 perl-Devel-SelfStubber-1.06-512.2.el10_0.noarch.rpm 3333f3ddba623e1659029a71773b6fdd8b06009f52f630c617f5f06869d193ab perl-diagnostics-1.40-512.2.el10_0.noarch.rpm 391498cf663012d9ec9bd910b4bf53cf4234304cea25b142debbb91bda3c79ba perl-DirHandle-1.05-512.2.el10_0.noarch.rpm 3b7143910af7251015a7a91b80280ebe2390424ccb7e1ce5172d6fe3a2b579a7 perl-doc-5.40.2-512.2.el10_0.noarch.rpm 1f2e5dc38f4e1c91f43dac6269bb11d7c025b27eb55e7f4eb6461ea0220704ac perl-Dumpvalue-2.27-512.2.el10_0.noarch.rpm 4e035ced3d3eae3c988ec32be73475af7f253d99e8fe456d829cbca7887fd3e6 perl-DynaLoader-1.56-512.2.el10_0.ppc64le.rpm c7839d86d0db1363fdc18e97e3a54c9c943631ae348245d36e9836c7ce05ffbf perl-encoding-warnings-0.14-512.2.el10_0.noarch.rpm e0901d24894adcac12d89343604cf3e8775024483b6a83d3d5913153c41faf8a perl-English-1.11-512.2.el10_0.noarch.rpm cace3f6ec93d1dddf2a3880e90a746967df8ad4b18c65e3fab3d6d2837962a59 perl-Errno-1.38-512.2.el10_0.ppc64le.rpm e94006c782869f0281c8df1b700e552a85d905c3ead2342d1c4d429b59e10cc0 perl-ExtUtils-Constant-0.25-512.2.el10_0.noarch.rpm a5254c20224062ab3e006e8a816d71f6a6f7c392afebeaf67c08189a04820674 perl-ExtUtils-Embed-1.35-512.2.el10_0.noarch.rpm a3a81991583e28184db2748eb512c1a95788568a6da7aafaa5ec0fc4a39b594d perl-ExtUtils-Miniperl-1.14-512.2.el10_0.noarch.rpm bff285dd9b50eac452554962e9533a81440ab5b293a5f8a131ed217e159b4abd perl-Fcntl-1.18-512.2.el10_0.ppc64le.rpm 13d92e385094426d5948e279b89dbb0b1bef620745d0378b3f735214cbe58015 perl-fields-2.27-512.2.el10_0.noarch.rpm a5185e8c106dd42e6900b9594a894c8640301c4454d6e9130996d1d2c6619743 perl-File-Basename-2.86-512.2.el10_0.noarch.rpm 0e52e24b6fe11614f52f85fac01887550aca5af48322b7297add18f8bae07af8 perl-FileCache-1.10-512.2.el10_0.noarch.rpm ddcec09ad7b7e78312d597efb775fd0795aca5064ba933ac3ba53de6ffb70ed3 perl-File-Compare-1.100.800-512.2.el10_0.noarch.rpm 36d9a304d4513dd8ab9b8e98d02cc609541bdbba22be1ea88b247e37ca61671f perl-File-Copy-2.41-512.2.el10_0.noarch.rpm eed099e78ffcf4332ed8a29bfb6ea948717fc3b61b312e205a8a3bb3783abcb0 perl-File-DosGlob-1.12-512.2.el10_0.ppc64le.rpm 11a9a172270f23fd57b685e2b43c6bdb86e0856564778bfc7ddcf1a9cc5c75a2 perl-File-Find-1.44-512.2.el10_0.noarch.rpm 1d72ea44720cc2edbea27771dd5708935c2b1f1165c12b7bd8053a281e31bff8 perl-FileHandle-2.05-512.2.el10_0.noarch.rpm da293f041854918ba2ed671bc86e0fa2495c7c6bb6bb4ae6c1d1555aa0543ccf perl-File-stat-1.14-512.2.el10_0.noarch.rpm e68ec3b54e4a04236a01260f76f52453974a71e4ba14a85a92357e611f8f0307 perl-filetest-1.03-512.2.el10_0.noarch.rpm d722cf0a055e441a8e7f804a6cb287f292ea823b01ffa0fd6aa6b9232d28a82b perl-FindBin-1.54-512.2.el10_0.noarch.rpm 309befe99d17047346772695df54eb58575c000cd4da46652dfc56edc7da597f perl-GDBM_File-1.24-512.2.el10_0.ppc64le.rpm 2a22c31880b603137aed58c092af2da0c99369c3b4f3ffeedfa609a6f380812f perl-Getopt-Std-1.14-512.2.el10_0.noarch.rpm 4c704ab2ee391d717797366dd5ed6e0b4972c6915dbaf0ed0079f4cb23dd2fb3 perl-Hash-Util-0.32-512.2.el10_0.ppc64le.rpm e2298d69e3670b0bb5deefc39ff8ff60443a95404894123c4c11d6672851447d perl-Hash-Util-FieldHash-1.27-512.2.el10_0.ppc64le.rpm dc6947fe1ac1e78e1631b00de0d806bf1206ea15f1ce19839eeefd1d0bdfc215 perl-I18N-Collate-1.02-512.2.el10_0.noarch.rpm bcba8afa4f930466ff0b74cd168d0223e120524176ce70249b765a1b1b7dd280 perl-I18N-Langinfo-0.24-512.2.el10_0.ppc64le.rpm 7a173d0c97c3488e64cee0c73c7c17938ef988d4e84fc8d7cc049e7e7a5281a1 perl-I18N-LangTags-0.45-512.2.el10_0.noarch.rpm 76f6d8df29b37d36d869d540fe00fab661009cb9985b188caf23892bad7b52a8 perl-if-0.61.000-512.2.el10_0.noarch.rpm 5f355e52e71146d71223f34451b5ff1c11bc471ae8eeb0a1a84258d15c32594f perl-interpreter-5.40.2-512.2.el10_0.ppc64le.rpm 799e6fad8e4d3ad54e5f36754505b4d193dadc9af3ab3516c18d8d8e6b03a85e perl-IO-1.55-512.2.el10_0.ppc64le.rpm 6d952077d0596e5f3d6ad86e6501b75e44a1cedad48de76788bfd1cae087f059 perl-IPC-Open3-1.22-512.2.el10_0.noarch.rpm 86b148a2756784bdcbdaff5cff28c5393ac52f4bf0216907756b57a5ba5ca92b perl-less-0.03-512.2.el10_0.noarch.rpm b5e848124b09387112c1d4231c76c8def385bc0538c73b2c6ec9aa685fa9200d perl-lib-0.65-512.2.el10_0.ppc64le.rpm b31adde6ca21d8471da61bd16d2664a47226a2b83b92c2f250403c105f265ac5 perl-libnetcfg-5.40.2-512.2.el10_0.noarch.rpm 7efe3f4939bc66049dfb3820be0b55a361dfc104ba96d7878399dee3e3d68a5d perl-libs-5.40.2-512.2.el10_0.ppc64le.rpm 5755c41ca4dff41545eb90e0332715f41ab6a20929716b6d6c689f63e6362aec perl-locale-1.12-512.2.el10_0.noarch.rpm a9a3b66e223867d6208946406f5b1edf6726034cdb86c60594d1d1df8381fa18 perl-Locale-Maketext-Simple-0.21-512.2.el10_0.noarch.rpm 39e29184aa99c21e97a57e97dc02717f90d377f12a3202b0e93b71ce1ff113c6 perl-macros-5.40.2-512.2.el10_0.noarch.rpm c338c5d3a9bd8a1c1235f1c8da239f29b9d62bf58788f9983355db0106722eaf perl-Math-Complex-1.62-512.2.el10_0.noarch.rpm 6be88deaf0001307cb42142a066d5bbb8355ca3c066f287cc1dfb6c70135de31 perl-Memoize-1.16-512.2.el10_0.noarch.rpm a8b43a7f26e0da134f559117be6ec1246f4403594c78bd2c028b93ee08086207 perl-meta-notation-5.40.2-512.2.el10_0.noarch.rpm e1de3da0d11590cde4c2f31ea22160f937639c4cb14852569b46be28b046c8ee perl-Module-Loaded-0.08-512.2.el10_0.noarch.rpm 3639e9e7b65277a67c7409fe4f020b3913c7ef6b948bf577ed1ae9aa34f71efc perl-mro-1.29-512.2.el10_0.ppc64le.rpm c6bd2788a587dce2e41e5b4c8caea8932ec596708e0f6511d32589869931bdf9 perl-NDBM_File-1.17-512.2.el10_0.ppc64le.rpm 860f86cecfff6a67040c29729558bfbecb55b8b4ab0d0791e611a1d80bdf6bc3 perl-Net-1.04-512.2.el10_0.noarch.rpm 589d4504637d13e2435420455917884df8727581aa80fae5b51020650ac8169f perl-NEXT-0.69-512.2.el10_0.noarch.rpm 6cf667a4e215805092c31399b07088b9b53ac30571429737c26ff5633c93f107 perl-ODBM_File-1.18-512.2.el10_0.ppc64le.rpm 92cb933d1ff81e45f602bcec873e735fd3bc520b6edf31020c46a107fa802555 perl-Opcode-1.65-512.2.el10_0.ppc64le.rpm 6747aab419e88b9ce3cd3125526fe1dafe9592e843ddb49169cc9c21563d5b32 perl-open-1.13-512.2.el10_0.noarch.rpm e6faf552b3ef8663aa5c008bb0170bd1937c21b052e19b38338b17af0140a2fa perl-overload-1.37-512.2.el10_0.noarch.rpm ef05e1e0a8d4186fd2b5fc8e9726345b0d14a30e4a7eb7a66943aa51c6032a4f perl-overloading-0.02-512.2.el10_0.noarch.rpm 418913e1c6335e9aa8f039fa6903dbba59d713bc902191272692c655b2d8f63b perl-ph-5.40.2-512.2.el10_0.ppc64le.rpm 81122a465debbf2ecb0f96eb9072a6e9db003db2763c23c9f3587bf0813edb2e perl-Pod-Functions-1.14-512.2.el10_0.noarch.rpm 9544e913bae26609c973b6fac8ef231fa230e79b79966696f27dc6169b0cce16 perl-Pod-Html-1.35-512.2.el10_0.noarch.rpm 56640ad227c8fb21e7f72fde247757f01d905d585bea3ede000adc8db4072b87 perl-POSIX-2.20-512.2.el10_0.ppc64le.rpm 0f9cbf4465d39f1a8c27923755a33e3e1c812d2e8a1863b3f5b4c7d388b95adb perl-Safe-2.46-512.2.el10_0.noarch.rpm d8b10fade999abb3271355112bd700b47920bc3556996606e99cc4ac445e682d perl-Search-Dict-1.07-512.2.el10_0.noarch.rpm 7a93698979506fa211d4570b90132e5368cc45829985baec494f877a38ec0061 perl-SelectSaver-1.02-512.2.el10_0.noarch.rpm 4971816006a6fd214274853c95c74c1e4af34acb2fa145d7c36d3533f115969d perl-SelfLoader-1.27-512.2.el10_0.noarch.rpm 15a01d37dcd6c51415b3d2eb973d5e64ffe93455587282661129f31e39a37164 perl-sigtrap-1.10-512.2.el10_0.noarch.rpm d322121627446cea0a0ce9a162ac1e5cbc3c21fed5454a614f9f3231bcd6e819 perl-sort-2.05-512.2.el10_0.noarch.rpm 9a656d27009bec4a4203f84e041407805e48189799413db9637a51d307666867 perl-subs-1.04-512.2.el10_0.noarch.rpm 6f51e398f25184efd9fa656c36b32f4a66b84db33473a0084c09d2564b1fa173 perl-Symbol-1.09-512.2.el10_0.noarch.rpm e44ddbdba11f7108309e1e8268ded90b30b45d4559d329b7598c194491e65cb7 perl-Sys-Hostname-1.25-512.2.el10_0.ppc64le.rpm 6f4a988d84b5637bd717c5690ecd244a1094e0047ddf29f6531f24f566a9c688 perl-Term-Complete-1.403-512.2.el10_0.noarch.rpm bca25218698dc5bec307ab2833f95c80979801a3a50bde8578e87f5b0a9e9c6e perl-Term-ReadLine-1.17-512.2.el10_0.noarch.rpm eacdcb68a50137a0b436f0c843963dd397f6a08953c66383e62b6cc416203cf0 perl-Test-1.31-512.2.el10_0.noarch.rpm 7e9be4015583373451563d4ec380e02dd4acceb46311be07128844cee2bd3c99 perl-Text-Abbrev-1.02-512.2.el10_0.noarch.rpm 25b62a751bb2a0357cfcf9b4a9e159bbacbefd6cfe0748265e62219dc9683586 perl-Thread-3.05-512.2.el10_0.noarch.rpm 491d0f80e3d887e45c217e46256d581c90fb3cb07830cc546e2a6f5691b629f6 perl-Thread-Semaphore-2.13-512.2.el10_0.noarch.rpm 638204720d76bfff46b4232b6bac608876be8f587b9c7f3d1009e3dedf806dcb perl-Tie-4.6-512.2.el10_0.noarch.rpm 5c0753c9b84119f97ee29a79a6f85d2b9b8e7b43e7ccceff30076e592529fb4e perl-Tie-File-1.09-512.2.el10_0.noarch.rpm 979470cf5a306f3c4dea61028b98b449ca8befcfe02987ef6e147c7321f6d3fa perl-Tie-Memoize-1.1-512.2.el10_0.noarch.rpm caab07ab606928b27eff25c56d245649147171e90b94c8f4ebc6168c2c04d1a6 perl-Time-1.04-512.2.el10_0.noarch.rpm 9f0208c626290f1e4e435ec425e901cb8c2db44c8e1caa64fc244a9172006d4f perl-Time-Piece-1.3401-512.2.el10_0.ppc64le.rpm 1f96a114b28342113f20ac8b4674d00780533682dc0361acbb17eb26d0bbe0f0 perl-Unicode-UCD-0.78-512.2.el10_0.noarch.rpm 8127dfa5d5006949b78316bea4cd438b83f616dbb2c9160dee0d3c88dd354d8e perl-User-pwent-1.05-512.2.el10_0.noarch.rpm 61be0c87a8ef400af759697ab882a54dc62018958aa86f3a3f6a2bac93666b68 perl-utils-5.40.2-512.2.el10_0.noarch.rpm c89e6e8052e14ed8e1c2d3c9c09ef67d1f90be7705d624293c916ee926fd4ae8 perl-vars-1.05-512.2.el10_0.noarch.rpm 877c2bdd38a85c3510e06a9a271b5badc4b80c917109f39f65f3ca4796eca380 perl-vmsish-1.04-512.2.el10_0.noarch.rpm b2e68ff6ffa4970afdeff6e1d9988decbf7cabe45d08dabee3d6b41284f869d7 RLSA-2025:12064 Important: unbound security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbound Cache poisoning (CVE-2025-5994) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms python3-unbound-1.20.0-12.el10_0.ppc64le.rpm eacbec48176d44cf77248b3afda76b3123a1fa4d33d647d33c0ad3a0cb2ed60f unbound-1.20.0-12.el10_0.ppc64le.rpm c1709def0a6f06f7b7ee79533ca8133d24fca9ce100d31e721f75df4a3a3db3c unbound-anchor-1.20.0-12.el10_0.ppc64le.rpm e1ea07f1a3373071a8712b3b57093fa4b8895c8fded387b9153eacf3e1e5a373 unbound-dracut-1.20.0-12.el10_0.ppc64le.rpm 27fc442fc5e3b5d951261cb887b6c444cafb958a89bea63645ebd3aa3394e48f unbound-libs-1.20.0-12.el10_0.ppc64le.rpm 78666d8eb8660a39844ecae4a98f22c3d7d576575c0a8c64148442a245716b34 RLSA-2025:12188 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-128.13.0-3.el10_0.ppc64le.rpm c2abf212ce6ffec192eb0a6a82afe4e0851873f46f1a238703d9c873f27eb0b2 RLSA-2025:12662 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: padata: fix UAF in padata_reorder (CVE-2025-21727) * kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928) * kernel: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CVE-2025-21929) * kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020) * kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113) * kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890) * kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052) * kernel: net: ch9200: fix uninitialised access during mii_nway_restart (CVE-2025-38086) * kernel: net/sched: fix use-after-free in taprio_dev_notifier (CVE-2025-38087) * kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.25.1.el10_0.ppc64le.rpm bc4212f26f859b928bbd444fe87cc3b5f931ca1e951bd8478c172150d2b7b8fc kernel-debug-devel-matched-6.12.0-55.25.1.el10_0.ppc64le.rpm bd483d7466dae1b58a8a0f39a1a6d8b3a6b6e3aa5293751e38b6bb1f58805d38 kernel-devel-6.12.0-55.25.1.el10_0.ppc64le.rpm d5756a1cfbb26d298092490061a80a8d8f83a3832443c03a0c80a016d056dfff kernel-devel-matched-6.12.0-55.25.1.el10_0.ppc64le.rpm 50cb8da854ba6efc66d97463004b117a36c92d6472a07a49287bf3cc6d5ed009 kernel-doc-6.12.0-55.25.1.el10_0.noarch.rpm 2cb9b732ef69aef143919db2a6e778164052cbc7a74beabbb9ed69c93c76ef69 kernel-headers-6.12.0-55.25.1.el10_0.ppc64le.rpm 990ea648125516f79838eb2ffa39419cd5a85cf636f0a7f0bae0b14dec72d402 perf-6.12.0-55.25.1.el10_0.ppc64le.rpm 0daf33ded5bd0543ef99c14d32bd27b51c384dc56b8450ce4706d1b065aba08d python3-perf-6.12.0-55.25.1.el10_0.ppc64le.rpm 0f7c35b8760344d3bc57f4c932308b165ea05687eb79eceb28a661778cbc645e rtla-6.12.0-55.25.1.el10_0.ppc64le.rpm e53dfa00ffe1be76af05e4eb8fb19fc8e559ac9c49ac574049198a2d9c5c5bac rv-6.12.0-55.25.1.el10_0.ppc64le.rpm f5f7cd9c17f0815eac2103970c8e32c27106be5cd8e2de85108c5cf34b47f058 RLSA-2025:12850 Moderate: opentelemetry-collector security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms opentelemetry-collector-0.127.0-1.el10_0.ppc64le.rpm ff481c51c20da3c327b59317ce9deddc670030762a2185dd6db818659110c20a RLSA-2025:12862 Moderate: gdk-pixbuf2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gdk-pixbuf2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fix(es): * gdk?pixbuf: Heap?buffer?overflow in gdk?pixbuf (CVE-2025-7345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gdk-pixbuf2-2.42.12-4.el10_0.ppc64le.rpm 43cd89835828f64a51ecda3f79b9ba6bdc13713cd0341198938689542a255df7 gdk-pixbuf2-devel-2.42.12-4.el10_0.ppc64le.rpm 488b60e0ba9031d92087200e39e5de41167cf67ae5d1d700de35f587ce9364cb gdk-pixbuf2-modules-2.42.12-4.el10_0.ppc64le.rpm 2734628dcf2b2ff3346e0cdb36b5db88c8c7ab4269cbe6e9675359c14de349db RLSA-2025:13240 Moderate: glibc security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Double free in glibc (CVE-2025-8058) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms glibc-devel-2.39-46.el10_0.ppc64le.rpm 513e243ad64418e1d970b82ae07b8329d7dff2a11ac74886318805a7cebd61bf glibc-doc-2.39-46.el10_0.noarch.rpm aec94e9135f742ab005553dee9ee0ebbbcc83155e4cbbed46f79b316e801e763 glibc-locale-source-2.39-46.el10_0.ppc64le.rpm 8b550af56334aa73b592705a8d14e547f898ef30de28817bbc7ef4f560527d77 glibc-utils-2.39-46.el10_0.ppc64le.rpm 17bc4eea4c0539906941fc2e7a35ed3f8a18ccd9dafb724dbe0365ef8a95a73d RLSA-2025:13429 Moderate: libxml2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) * libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libxml2-devel-2.12.5-9.el10_0.ppc64le.rpm 1b69f3ca27a48bafc80a57fe05c7ef0efd0dfc9b97ce58f5891e7aa826f01ee8 RLSA-2025:13598 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) * kernel: wifi: ath12k: fix invalid access to memory (CVE-2025-38292) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.27.1.el10_0.ppc64le.rpm 158859e385956d43e139e1207a87c3c6c538f5df8ef17b97fa060f33a3d17058 kernel-debug-devel-matched-6.12.0-55.27.1.el10_0.ppc64le.rpm 3373d379366d873454fbe8e3700c7173b634b3027627a4f59c7595dbc0e2f356 kernel-devel-6.12.0-55.27.1.el10_0.ppc64le.rpm d8f0d904114299ce709de2923e1e6e5bad7ebf38222dca1cfca5694f089546cf kernel-devel-matched-6.12.0-55.27.1.el10_0.ppc64le.rpm 6add085de0ef29336479ac9624ced97f4f15290753d9899b940aa5954c3e8c5b kernel-doc-6.12.0-55.27.1.el10_0.noarch.rpm 794200da05e099238a3419aae127c59934fcd9d5a559c7a996adaa9da27a7a81 kernel-headers-6.12.0-55.27.1.el10_0.ppc64le.rpm 17ede3fecd208b933a9c5c39cdfeafe3af6755c70f0c411d06f82490692e43e9 perf-6.12.0-55.27.1.el10_0.ppc64le.rpm aba354c3892418bf8f810313d4da38e8cbe6c1765684ca58e16d3b54acf11699 python3-perf-6.12.0-55.27.1.el10_0.ppc64le.rpm 69e3d2b3c467a0d24150b7153757e9595bf4c03db362e29fb2921d81b741d9fe rtla-6.12.0-55.27.1.el10_0.ppc64le.rpm 649ac5a58cc104a55b724bd75254116eb772f494b65089039d4464945ae03900 rv-6.12.0-55.27.1.el10_0.ppc64le.rpm 5f418929975b2aa750737473d7b74d691d1e3bc3dee8ff190fdc9c6c2f2ecb83 RLSA-2025:13674 Important: toolbox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for toolbox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): * nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit (CVE-2025-23266) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms toolbox-0.2-1.el10_0.ppc64le.rpm b50bfd506454353c11f85bd34123990509381f84e8fa765cb468af7230c712af RLSA-2025:13941 Important: golang security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The golang packages provide the Go programming language compiler. Security Fix(es): * cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms golang-1.24.6-1.el10_0.ppc64le.rpm 6f3f1e01fcf4b2c5467de0aa7c2af87c876c133c81cc765e0d4714049084b03a golang-bin-1.24.6-1.el10_0.ppc64le.rpm 230106ecf727ed6fc1f27e5e572999602abd1f4c70b8eebc852f3baddc38c8b5 golang-docs-1.24.6-1.el10_0.noarch.rpm c8015b335c5881328c5e1ea21aab8e9487e278ded209f83b111b0a870925aea1 golang-misc-1.24.6-1.el10_0.noarch.rpm 9d833125417d6f49f9dc2a9c19bf9454ea27c78b6d319168faff5c6491b640b7 golang-race-1.24.6-1.el10_0.ppc64le.rpm f7d23e0fbcb6bf7f8c328f64d2f7c3ae9a8f034d48ddcdcc620ee593b1d0aa2a golang-src-1.24.6-1.el10_0.noarch.rpm aace02df66e63925e08917bd1704188ea6726490a414e5f5f1f5b9b0ff6051c9 golang-tests-1.24.6-1.el10_0.noarch.rpm e7152f56606fe5f068a38d2d2e40d491f9670cc56cb216e7c1d8fc558ffd4491 go-toolset-1.24.6-1.el10_0.ppc64le.rpm 05498ffb63104c517bbd78f9d040c3d1e39a2199e07dfb6df4539fc429595f45 RLSA-2025:13944 Important: openjpeg2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for openjpeg2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: OpenJPEG OOB heap memory write (CVE-2025-54874) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms openjpeg2-2.5.2-4.el10_0.1.ppc64le.rpm e59fa5b2b2195983dab81dc7e7f857bf2f898ee1e3b8353fb2c07f803bbc3065 RLSA-2025:14137 Important: libarchive security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms bsdtar-3.7.7-4.el10_0.ppc64le.rpm 72b0fca52bba5a2dc7df63d8ce30d8227b4085df9488bdf657ba926b974d83b3 libarchive-devel-3.7.7-4.el10_0.ppc64le.rpm e3c6db79cb89a35d796245fbb228345306ff6295d05ea35ba59d512fcd5f2948 RLSA-2025:14178 Important: tomcat9 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-52434) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms tomcat9-9.0.87-5.el10_0.3.noarch.rpm 74e2a6fbef93fe6dada5062baa99ea2ae81539c66150c379e326ceff3d5f00ae tomcat9-admin-webapps-9.0.87-5.el10_0.3.noarch.rpm d5991ed5ea05046e1b9ded1ee71728137bf6cd5265e7a85fd43cc234b4a63cf1 tomcat9-docs-webapp-9.0.87-5.el10_0.3.noarch.rpm 27e9f00f4b4db5a618c88766816ea04e334e413b81d6df87309f92e797f2af01 tomcat9-el-3.0-api-9.0.87-5.el10_0.3.noarch.rpm 661c5eb96bedd37e4dd1988be1912a09dfb4246df01619be0a95decb6a739a0a tomcat9-jsp-2.3-api-9.0.87-5.el10_0.3.noarch.rpm d564b100d3af37696d23407cbec19f38dc10d5f263bc6463526307f297f9e751 tomcat9-lib-9.0.87-5.el10_0.3.noarch.rpm 56221df788f2fd94b729cbc24645ef14577c2a60e21394c4ccebbe3c466e437a tomcat9-servlet-4.0-api-9.0.87-5.el10_0.3.noarch.rpm 197343759673b4df77e1cd4b653ff18640c1145a111abcf65f293bdf2cd640b3 tomcat9-webapps-9.0.87-5.el10_0.3.noarch.rpm a92fb0bc741de5bed29ded39ffc1090c13d44d8e4663ed876455b9ec62dc79f0 RLSA-2025:14179 Important: tomcat security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms tomcat-10.1.36-1.el10_0.2.noarch.rpm ecb917e318806b30780490e980d3321c09c3a9d0a55191e03a6e6aa155bb2f9b tomcat-admin-webapps-10.1.36-1.el10_0.2.noarch.rpm a170a83d4db067f3716cc75b312457ae573a69b8abc08e35bf067456dd8d6556 tomcat-docs-webapp-10.1.36-1.el10_0.2.noarch.rpm afc999a8b23e6e5bcd6fa3cb5dd0cec0c53b7092bdb3c8f5763ba7523102d44c tomcat-el-5.0-api-10.1.36-1.el10_0.2.noarch.rpm d74a96e6451c0457caf006ecf5cb3f9c05a335f5155526ff7e43ea76d96de5ec tomcat-jsp-3.1-api-10.1.36-1.el10_0.2.noarch.rpm 40f0d2b7943d8439b32a461f3b324e8add8d7a2eb2989ca4c685b0a4ff0806bd tomcat-lib-10.1.36-1.el10_0.2.noarch.rpm ae430958b25c1ff702c75b963827c5cd5c79c9d0e1b7cc97c10a86e80c3e2625 tomcat-servlet-6.0-api-10.1.36-1.el10_0.2.noarch.rpm eafac0514a1c171b579247cb0bd32de6b9e6446344213797e664d21eb1f5ee3f tomcat-webapps-10.1.36-1.el10_0.2.noarch.rpm b7378649e8898b6bbbbaaf8633261fdfb57139d41c243d6269728b2a2ecaf834 RLSA-2025:14417 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-128.14.0-2.el10_0.ppc64le.rpm 3930333478ad8580e19894fed667202725a3c3de7f59721e1d44f3ab41efa9c4 RLSA-2025:14510 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net_sched: ets: Fix double list add in class with netem as child qdisc (CVE-2025-37914) * kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200) * kernel: ice: fix eswitch code memory leak in reset scenario (CVE-2025-38417) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.29.1.el10_0.ppc64le.rpm a948b79ca04cdaf9afdb03912d3c66f6ab9bc3a508540c437064e044c7510eeb kernel-debug-devel-matched-6.12.0-55.29.1.el10_0.ppc64le.rpm 5f6c848ff0f5e1c1ce2461697ab65cdca2d892b9d1bb5aae3ec0e27d84ff0ade kernel-devel-6.12.0-55.29.1.el10_0.ppc64le.rpm 75a467f0712785200ca64ec761183d1e8235df8fc69d05c9a21b42b3209632f1 kernel-devel-matched-6.12.0-55.29.1.el10_0.ppc64le.rpm aeb3dbe65a4a29009144a994860ee14ee5a0acf08ccfb1d10b2d2e774f527f15 kernel-doc-6.12.0-55.29.1.el10_0.noarch.rpm 69f9d1a4bfddfb638d9fb96b6b6e9bdaaf79156301c0b03028e131716bdc138a kernel-headers-6.12.0-55.29.1.el10_0.ppc64le.rpm abd363945c8a6ed2b1981fc79c00e92de6807e3f2d6159142aeeca4469825d91 perf-6.12.0-55.29.1.el10_0.ppc64le.rpm c635accaa5882b16ca764c5034658f726a8bb12959744adeac42126901d363cc python3-perf-6.12.0-55.29.1.el10_0.ppc64le.rpm 30f32ee933df9bb3b87c0e76974cc26f3fbaa493cf3d3264ce4199163972fdb4 rtla-6.12.0-55.29.1.el10_0.ppc64le.rpm 4044b9967d8af3371e403f29287e3e5e6c0b38ad2e10594b20bdcda8d4ef4f15 rv-6.12.0-55.29.1.el10_0.ppc64le.rpm 91795e117c4fe1c01b3e5b1f9859ac7b5dbe60122584e0122b7f2614776bda8a RLSA-2025:14592 Important: aide security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for aide. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fix(es): * aide: improper output neutralization enables bypassing (CVE-2025-54389) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms aide-0.18.6-8.el10_0.2.ppc64le.rpm 99e2841901daebf41544f6927e334f6e0fc41829b79ea239ba9dadc911c5dd73 RLSA-2025:14625 Moderate: mod_http2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_http2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module (CVE-2025-49630) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms mod_http2-2.0.29-2.el10_0.1.ppc64le.rpm dbf669b3389ca736c408096363fe8fdcebcd437c91256d22b9d1d51104d4bd5b RLSA-2025:14826 Important: postgresql16 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for postgresql16. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. Security Fix(es): * postgresql: PostgreSQL executes arbitrary code in restore operation (CVE-2025-8715) * postgresql: PostgreSQL code execution in restore operation (CVE-2025-8714) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms postgresql-16.10-1.el10_0.ppc64le.rpm d8f5e1edf3c909eea113ae4ce2a12b79c83c2af644b458d1a5c4c5cc864aad22 postgresql-contrib-16.10-1.el10_0.ppc64le.rpm 66f3bbad03c826a60e2bcadaa8b07d5fb0a163e2795cf7caa33f5ae00b8f45d1 postgresql-docs-16.10-1.el10_0.ppc64le.rpm e4231c4571d28148fbe06ff95feca558595e8a553f5b0c3b01a5d42428c345ee postgresql-plperl-16.10-1.el10_0.ppc64le.rpm 4ebb6abca403cf9d1adbb9db7c1621313d2e5c8080cf1e02a89db04050d13c0a postgresql-plpython3-16.10-1.el10_0.ppc64le.rpm b7bd05556f75c2770c40ee71a980a42b570594de2661d0317806424a56be3ade postgresql-pltcl-16.10-1.el10_0.ppc64le.rpm 7ecdd4c606cebf9b430b3802de021237918374eeee76c1dc938725e34d92dbc3 postgresql-private-devel-16.10-1.el10_0.ppc64le.rpm 3536e19ac5a62fdcde2eaa92cab4ed5b00907a63879ab77024c3ec21d120edbd postgresql-private-libs-16.10-1.el10_0.ppc64le.rpm 42c53ef54fa41a5f9c6477886196536d5e515bd6877f5b4854d28d00d8f7475f postgresql-server-16.10-1.el10_0.ppc64le.rpm 39f5bfbd72f1dd2002279418b16613a9c43ae433d2581ba7dc8da550a273f52e postgresql-server-devel-16.10-1.el10_0.ppc64le.rpm 6f54789ae20d2562ce883eda649ac2ea1207df6542ef65fd5e7f7ddb769f82ae postgresql-static-16.10-1.el10_0.ppc64le.rpm 62b7d1cb6c954499b58878e79a37680400b2ba5ac5ba131ff55fc6f7fb2104f9 postgresql-test-16.10-1.el10_0.ppc64le.rpm 9d7dc3fc1d9b8e838f35a4cb02ea1b773487c6a0c931e18b1e0587821f568d43 postgresql-upgrade-16.10-1.el10_0.ppc64le.rpm 91cb49626362596feb444bbe89b3943fa7f279c578b0fc1a327c052e588cd8aa postgresql-upgrade-devel-16.10-1.el10_0.ppc64le.rpm 80824e75ea5967cc09d90e1407d89e497c7560e0b294587ee2209b774a954786 RLSA-2025:14844 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-128.14.0-3.el10_0.ppc64le.rpm e337737ddce424b8184e99dd27ce4158a7c6ca507724b0d70f257d519685cc10 RLSA-2025:14984 Moderate: python3.12 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Cpython infinite loop when parsing a tarfile (CVE-2025-8194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms python3-devel-3.12.9-2.el10_0.3.ppc64le.rpm d2c25c8c26860737541dd7591d45785996b09b8ee54969a74a076d61bb809373 python3-tkinter-3.12.9-2.el10_0.3.ppc64le.rpm c04ee3eb26e84ef374bb4e47d0194e86dfbbbcc0a3b41cbfbfff475351391ac6 python-unversioned-command-3.12.9-2.el10_0.3.noarch.rpm b37ef9efba6bdaa9eac25323e7e87e04400e496028647b724ec73e7022096fa9 RLSA-2025:15020 Important: udisks2 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for udisks2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks: Out-of-bounds read in UDisks Daemon (CVE-2025-8067) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms libudisks2-2.10.90-5.el10_0.1.ppc64le.rpm 45402a08a0ba5f1e9f94797bfe8743cb9ef98b1da814012b174a345c13b32fb0 udisks2-2.10.90-5.el10_0.1.ppc64le.rpm 83ed8f58610e909e0ca3cfe404a28c7d618241fd5b34c2bea402070e4e9be103 udisks2-iscsi-2.10.90-5.el10_0.1.ppc64le.rpm 1dc286d255b2d49d6e2de81cda4bf9b1aed5ee5398c9f2ef56001fb28d0fc545 udisks2-lsm-2.10.90-5.el10_0.1.ppc64le.rpm 11c93367168ed39e36be356256e15805661b56a350deb97e4397f138f2997a60 udisks2-lvm2-2.10.90-5.el10_0.1.ppc64le.rpm e9d8b79796d8af9b1fe9818e60ac13d374c7c60ea2f62b635b681c403d5c772c RLSA-2025:15005 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: udp: Fix memory accounting leak. (CVE-2025-22058) * kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CVE-2025-37823) * kernel: ext4: only dirty folios when data journaling regular files (CVE-2025-38220) * kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211) * kernel: tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464) * kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461) * kernel: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.30.1.el10_0.ppc64le.rpm 40fcb96e748a8e84f14349f7a9282464236ff2ce2b222c83b0719aedd38d2957 kernel-debug-devel-matched-6.12.0-55.30.1.el10_0.ppc64le.rpm 1be37cd9282fac644438f6591546d1c19619e441a3705ac84c8d82871e81e327 kernel-devel-6.12.0-55.30.1.el10_0.ppc64le.rpm d4b8c1999a0580e0fe75e33ec906340ab36540679898f7b6ef5c66e53f2b430f kernel-devel-matched-6.12.0-55.30.1.el10_0.ppc64le.rpm cd9472519430a7232f4c1c411e768a3b93d71c67f8d08c77dad1169ce80f11f5 kernel-doc-6.12.0-55.30.1.el10_0.noarch.rpm b5e78963af0511b76ad1fa2bd53104ac8a38b0f4d183188311175acdf7c08f07 perf-6.12.0-55.30.1.el10_0.ppc64le.rpm f81e649c40b132f4fde07c8cb491bb0c63335d103ea159fde04e9cdd24d3146b python3-perf-6.12.0-55.30.1.el10_0.ppc64le.rpm a3b54657969fab5b8ae72dd108ddde2a7504b5aad9e6288bb22122164b3c3880 rtla-6.12.0-55.30.1.el10_0.ppc64le.rpm 5e7161e814d6fe67f40a682d71b8dec05c7c256b94eff95c10654d36df5491bd rv-6.12.0-55.30.1.el10_0.ppc64le.rpm f90eff859287fb1e06957436c2977fc817c1c1cac77f46aefb8923528cc8fe2f RLSA-2025:15095 Moderate: httpd security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: insufficient escaping of user-supplied data in mod_ssl (CVE-2024-47252) * httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption (CVE-2025-23048) * httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms httpd-2.4.63-1.el10_0.2.ppc64le.rpm 86f78403642b2ef30ba5e2395649f25c61af4ce2825fc1911b286c1c55f01f5a httpd-core-2.4.63-1.el10_0.2.ppc64le.rpm 70b2ab17391ffc9c0328f4bbb186b205f1095a914ee38facd6fe08291fbb3ca5 httpd-devel-2.4.63-1.el10_0.2.ppc64le.rpm 040257f72f3651c29e830fa52e5ed97cbb37e505e86c0fe84dfc4ad1f7512bab httpd-filesystem-2.4.63-1.el10_0.2.noarch.rpm 5be7b3a8027ace91358c2f798e53f4dcc46b2e434314f8c1cca16d3d37b96673 httpd-manual-2.4.63-1.el10_0.2.noarch.rpm f55510c6628918f1cb42924ddff3203f84c000b1cd1e4db33205dc9ed5d67887 httpd-tools-2.4.63-1.el10_0.2.ppc64le.rpm b1146137223e53ffe903990239cd5276dc1169bf5c704206497ddb397a1b8180 mod_ldap-2.4.63-1.el10_0.2.ppc64le.rpm 0b73ae6bf8898ed78efd3ba2fc22f66978bd5211bbba6b7b45346179682d3045 mod_lua-2.4.63-1.el10_0.2.ppc64le.rpm fd057813ac996c1478f84dfbf6f4728956f185d640abceac83ff4fb3615f3c89 mod_proxy_html-2.4.63-1.el10_0.2.ppc64le.rpm 3449e8b74264d37bbbaf0bd4d94b79f8ec4e94c8a27b6d515be30d95c1c6495d mod_session-2.4.63-1.el10_0.2.ppc64le.rpm 013953f909a162396eafb18fe5a38a218cefdcbe2f5112ec28bf39be3994f067 mod_ssl-2.4.63-1.el10_0.2.ppc64le.rpm 5a014b29d039dc10ea948920b734145fd7edbd3568ba12feebb94b5c70c786e2 RLSA-2025:15662 Important: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.32.1.el10_0.ppc64le.rpm b9764645373ec06e21318175e312888a43fef2bc889502e6568f54c5879c6222 kernel-debug-devel-matched-6.12.0-55.32.1.el10_0.ppc64le.rpm deb5d5ba2d745f8138280e7619cdfc8da3e1030d4f6cacb33cb0d4191f204138 kernel-devel-6.12.0-55.32.1.el10_0.ppc64le.rpm 0f899f3b272042ef67be83a2673c65b77997398427b44aae88e1cf357ebe636d kernel-devel-matched-6.12.0-55.32.1.el10_0.ppc64le.rpm b8f9a29bdc8bee7f512c16e9c95234956a8acfc40ee7541b8dade44f98ddaf70 perf-6.12.0-55.32.1.el10_0.ppc64le.rpm d23bf37129f12e41a54ebe9837abacfe5295fa8c914e2d7ae521e145da0b11df python3-perf-6.12.0-55.32.1.el10_0.ppc64le.rpm 59145965df0c232fd48847d83d5a07b3613a56825dec3c09ddf205d73ab5a75e rtla-6.12.0-55.32.1.el10_0.ppc64le.rpm dc1d5fa2410adbcbd59f5a3fd2de45c9bbdda58b0ab53ab3b16045645923f909 rv-6.12.0-55.32.1.el10_0.ppc64le.rpm 494e9fb51224c9588b9fabf00c113439e05193e6f7ced670cd7ad23cfa807f3c RLSA-2025:15699 Moderate: mysql-selinux and mysql8.4 security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mysql8.4, mysql-selinux. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fix(es): * openssl: Timing side-channel in ECDSA signature computation (CVE-2024-13176) * mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30688) * mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025) (CVE-2025-30699) * mysql: UDF unspecified vulnerability (CPU Apr 2025) (CVE-2025-30721) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30682) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30683) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30715) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21574) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21585) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21588) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30681) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-21577) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30687) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21580) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30696) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30705) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21575) * mysql: Options unspecified vulnerability (CPU Apr 2025) (CVE-2025-21579) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30685) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30704) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21581) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30689) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30695) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30703) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693) * mysql: DDL unspecified vulnerability (CPU Apr 2025) (CVE-2025-21584) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30684) * curl: libcurl: WebSocket endless loop (CVE-2025-5399) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50092) * mysql: mysqldump unspecified vulnerability (CPU Jul 2025) (CVE-2025-50081) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50079) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50077) * mysql: DML unspecified vulnerability (CPU Jul 2025) (CVE-2025-50078) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50091) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50101) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50093) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50099) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50085) * mysql: Components Services unspecified vulnerability (CPU Jul 2025) (CVE-2025-50086) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50082) * mysql: Encryption unspecified vulnerability (CPU Jul 2025) (CVE-2025-50097) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50104) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50087) * mysql: Stored Procedure unspecified vulnerability (CPU Jul 2025) (CVE-2025-50080) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50088) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50083) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50084) * mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025) (CVE-2025-50100) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50094) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50098) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50096) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50102) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms mysql8.4-8.4.6-2.el10_0.ppc64le.rpm 8d322b737824f36cac7420a7e0bbae54654e07ab7ae22642fb4328b32176b2f6 mysql8.4-common-8.4.6-2.el10_0.noarch.rpm b00f64905687fb131a234fa7eb8cfbf01c82d55158e117d99ce6b0f8dfff877c mysql8.4-errmsg-8.4.6-2.el10_0.noarch.rpm 4e4119b62c7395860583065fc1a0792e5cf336b0e3820babc0b39cc7de6528f0 mysql8.4-libs-8.4.6-2.el10_0.ppc64le.rpm 1cbc402b71669afaa18f08f97a8a24545dbc500ab6b63ccd774d4f5600d40771 mysql8.4-server-8.4.6-2.el10_0.ppc64le.rpm 402f00cc69f6b7ce562ab645a351eb32f5af72164d8421331b20c89eee1c35f6 mysql-selinux-1.0.14-1.el10_0.noarch.rpm 6e96fc73b86d1fcb2205efe0362501f06665351449502bf0ca4bd11e15c17025 RLSA-2025:15701 Important: cups security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for cups. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS (CVE-2025-58364) * cups: Authentication Bypass in CUPS Authorization Handling (CVE-2025-58060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms cups-2.4.10-11.el10_0.1.ppc64le.rpm 78362131c42210e1e9949a5c95c249473bf3ec63e57417e326f04523a7af5b93 cups-client-2.4.10-11.el10_0.1.ppc64le.rpm da071668fe91268ff107c0725866bef1f65d67a350111e51a406419190bd54aa cups-devel-2.4.10-11.el10_0.1.ppc64le.rpm 6fb6ec7dd7a3393cd5ebb30f1bd724b8b6c516902085e46e1af22de51d360319 cups-ipptool-2.4.10-11.el10_0.1.ppc64le.rpm 21d2e63dd27cbe3c20d2a3d6e3c44254c8e61ec9430f92b1287bab0f6171a677 cups-lpd-2.4.10-11.el10_0.1.ppc64le.rpm d463f1bb7457fe2e977aac6ef15326b65b57d6af094e483796468c68f354de41 cups-printerapp-2.4.10-11.el10_0.1.ppc64le.rpm 8ffa9988b68de0a7700eea4b7e580a9f6fd0ac0beb0e4e5fa07ed4075b500086 RLSA-2025:15901 Important: podman security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: Podman kube play command may overwrite host files (CVE-2025-9566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms podman-5.4.0-13.el10_0.ppc64le.rpm 1257878a9597714c8d456b490652997a230744ed44a21eb99d2d97ba6c5eca81 podman-docker-5.4.0-13.el10_0.noarch.rpm d244c5274a4dcfb729f6b4dbaa6d690299fe89c525f5c66f69555dfca5fe9963 podman-remote-5.4.0-13.el10_0.ppc64le.rpm c8fca4ca25859fafb779585d6b9b6051f1d6abcd7d543431ad27d761e717341e RLSA-2025:16109 Important: firefox security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms firefox-140.3.0-1.el10_0.ppc64le.rpm 63bfe56a9cd4914ab9bc507868f61f64f736e5f7cb7cf867f6fbbbb95e7f3ee2 RLSA-2025:16115 Moderate: gnutls security, bug fix, and enhancement update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnutls. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: Vulnerability in GnuTLS certtool template parsing (CVE-2025-32990) * gnutls: Vulnerability in GnuTLS SCT extension parsing (CVE-2025-32989) * gnutls: Vulnerability in GnuTLS otherName SAN export (CVE-2025-32988) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (CVE-2025-6395) Bug Fix(es) and Enhancement(s): * gnutls: Vulnerability in GnuTLS certtool template parsing (BZ#2359620) * gnutls: Vulnerability in GnuTLS SCT extension parsing (BZ#2359621) * gnutls: Vulnerability in GnuTLS otherName SAN export (BZ#2359622) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (BZ#2376755) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms gnutls-c++-3.8.9-9.el10_0.14.ppc64le.rpm 28ea697f3c17e0ecc89e8387afedc7c18edb6410a8727e68295bcfcbdc1de6f7 gnutls-dane-3.8.9-9.el10_0.14.ppc64le.rpm afea2d0598d82e842eeca6362b658f8597f3c7d65858b556d9207024c0cd77f0 gnutls-devel-3.8.9-9.el10_0.14.ppc64le.rpm 725af431bd1d325aee1dad9defa68b3433b1ff95d500aa237fbe431c2e7dea05 gnutls-fips-3.8.9-9.el10_0.14.ppc64le.rpm 91fc77f8b7c2ac889fb752bdce5eb0e0825c060e875167b11a7224b30982346f gnutls-utils-3.8.9-9.el10_0.14.ppc64le.rpm 3c9974d326bf09caafc5b147aee89b27a519cb1cc32586a0056bc8c2bc59c3d4 RLSA-2025:16157 Important: thunderbird security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms thunderbird-140.3.0-1.el10_0.ppc64le.rpm 5a59a27db632234ed2284d741ebebf71b4f6153f01b370a0627c410f3bec9edb RLSA-2025:16354 Moderate: kernel security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length (CVE-2025-37810) * kernel: sunrpc: fix handling of server side tls alerts (CVE-2025-38566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms kernel-debug-devel-6.12.0-55.34.1.el10_0.ppc64le.rpm c375fe95ff919cd1206e1949c2b0e8d0388e985292ca319dd2ac9f4d1f9d438e kernel-debug-devel-matched-6.12.0-55.34.1.el10_0.ppc64le.rpm 725d59c7dfb9329b1e10ccc8d91a2355fae1004f1b87622c9e034560e8854e2d kernel-devel-6.12.0-55.34.1.el10_0.ppc64le.rpm 4b4afe3ee94ac60f96634350aa1952e4db628886483ecd76522b8140ffe9ee20 kernel-devel-matched-6.12.0-55.34.1.el10_0.ppc64le.rpm a1524ad5559d9bc8f62b04b6cf6f37e93cb3ac4a2f03c64b393b8255a1bab26a kernel-doc-6.12.0-55.34.1.el10_0.noarch.rpm f9fb5270006daa120355ae10c42284aa2f0091619a2cb1c1fda623e07bec156e perf-6.12.0-55.34.1.el10_0.ppc64le.rpm 6f215131a32c16b06c379db5f6ab177d5370cac04c5b862d62cd14208a369b78 python3-perf-6.12.0-55.34.1.el10_0.ppc64le.rpm 0606ad3f7a2e32e7acfd3132d00475209671c5aa30143f16c9ed71c1fbe6a7f4 rtla-6.12.0-55.34.1.el10_0.ppc64le.rpm f8dae6bf5baf4c3355f4a3dec93b1de10739c9157c0bcfca34fcb387c3890675 rv-6.12.0-55.34.1.el10_0.ppc64le.rpm 5f0fb6224d25fcdf3126e459f9c96a6d1bf960f64b03102bd0d74bbd7a8be046 RLSA-2025:16432 Moderate: opentelemetry-collector security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms opentelemetry-collector-0.127.0-3.el10_0.ppc64le.rpm 061f5f4bdec453241e14489fa6c5ba4d5be27bc2f7cb1611d04e5331971d8291 RLSA-2025:16441 Moderate: avahi security update Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for avahi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Security Fix(es): * avahi: Avahi Wide-Area DNS Uses Constant Source Port (CVE-2024-52615) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-ppc64le-appstream-rpms avahi-devel-0.9~rc2-1.el10_0.1.ppc64le.rpm 3808da8299a93172fc264c9c424893f61a700260905362502616fe55bbdb8eef avahi-glib-0.9~rc2-1.el10_0.1.ppc64le.rpm 4f01cf5e8054b0e4ab34cd1c6de660999dc6f5698950ecd56b9e6e8d985ddff5 avahi-tools-0.9~rc2-1.el10_0.1.ppc64le.rpm 2621dc37dbe728240e767880190c460a6e4f4ac106fdc3a8f53f7d4a9c14b463