RLSA-2025:17429 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for open-vm-tools. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fix(es): * open-vm-tools: Local privilege escalation in open-vm-tools (CVE-2025-41244) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms open-vm-tools-12.5.0-1.el10_0.1.aarch64.rpm 1721b7639f4fc4bd3828ed3ab036f2dcecfd79be21dd7d991e4c215682767ce6 open-vm-tools-desktop-12.5.0-1.el10_0.1.aarch64.rpm 455d61d38d85865c5ec20dd04eb18ba3dcad54862429dedfae83c868939a1dd5 open-vm-tools-test-12.5.0-1.el10_0.1.aarch64.rpm 7ad884fdf8709b9d1eb5f53b71c71d758f7529f6b06fbfe26114ce19566ab0ff RLSA-2025:16904 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396) * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527) * kernel: cifs: Fix the smbd_response slab to allow usercopy (CVE-2025-38523) * kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682) * kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698) * kernel: s390/sclp: Fix SCCB present check (CVE-2025-39694) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.37.1.el10_0.aarch64.rpm 0af44e6572020f0b3a110d1f93718fd5a9f9b8ba830cb956bda1936f7376f19c kernel-64k-debug-devel-matched-6.12.0-55.37.1.el10_0.aarch64.rpm 64a7e239112126f95fa1ba1c4c1cc50a235a596885664a77d69c682811d9be2b kernel-64k-devel-6.12.0-55.37.1.el10_0.aarch64.rpm 40ece42acdf860e33e433485e16b76b56fedbbe544878c3dbb53c7f6853ea459 kernel-64k-devel-matched-6.12.0-55.37.1.el10_0.aarch64.rpm 0d73a5ef5c7b35ce65c32caea440afeff60970889c262297bcd603fb490dd505 kernel-debug-devel-6.12.0-55.37.1.el10_0.aarch64.rpm 676eade7eb9160f72e50d743bdffb11b1c93db1728c8e800555962b4f66134ce kernel-debug-devel-matched-6.12.0-55.37.1.el10_0.aarch64.rpm 797d0ac3dfcdd12122f64c456e30db77f038eb99aeecc3906ab23f69a6079bf4 kernel-devel-6.12.0-55.37.1.el10_0.aarch64.rpm 78c79e4f826307de305afc806d3bb8226239748028727303011fb2be3d0808e0 kernel-devel-matched-6.12.0-55.37.1.el10_0.aarch64.rpm 71cf6d7616e83eebe29f043efc0b09a7c2810b2b322f4256345ca9432eddd39a kernel-doc-6.12.0-55.37.1.el10_0.noarch.rpm a1ac32c34607833c710c5902cfc1018a04e20d4788d7266a6ccb821f47643d9b perf-6.12.0-55.37.1.el10_0.aarch64.rpm 03e815490b0a6164a4b8e6c7e1df459386852c71c9ccef5c1bca4cabfb6a419a python3-perf-6.12.0-55.37.1.el10_0.aarch64.rpm cdd3d5cfd8ace6104c68d92be7d3d49d30c6c245a4639fb7bc4ad583220b2b8e rtla-6.12.0-55.37.1.el10_0.aarch64.rpm 5ba205152e8a5df97cbe830855f1116cbb29a3f839fe0a47f75c0b0fccde5b18 rv-6.12.0-55.37.1.el10_0.aarch64.rpm ac0ec526a7c776eb0a4573a1696561eabb38f313651010801d618552ea2e356b RLSA-2025:17085 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-7493) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms ipa-client-4.12.2-15.el10_0.4.aarch64.rpm e5db4046edb4d57b6e61af2de8a354779be82e79ce6f09f18decb68dee889234 ipa-client-common-4.12.2-15.el10_0.4.noarch.rpm bf2ffd4b0910fc72cae5d3600870555b49c6996b5ffe3867900c2b05488185ab ipa-client-encrypted-dns-4.12.2-15.el10_0.4.aarch64.rpm c11d2eb892721b091086e555ec9967d9ccd7c74d80b313dcddfd2e4cb11beea3 ipa-client-epn-4.12.2-15.el10_0.4.aarch64.rpm a10d27c23bc2714cf2bb80b6f6a3bc4ead462ad1793c07d714ec24b9e64d8406 ipa-client-samba-4.12.2-15.el10_0.4.aarch64.rpm ce516135d0d220c0afa788ddb41186deb4aeb91cf682204549b7630459364e1f ipa-common-4.12.2-15.el10_0.4.noarch.rpm b669a87218c94c65720ded545b0be47d09d53823ffde3e44b2c800a7e960c40f ipa-selinux-4.12.2-15.el10_0.4.noarch.rpm 9fcc498fdbeb59c1f3666a1fb65744fd3309ea356e2daa95b5f488134c90fc85 ipa-selinux-luna-4.12.2-15.el10_0.4.noarch.rpm 027300560ce6195962457cfbd64af0060014a378f1c90bcfe1dac67ec716839e ipa-selinux-nfast-4.12.2-15.el10_0.4.noarch.rpm b0ce410d8e96f7ac938714aedf2a6088ffc94cb80fd7d3f6e5dc92863e80eaa1 ipa-server-4.12.2-15.el10_0.4.aarch64.rpm 028db36aac9b7ba3fadec8fcbd79b0114beaed9d440d2e83fd9722e20eccaa73 ipa-server-common-4.12.2-15.el10_0.4.noarch.rpm 2d4629a5a13c49f35fa9ca50e3257dfec870ea8d687bf18bd9f9ec7b53fcf2d5 ipa-server-dns-4.12.2-15.el10_0.4.noarch.rpm 13cb1b4a2b64c0636a2902942e932bba7691219c1c0b1b6105ad6d4db00c6ba5 ipa-server-encrypted-dns-4.12.2-15.el10_0.4.aarch64.rpm 868a8a293fdb1923dba7bf38fcf416e1d8fc05320d3a5dedac6749d380f86660 ipa-server-trust-ad-4.12.2-15.el10_0.4.aarch64.rpm b4c3b71131389051d4df91fab9e9be5e24cb2760f15fb1190265fd4853b51f47 python3-ipaclient-4.12.2-15.el10_0.4.noarch.rpm 71d58a186df583d49049166b6469053fdca1b8f222122ce67b52f7da9a81e0ab python3-ipalib-4.12.2-15.el10_0.4.noarch.rpm ed44dd38a1d5d1918c30602fbb7e80d254231254f0d053b82b347d34c0246e98 python3-ipaserver-4.12.2-15.el10_0.4.noarch.rpm 24f51609ea8226d2f14c8873ec839e2e8bcaa6c00297792a1f09bc4e1d53b650 RLSA-2025:17776 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556) * kernel: wifi: ath12k: Decrement TID on RX peer frag setup error handling (CVE-2025-39761) * kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CVE-2025-39757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.39.1.el10_0.aarch64.rpm 06346877e42a797ec6e162f390a25c38034994c31bf76e14c86d412be1531d8b kernel-64k-debug-devel-matched-6.12.0-55.39.1.el10_0.aarch64.rpm 83d13b48ef90db9e4a7dcdb673021254852816ff43b0acb7f04df504af612594 kernel-64k-devel-6.12.0-55.39.1.el10_0.aarch64.rpm e5a0215b3341d6ac8bbce6a30ff2df73f48661773c914bf0098edc80e6d0414c kernel-64k-devel-matched-6.12.0-55.39.1.el10_0.aarch64.rpm 5ffc63c88a4162baff5ab7b44dafca8ea00f366487164c004fdad8159649f376 kernel-debug-devel-6.12.0-55.39.1.el10_0.aarch64.rpm a35dcd05b7c3887f74e85e4492f9139a7a8b050e77f9099bef72c8c44c212b3d kernel-debug-devel-matched-6.12.0-55.39.1.el10_0.aarch64.rpm 2e780718eaeb12edaa19d40ab3031eb885005710ec17b3aa6236a14f88dae2d9 kernel-devel-6.12.0-55.39.1.el10_0.aarch64.rpm 2f765928f6d0872b9c667538babaeaf166a750b5589ad23137c5b5ec6bb7ded3 kernel-devel-matched-6.12.0-55.39.1.el10_0.aarch64.rpm c2a47a8d4f4395956108f4758d322941b5c785ceb32568e7c143dd5b1b651425 kernel-doc-6.12.0-55.39.1.el10_0.noarch.rpm 19b6b4434908ca12c6b1f4cc2098ffab94503ac7ca8c408909c9ab9423a9d87d perf-6.12.0-55.39.1.el10_0.aarch64.rpm 4629721eea1ee5a90fad5473d15d4f9a10d27b58c2fbfa94b214f960e1bdc138 python3-perf-6.12.0-55.39.1.el10_0.aarch64.rpm 6ce655f3e547f28ceb2e4e67e90f46368fb1c2c5f72eb32eadc3e883b1182518 rtla-6.12.0-55.39.1.el10_0.aarch64.rpm 47c555138e93ddceda82fd64ad955ee573bc8172feb25abde52428b0579ddd0f rv-6.12.0-55.39.1.el10_0.aarch64.rpm b65aa92639c7830b53064a55166603227366d554b8dbee71ed1f3dccc2d472af RLSA-2025:17913 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for vim. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: Vim path traversal (CVE-2025-53906) * vim: Vim path traversial (CVE-2025-53905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms vim-common-9.1.083-5.el10_0.1.aarch64.rpm ff6bfbd041179d71506fb0b889fedc94214a77803ecda4f9449402286757d543 vim-enhanced-9.1.083-5.el10_0.1.aarch64.rpm d1367c72b62db6a7c84983bac052ef9d860fa347d99deee7e4c45dcbcf9a4e42 vim-X11-9.1.083-5.el10_0.1.aarch64.rpm 6105f663efc035d5822cbf24183f7ace6e28e317a645409d1ecf3a6bcf3c8f12 xxd-9.1.083-5.el10_0.1.aarch64.rpm 67331af48447de89f6ecc1cfe828a06a53ff51c2bb63ca05a83aeaa19acb4cba RLSA-2025:18154 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * thunderbird: firefox: Memory safety bugs (CVE-2025-11714) * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709) * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710) * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708) * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715) * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-140.4.0-3.el10_0.aarch64.rpm 56c17efa72afff182e115cd50017519cd5cfc0b96945c4a1561a670545e9ff84 RLSA-2025:18152 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime 8.0.21.Security Fix(es): * dotnet: .NET Information Disclosure Vulnerability (CVE-2025-55248) * dotnet: .NET Security Feature Bypass Vulnerability (CVE-2025-55315) * dotnet: .NET Denial of Service Vulnerability (CVE-2025-55247) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-8.0-8.0.21-1.el10_0.aarch64.rpm e2ec6e1ba1ff35db7484016ccf4b430b518d9242dc168e1bf5ebacb9dfc2844b aspnetcore-runtime-dbg-8.0-8.0.21-1.el10_0.aarch64.rpm 6873622ad6b11275ccde052e248c757d7a7ec826d9d71ff7406af351613a9d42 aspnetcore-targeting-pack-8.0-8.0.21-1.el10_0.aarch64.rpm 27eb567942cda06e2b68487a3f1a23fbb6511cee258cfc1d8e921757f8b83936 dotnet-apphost-pack-8.0-8.0.21-1.el10_0.aarch64.rpm 8297b191ceeae760a86d1ae9b8782cc6c7b8fcea91fa80c7425095bda4764564 dotnet-hostfxr-8.0-8.0.21-1.el10_0.aarch64.rpm bc9aee1e2bb6fbed028e4e831cc0e5fdb5d6de5444978f7b11edf179a5245144 dotnet-runtime-8.0-8.0.21-1.el10_0.aarch64.rpm 3f67674d532e4a71604774d249b4dd4c2eb5297069dc661a44c487402b78817a dotnet-runtime-dbg-8.0-8.0.21-1.el10_0.aarch64.rpm f89cec36649bec85ceaf1ae8d487f650e3b42dc7149d7e9b40fd54c56f2a711a dotnet-sdk-8.0-8.0.121-1.el10_0.aarch64.rpm 7b73c22fa01316a043692b11ecec9dd9a99959db503123f978b6d4eb0ddb5b3c dotnet-sdk-dbg-8.0-8.0.121-1.el10_0.aarch64.rpm cd914aeac3c4519baa4ef692ced0a7af539b086d80ba920e35e02a726c144780 dotnet-targeting-pack-8.0-8.0.21-1.el10_0.aarch64.rpm c4afc5b2644c992e937b9ab7cbfd59994c9fa91e617a2affb14b05856e2c22dc dotnet-templates-8.0-8.0.121-1.el10_0.aarch64.rpm d795f0f14208f60340d07c091df12f6a11cbed028cb661faf75520fa9e1b6dfa RLSA-2025:18153 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime 9.0.10.Security Fix(es): * dotnet: .NET Information Disclosure Vulnerability (CVE-2025-55248) * dotnet: .NET Security Feature Bypass Vulnerability (CVE-2025-55315) * dotnet: .NET Denial of Service Vulnerability (CVE-2025-55247) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-9.0-9.0.10-1.el10_0.aarch64.rpm aae9d669be5b1ad31351daea5fcf9d3daa707b8e3ab910d848eed38be53ec566 aspnetcore-runtime-dbg-9.0-9.0.10-1.el10_0.aarch64.rpm 7a527433a45cbeb1985f0739c4efb502c2ee89321dfd36a4446bd4cac3d7ceff aspnetcore-targeting-pack-9.0-9.0.10-1.el10_0.aarch64.rpm 03778219168b65ec9dc503df3271a53753d2c1d5e7e4b8e6e7db49bf2ec11731 dotnet-apphost-pack-9.0-9.0.10-1.el10_0.aarch64.rpm 3f97bc81dad00bb3e2dde8370107b9b05cf44fa127db36e4c0664004f626e39e dotnet-host-9.0.10-1.el10_0.aarch64.rpm 543cd2aa1e6af4611256d2de51e3c4744257b0127f7162e7af212be63ac5923a dotnet-hostfxr-9.0-9.0.10-1.el10_0.aarch64.rpm 45d73359826c0a60b98df18e8fa022d83a70f16b70a06077f0dd5d3e93454ea8 dotnet-runtime-9.0-9.0.10-1.el10_0.aarch64.rpm 99e542310aa82f7a3a72d1847f75792aa8de2d08bb3583dd71273536833d80a3 dotnet-runtime-dbg-9.0-9.0.10-1.el10_0.aarch64.rpm 0aff7b1743219bfebe68e3b191b849dbbd05edcad20fd7dd17c4cf53d6f79c87 dotnet-sdk-9.0-9.0.111-1.el10_0.aarch64.rpm 4eef71ac2f7f386ec1c909d831030126248d293ad0f596d81736fe7544e99b03 dotnet-sdk-aot-9.0-9.0.111-1.el10_0.aarch64.rpm c32125f7ecc596bd1c79bda5d8c300fe4ed373f1f2c55290ef0f2c6ca82024ff dotnet-sdk-dbg-9.0-9.0.111-1.el10_0.aarch64.rpm 13ed4158de5f1347d98eecac2d1bffcfc56483e794009f2845914cd8f36793a5 dotnet-targeting-pack-9.0-9.0.10-1.el10_0.aarch64.rpm 9e6e6d96c75fc5d7985c0f11e53e7bec73360ae72aa073f487dc181e7ee096e1 dotnet-templates-9.0-9.0.111-1.el10_0.aarch64.rpm 06ab463d0fe5e329151c2fffdc89c6ee6443deac018e1578bc77fb2dcbef9d3b netstandard-targeting-pack-2.1-9.0.111-1.el10_0.aarch64.rpm 5da4ef9a451f69ce545d089ae73a5bb4d893963431bc6e17aebd3f2be694e306 RLSA-2025:18183 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. Security Fix(es): * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libsoup3-3.6.5-3.el10_0.7.aarch64.rpm 393b7a7f6e7525b90f240c70e593070ce808134dccf366d36915aa6cd1ba1350 libsoup3-devel-3.6.5-3.el10_0.7.aarch64.rpm 592eb7506bd822c69ce0da9c54d4316e084839d84cce12ef6edf148802d157c8 RLSA-2025:18231 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): * libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libssh-devel-0.11.1-4.el10_0.aarch64.rpm b38baf7d3d07b835eed39540fdabf9ab6f27695fb3284156d1460c6d5debad5e RLBA-2025:6597 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-aarch64-appstream-rpms libxml2-devel-2.12.5-5.el10_0.aarch64.rpm ec4d0375d3ef37324be801fd0b5adb7a59d533bcf8501771ee8428f2f0a7bc94 RLBA-2025:6470 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Critical

An update is available for rsync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section. rocky-linux-10-0-aarch64-appstream-rpms rsync-daemon-3.4.1-2.el10.noarch.rpm 05b44dbb42deda398ce20f4b8d63426798dd81d5d172a998c62a84d59c74c958 rsync-rrsync-3.4.1-2.el10.noarch.rpm 18ccf31ba09020a528cd9660f1adfc5ff1717215ccd5f6ef92924fbde44d4989 RLBA-2025:5309 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_proxy_cluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 10.0 Release Notes linked from the References section. rocky-linux-10-0-aarch64-appstream-rpms mod_proxy_cluster-1.3.21-1.el10.aarch64.rpm 567e144ffb1debfbf00214e4c7bc8028c85c378a94778d9b2a412f2dd7cd1d9f RLSA-2025:7496 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libxslt. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libxslt-1.1.39-7.el10_0.aarch64.rpm 2c2049284e086642a3a5834230af404fb8fc06dea5c6b89ec32bae0eabf659cc libxslt-devel-1.1.39-7.el10_0.aarch64.rpm 54d3d7ebcd90bbcf6acfb166d9d83e5e9e3c40059650da50751b6b85ccf48364 RLSA-2025:7466 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve, golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341) * golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336) * crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms delve-1.24.1-1.el10_0.aarch64.rpm 43b67a30f6a7b5120dbfe0832ed7aded227d8b3c1300aac3f1377975a146d2bf golang-1.23.7-1.el10_0.aarch64.rpm 2ad1768aa859d614e78941007634212262b0c962be17bcfceb9fdde58d3c11d9 golang-bin-1.23.7-1.el10_0.aarch64.rpm 2193abfa49e85b02c944761bf58711259cff4bdf52c2a7d6156a21fbf3397c11 golang-docs-1.23.7-1.el10_0.noarch.rpm a173b0da2e4752bfec1cf06f363224f6fa16ddba7370e6f2ffb8247587a4bcf4 golang-misc-1.23.7-1.el10_0.noarch.rpm 7bc05ee75edf98cb9343ef66d21fe35c1c592c61ba91484f778ac863170b4c0f golang-src-1.23.7-1.el10_0.noarch.rpm 96f3dbb87940a6cfb09e7cc728c9fa35b1823688d51cdc133a0f9d051890835a golang-tests-1.23.7-1.el10_0.noarch.rpm 859c5d5d9e4832afaeaf815e3564bfe80ada878f8e9efec2845d1c0e0cadbe4f go-toolset-1.23.7-1.el10_0.aarch64.rpm b46b83129917694dd54178ce8a011b76669e4e46041f27712ce1630fd17c2cfc RLSA-2025:7476 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-jinja2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * jinja2: Jinja sandbox breakout through attr filter selecting format method (CVE-2025-27516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-jinja2-3.1.6-1.el10_0.noarch.rpm 0be3f5f469b49779d362bfeb982bfa4e089c5ba06907aea63c842224e044f287 RLSA-2025:7484 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gvisor-tap-vsock-0.8.5-1.el10_0.aarch64.rpm f59ebe5e29c3b66679c009633b758ad84e1da0b9352c542942bdd364b96a31ce gvisor-tap-vsock-gvforwarder-0.8.5-1.el10_0.aarch64.rpm 31614db8686d23ca2ae325d444d968929638ae13b9c11619ecd77f72f068fd64 RLSA-2025:7510 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: heap buffer over-read in header_gnu_longlink (CVE-2024-57970) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms bsdtar-3.7.7-2.el10_0.aarch64.rpm dcb489c65e92e70e36ef2d7f8ceaa8e1713556d9837737e92ccb10c8c264f2d1 libarchive-devel-3.7.7-2.el10_0.aarch64.rpm a4fb8fdf48d5724da53a05f04092a2547999ae6ca37d3590d573e6f531967c52 RLSA-2025:7500 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes (CVE-2024-56406) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms perl-5.40.2-512.1.el10_0.aarch64.rpm 7dc7c9215a8c55a6d61391778acb503aa984863d66b86e33a9ce1d26041a7b18 perl-Attribute-Handlers-1.03-512.1.el10_0.noarch.rpm df82bff8696134f3dc521dd8b8443178771c46142a732b5626990b8c50b7f322 perl-AutoLoader-5.74-512.1.el10_0.noarch.rpm 2b4fca6da03e83a1f282dd4752b9f8f01c285fbabd0ff41d03ab8726d63cf223 perl-AutoSplit-5.74-512.1.el10_0.noarch.rpm 47d60990ce13c089eea37d3a61fcd0f19f9cd592c76e7f37c61feabc2dc9b63e perl-autouse-1.11-512.1.el10_0.noarch.rpm 2aed9a5c5c3c64195602f3745dfae8ce3810635d8cffadc3c000cc890ddd103c perl-B-1.89-512.1.el10_0.aarch64.rpm a8f027099b0a4879cb28cec6070a9e6122b311eb184a5eb3fc6e89a405c373fc perl-base-2.27-512.1.el10_0.noarch.rpm 64cb01cd07d0b974b1fe31dafc1ee5b2de90cd38f9e6a7885ec3903b83e8f0b4 perl-Benchmark-1.25-512.1.el10_0.noarch.rpm 74ac8e111917550e3ae4bdc752e4021ce8d84ac96ea09db372c5902e59db11ae perl-blib-1.07-512.1.el10_0.noarch.rpm 9105b51ea0d25e084761b4c0090ac6a7920e6ec963b8205050ef0bd5953b9adf perl-Class-Struct-0.68-512.1.el10_0.noarch.rpm b0a5b9a9669ac59df8d16e5f193cc73e2cf6533f56f865fafc28ef0c9bcbe536 perl-Config-Extensions-0.03-512.1.el10_0.noarch.rpm 6f685d02211fce93b0617d99de4c02719ee94e418aaafa7e907a88e11fd861ec perl-DBM_Filter-0.06-512.1.el10_0.noarch.rpm 6f8f99b4dd16050e8554ca0dd65a11c063a26dfdffb224a626ccb3ae0633c5f8 perl-debugger-1.60-512.1.el10_0.noarch.rpm 8fc7bfa0a4fe63fd2e0da152b148598355d27c933e2460d2e9cc79050b352a65 perl-deprecate-0.04-512.1.el10_0.noarch.rpm 9f0afea047f8b7135faf0867cddc951eb1866c137a2cdc16ed9d99c6498aba75 perl-devel-5.40.2-512.1.el10_0.aarch64.rpm 8fe702260b36c7b6986da648869549792b1927c0a8ecba474a4ad49484de5bd5 perl-Devel-Peek-1.34-512.1.el10_0.aarch64.rpm 97aec9ea064b691452543add3a00ef9b0ab12be34fa2fcbf0d80063c1ca0860b perl-Devel-SelfStubber-1.06-512.1.el10_0.noarch.rpm c5e20dc46a76c81d39581bec7dba3cd34e8bcbd55d0d1695738030c898c97bed perl-diagnostics-1.40-512.1.el10_0.noarch.rpm 9b993ecbf537f9b8cf7fcc2bba8e9237dcbe10fbd1e00fe8b8055b5e3d6a7a8f perl-DirHandle-1.05-512.1.el10_0.noarch.rpm d64e1eccf3366c9be2a3998b26bdb732314caedfede71f45729f2b66e700a3aa perl-doc-5.40.2-512.1.el10_0.noarch.rpm ccbbf526615bcc2b8076d26e5b957bd587df1185b8a89f10050c80049edd50fc perl-Dumpvalue-2.27-512.1.el10_0.noarch.rpm cae22391d31b927192b3be47b2727061f4455c0a2102000ae3ccdec554d5e0f6 perl-DynaLoader-1.56-512.1.el10_0.aarch64.rpm 3527fa9847563d5c47af3123e596ea2ce7d15692ba48b4c44cf481627d4c8e22 perl-encoding-warnings-0.14-512.1.el10_0.noarch.rpm 1fbd441fd14bde577f07caa18c9a65a54555bbc379fc93216692240e744d8d74 perl-English-1.11-512.1.el10_0.noarch.rpm b29f221e1a50532d874cd57b0640ccdab73bef336d474dc63b91370b064faa06 perl-Errno-1.38-512.1.el10_0.aarch64.rpm dddaae45a02b9d91a0b493024354ad900a5ab17bd1b866d34977751a90b24579 perl-ExtUtils-Constant-0.25-512.1.el10_0.noarch.rpm 673d5d8970de686dee8373ff9f98ac1c2402e68c83f39265122a76385961bc96 perl-ExtUtils-Embed-1.35-512.1.el10_0.noarch.rpm fdb1db30f202624588f7cbf745a4a6c8fca01afdf97210a5770510e7b9c2ace5 perl-ExtUtils-Miniperl-1.14-512.1.el10_0.noarch.rpm e72582fed4537442ae4e4a003b1dda5d9698598fb496633807bc081f0e9c15b9 perl-Fcntl-1.18-512.1.el10_0.aarch64.rpm 2c7a386e31ac78a114b6618fbccb2ec5246357de4f0859f445250c1ab8943421 perl-fields-2.27-512.1.el10_0.noarch.rpm 76406839f2803d7b0cb0e251407e0b2a962badf80d05a23875258f25fce023b6 perl-File-Basename-2.86-512.1.el10_0.noarch.rpm 18fe7a38257dc997a05f6c6c28982b7eeb3b2f3e5faf691fb96d0e937841428a perl-FileCache-1.10-512.1.el10_0.noarch.rpm 2b487ea17c1aa09778b7dbbd7ac1b47dc6a93b26530fe20371b2bdb51258ad20 perl-File-Compare-1.100.800-512.1.el10_0.noarch.rpm 1881005b6b2bde554c16be1802d9bbcd5a909de38ee51ffec32a02583ddb0382 perl-File-Copy-2.41-512.1.el10_0.noarch.rpm fba17e4e04679f16bd6d6504978b8c6d087c92272c84dee25556d094a11c6d74 perl-File-DosGlob-1.12-512.1.el10_0.aarch64.rpm 572b0593a287886441f83e80059723ba095cf0a1ce5871ce0c65054f8b4f9916 perl-File-Find-1.44-512.1.el10_0.noarch.rpm 4340329aebc6d4e2a20a4a0262490a02eab3c3f8c14cdbc56167041bfc406da6 perl-FileHandle-2.05-512.1.el10_0.noarch.rpm 3e39fb116ad7d27753bedcef1a6e820f63a60b4c5063bc43fdb243b9650a993a perl-File-stat-1.14-512.1.el10_0.noarch.rpm 69584b304b37a71085d1b1999832552e3dc1f121fa56d4f69a4e29a2e537fa65 perl-filetest-1.03-512.1.el10_0.noarch.rpm 40840e2b871078b6563e722341b7b125b6c9d53966929daeca5120eb6c5dd388 perl-FindBin-1.54-512.1.el10_0.noarch.rpm 9cad58324085e230d93182830c46360a175d1a0ffba308ceebc7b25f5a7a8038 perl-GDBM_File-1.24-512.1.el10_0.aarch64.rpm 9daaaf18ac1607c04c89dea1a41ffa623ece24c8008e3b51e057a789892a7605 perl-Getopt-Std-1.14-512.1.el10_0.noarch.rpm 99dcfad5e06149134c3ec786f6740c6c72b20ab6edb1cdc03369e2d4b2eb7767 perl-Hash-Util-0.32-512.1.el10_0.aarch64.rpm eed84aab149ae14e6e701f3b9c72bf9f492e4f9fd129262f24483cb76774fab5 perl-Hash-Util-FieldHash-1.27-512.1.el10_0.aarch64.rpm 54159906ccfc4cc6c260bcaf3287863759df1b512b06063308d5a9b7c0c20638 perl-I18N-Collate-1.02-512.1.el10_0.noarch.rpm 6d20a8498404c9197de54883101b165edfe2b93c5c62070b361e40ae8e3b7f30 perl-I18N-Langinfo-0.24-512.1.el10_0.aarch64.rpm 5838a11ffdbfc2687aaf1bc4939248d40eadc7541808e5694b6661a5cf784f7a perl-I18N-LangTags-0.45-512.1.el10_0.noarch.rpm 7f3c00984f9daf4674a3946e5cd3e42d38241c28cd50a538ad65b933038acb3b perl-if-0.61.000-512.1.el10_0.noarch.rpm 0e7302913d6133623cbe84b6f7cac2e372e6b05d5f79158b1856baf46a731c51 perl-interpreter-5.40.2-512.1.el10_0.aarch64.rpm 52e65ddc7b2455fba0f2638899566d289897bff41ef171060404555c6067fdec perl-IO-1.55-512.1.el10_0.aarch64.rpm 2f2e7d4b164c5ddfc5c06157ba6df5e6ca1d81d6503761d5057720109ff844cf perl-IPC-Open3-1.22-512.1.el10_0.noarch.rpm b457c4435a6f06fbc648180db5a51c4438d66b150001498f77ea7c211b372769 perl-less-0.03-512.1.el10_0.noarch.rpm 670ebc3d46f7503f84b3d69f79b0cb7ff7958b8e7253c1b33c195be31fc9e680 perl-lib-0.65-512.1.el10_0.aarch64.rpm a3025a3a239e5baf5be513e5014968569e4480a6a3fea735a4f1a0e9d80efce5 perl-libnetcfg-5.40.2-512.1.el10_0.noarch.rpm 41de6c67a452247623014006b4ddb34678ea17acceb43e9df3d2c76725d51ae2 perl-libs-5.40.2-512.1.el10_0.aarch64.rpm 5c00da41ee5de69845c2e6a705fa58f6b9778b5492a103ee139bc9b13f33c4d2 perl-locale-1.12-512.1.el10_0.noarch.rpm d20218fb1d4cfb6ba774c3c65ada3fc3ed221a352046a7888d828c9cc1f04b53 perl-Locale-Maketext-Simple-0.21-512.1.el10_0.noarch.rpm 0748651e441428a3fe630edd8e59c7c4bd1298c11f73609870dd47f6f1fdbdea perl-macros-5.40.2-512.1.el10_0.noarch.rpm 29508d63ad1c04709cc244b49fee772f1b739c98a5cf40ef77655047e9cb9ab4 perl-Math-Complex-1.62-512.1.el10_0.noarch.rpm c65895672c9bb24c35443a82c397d44f2f1eaba3153f78cac25c474240025754 perl-Memoize-1.16-512.1.el10_0.noarch.rpm d7bce1afae95fba04201089bb45eda58f4a6dffe75e15396ae01735f47020508 perl-meta-notation-5.40.2-512.1.el10_0.noarch.rpm ceb2b652e10eb44fa6b0ab9d404ea5d1a504148c788298974b7f0dda845c996b perl-Module-Loaded-0.08-512.1.el10_0.noarch.rpm c4802ec4db4c080bf27de5740f4460b02dac0afcf04c90e96895d73d81e70caa perl-mro-1.29-512.1.el10_0.aarch64.rpm 5c3a3aadded1673e3dec9df428d43fbc1715447821fdc5dd82c843ab4150a38e perl-NDBM_File-1.17-512.1.el10_0.aarch64.rpm 71326520b3fc6aeeb7ee2040349e0d784d620d132d2d8a5626a074bd733ae240 perl-Net-1.04-512.1.el10_0.noarch.rpm 3f05fb3a1ccdbf490a8da8d17a6b2f49eb891ce079d12d37896a678226717001 perl-NEXT-0.69-512.1.el10_0.noarch.rpm 9bc98bc8feb85d727a82b56b0005d351538fa826649abcdc0d7f94dda0a3f72a perl-ODBM_File-1.18-512.1.el10_0.aarch64.rpm b3a4718af4143d0af0f054299500770b704594fd05b226f02d06ecd05bccf223 perl-Opcode-1.65-512.1.el10_0.aarch64.rpm c5a8c4dbffd9c17230a54cfa56b4117cb6e5cb416dfac8088f5d4a6395ac65ea perl-open-1.13-512.1.el10_0.noarch.rpm 5805aba0d8aac827b89fa9b1c6af7998c911c1189b0967b32307a0216270d0d5 perl-overload-1.37-512.1.el10_0.noarch.rpm 9c701c301917c4cd0a536917ee80b2fc29c532745afa6d840aac1e73ae420502 perl-overloading-0.02-512.1.el10_0.noarch.rpm 1567b7808f7d0a3664abddb60175c5009f301886b2b15a1c81ead50987300c5b perl-ph-5.40.2-512.1.el10_0.aarch64.rpm ddd93186af4c8a84388f097d005a0f29609878cfda54ae5340b4393b23a8f733 perl-Pod-Functions-1.14-512.1.el10_0.noarch.rpm eeb09288b3ad9d99f248311e87142e9a46f7bc9989727a881b363ba4f6005c22 perl-Pod-Html-1.35-512.1.el10_0.noarch.rpm 8221ab5df8c2b1ee30ecb1582bbdf7ec18586516e5c84ebf0cb4f6555da9a7c2 perl-POSIX-2.20-512.1.el10_0.aarch64.rpm d846e335703fa153448fb7e4d3426d6f40fbf0bac5fc3c1c47ffa9aa5f1362cf perl-Safe-2.46-512.1.el10_0.noarch.rpm 6144a8a3c79c9e5a80b8607af9c539b134abb4008bcfa2eb0880a18a8459441f perl-Search-Dict-1.07-512.1.el10_0.noarch.rpm 51c258972fdd46bbd373502c17e6b48644f119ea220152a0d3a4b51c1700a0c5 perl-SelectSaver-1.02-512.1.el10_0.noarch.rpm 8431cdd6e9d962bbf1298e488b9e5af8bc7f184ecb81ddadb8fadf58ca223e88 perl-SelfLoader-1.27-512.1.el10_0.noarch.rpm 28d0a2be3dc6a6d05b9e81f46a68fee3d91b26b4461388400dce5b0f27966800 perl-sigtrap-1.10-512.1.el10_0.noarch.rpm d02f886ef561027bc19c4418b8de4b5bc7537fe3d35a17db4c2be08d5db132f6 perl-sort-2.05-512.1.el10_0.noarch.rpm f1430143b9693f9bc1e12d1a9df1544d48cd424fc43c3ba61502be710bc60740 perl-subs-1.04-512.1.el10_0.noarch.rpm 8918c1a21617b7914d8634e7eac6abde85e395b50e6a6e321b93a3968e7f3da4 perl-Symbol-1.09-512.1.el10_0.noarch.rpm 17ead97396a311f64f762f306ccf538c25d49404c16e5012fcfff7795db9a969 perl-Sys-Hostname-1.25-512.1.el10_0.aarch64.rpm f913df04a84483c8d382a75da4a77675a48c2267fcb97ae3987b04b7d41d04ed perl-Term-Complete-1.403-512.1.el10_0.noarch.rpm 66b362c03c004559eb0df57b25449a54fee5c3c473bf9ad824a949a0b9b7de9a perl-Term-ReadLine-1.17-512.1.el10_0.noarch.rpm 9634510df64298d518d9da81f0498e3c32b5770f5b09ca13b173d29b223c7621 perl-Test-1.31-512.1.el10_0.noarch.rpm 526ad97e3b7dcd8863fc3e778974b1472368f7d1a8f17b80a05788fa8a6fdd98 perl-Text-Abbrev-1.02-512.1.el10_0.noarch.rpm 4281e15c48c90708addcc97d41dd25ed9b69c773df3edfc024191d6446d1a506 perl-Thread-3.05-512.1.el10_0.noarch.rpm cc65ce65130f119bce6de89dccb7175ccb960bd6bbbbb2adfc271c4f74ea68cd perl-Thread-Semaphore-2.13-512.1.el10_0.noarch.rpm 86a92e6eb3c9000fb6ea1184ee93b94e0fb0a3ebb51fc4a69672ddf1dbb39749 perl-Tie-4.6-512.1.el10_0.noarch.rpm c504397313693520cb3b5ac42a41f4e460526b0a166eba98ebfe0267c58f9aff perl-Tie-File-1.09-512.1.el10_0.noarch.rpm 81d7b7e5cbc4c391f219ebb42adc67dabfe157c3f33b1d3f1ad9e54aa2b884d4 perl-Tie-Memoize-1.1-512.1.el10_0.noarch.rpm 21cc178b7ea848ba45ef3ffa2fe36ed8904fcae31f89b18a48d6cc535ac83a09 perl-Time-1.04-512.1.el10_0.noarch.rpm 1086aba3487a8b2a57d839272fb1e3cf43753f814604070a7469ef0e965d27ed perl-Time-Piece-1.3401-512.1.el10_0.aarch64.rpm 5a67baed9ade1c8d6d6f5dead733eaf1e33cb2c5b654a92841e8da156b4b6663 perl-Unicode-UCD-0.78-512.1.el10_0.noarch.rpm e946bb7b7bea19f5129b8a8f51f60b33fb9ef11f48252c61ba0821caa8348088 perl-User-pwent-1.05-512.1.el10_0.noarch.rpm 2e134003c8129f2b32aa4fe533959d092ec05a46c8dcca4388ba21cc680aef6e perl-utils-5.40.2-512.1.el10_0.noarch.rpm b57e93b65d5b1b9382282af8ae96173bc97169fa2afabb3eb3890745f973e30a perl-vars-1.05-512.1.el10_0.noarch.rpm 5a825accc7d995c71c719ec15ab84221c533a3abe6be6b061381d7606a4854b6 perl-vmsish-1.04-512.1.el10_0.noarch.rpm 1105ceabfffbdb6623a09ef153437cf83399cf3c9e90886af08debdef5ea9efb RLSA-2025:7494 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms tomcat9-9.0.87-5.el10_0.noarch.rpm b437e4fc937d6b74f899196746d369a6a92329101a31896fa56218c02f46d8f2 tomcat9-admin-webapps-9.0.87-5.el10_0.noarch.rpm 9d89438b2d7d2e13b6ca687b167d642ffaeaa56759ff8ae29ed4b0c6f999c116 tomcat9-docs-webapp-9.0.87-5.el10_0.noarch.rpm da4573e35e6a878c5d8b183fca36afb47d21bd6ddf6986b5036c8fda3a50c899 tomcat9-el-3.0-api-9.0.87-5.el10_0.noarch.rpm 633995220500848334199accb63d5fb50138965dc0ea0be7ba15ff6781f0bfcf tomcat9-jsp-2.3-api-9.0.87-5.el10_0.noarch.rpm 6998f6dff03a9fe84d0f74fe7d58d24d7e852dc4120eece360bfad99e4fd026b tomcat9-lib-9.0.87-5.el10_0.noarch.rpm b4ad34cca71a8de6a211fca37ab3c96e9b9c7ea305fed7b854295b1b4b834f5c tomcat9-servlet-4.0-api-9.0.87-5.el10_0.noarch.rpm 18e71ac028c3f2d5029044ab9c6f2b8b1f9e7807d493ae50a4cc5ca943de0197 tomcat9-webapps-9.0.87-5.el10_0.noarch.rpm 249400041e694a3f0a2163c207d03ea61a785931ebc8a089e7b48bfaf645da9e RLSA-2025:7497 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316) * tomcat: Apache Tomcat: DoS in examples web application (CVE-2024-54677) * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms tomcat-10.1.36-1.el10_0.noarch.rpm 4cf0f9042968d70ef2898c37fac49a01de1b1cfa3c328bb07b209e3d8dbff610 tomcat-admin-webapps-10.1.36-1.el10_0.noarch.rpm 9d6f90224fc1711fe2b7abdd716b0731eeffed54dd5cc1aa367e2b363761005f tomcat-docs-webapp-10.1.36-1.el10_0.noarch.rpm 6d0065b1bf9c100520228fb27d19e05a21a94c08f7afb93cccc1b8c481217c8a tomcat-el-5.0-api-10.1.36-1.el10_0.noarch.rpm 3976c9f95398f8f87e813ac6f2c3a79195a292f9e82730aa3c2eaaf89eb584c5 tomcat-jsp-3.1-api-10.1.36-1.el10_0.noarch.rpm e1d02f3b4da77ba27efd41c2081f47ff826e02cdb6f7178d694c7f0d690a79ff tomcat-lib-10.1.36-1.el10_0.noarch.rpm ea3e898fec9e468462d24e57789c94a1715e2bee582c87c2323232f238570be5 tomcat-servlet-6.0-api-10.1.36-1.el10_0.noarch.rpm ef37f975774200329ec5683bb10febc6cd7f6be8d8713a6834f245f604f6cf1e tomcat-webapps-10.1.36-1.el10_0.noarch.rpm 5001b035bd821674c28eca7704f915abfad1d76546fce19420e00a3452040571 RLSA-2025:7490 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for mod_auth_openidc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix(es): * mod_auth_openidc: mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data (CVE-2025-31492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms mod_auth_openidc-2.4.15-4.el10_0.1.aarch64.rpm f5004a29d6093b56e49bea5398a6702c6370ae6b614a409638532f8e1d1cf584 RLSA-2025:7458 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms xorg-x11-server-Xwayland-24.1.5-3.el10_0.aarch64.rpm 4a428db076d0f1e5aa0cd2fa9d679da294a75d3f26fad58ae93769cb2dc9eab8 RLSA-2025:7462 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms podman-5.4.0-9.el10_0.aarch64.rpm aae5c5ac1cd7fcce7904d4e9846b23ce728719339813051bef5e84b4ec2b70b2 podman-docker-5.4.0-9.el10_0.noarch.rpm 7ae66cfa21aa2ec6ca3c8a9071719dbd74044bbae59aa125845f0deb025a6329 podman-remote-5.4.0-9.el10_0.aarch64.rpm 6e025e537dd056a986555093b9e2061e4654fdeaf2caf1f645741131847633f3 RLSA-2025:7482 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: The sideband payload is passed unfiltered to the terminal in git (CVE-2024-52005) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms git-2.47.1-2.el10_0.aarch64.rpm a88e3bfdcc17ad3663277449ab689560db89bdd72c91472ca81dd82faff4cd0f git-all-2.47.1-2.el10_0.noarch.rpm bdac5c5ba4bfafed747139711d4f1914945210296dc86facf5432c7f99084f22 git-core-2.47.1-2.el10_0.aarch64.rpm 1282845b31c497a7ffd8394843ed4c79c6c32451fed01257b49003f1c26e0be1 git-core-doc-2.47.1-2.el10_0.noarch.rpm dff88d5bf97778c8ffa84c94fba0c513a974d8a22377dacb9d0d3d144e8ac113 git-credential-libsecret-2.47.1-2.el10_0.aarch64.rpm 862ab4ada0e9972532f7c7f42adcad297036e254187d43b00f8a58e9acd3a2b9 git-daemon-2.47.1-2.el10_0.aarch64.rpm f692742870f8565adead8a3513d52dd8d75a8a4e255282968a56a8e9e68cbacc git-email-2.47.1-2.el10_0.noarch.rpm 302cbdefd3aeef9e3cb6a60171ca3ff7359992cb4a9152b7108d104ea115f6d9 git-gui-2.47.1-2.el10_0.noarch.rpm d7de5ac4a009799fac2ddf54a02931c705ee1a98dfbb9c68d7896e07dd1d639a git-instaweb-2.47.1-2.el10_0.noarch.rpm a7b51b56a736417cf73bce8edb49e630148261994fafcf7452aadc661590c3f7 gitk-2.47.1-2.el10_0.noarch.rpm b3aee409817b28b7d56de0fb83098e1cc9beb2e16a62e94090dd8cfdebab8fcc git-subtree-2.47.1-2.el10_0.noarch.rpm 46242bbebcd1ad2839abfd60513fb03fd03784110b4f23a33292b9b36b2767e2 git-svn-2.47.1-2.el10_0.noarch.rpm 3bcd83dd028d37947088d1f3cd86a662a008b0ca693c9e3540f7e9b50b858c28 gitweb-2.47.1-2.el10_0.noarch.rpm 0decb63454ebe01d56cde889e20f36c21e1a53be754ff0371ace2d49352d47cd perl-Git-2.47.1-2.el10_0.noarch.rpm a71275b85f0a971d28ad5a09f367052c44662020585c0053e7ae7dda0527c0db perl-Git-SVN-2.47.1-2.el10_0.noarch.rpm 43f3df75d8bf0c722c592f13c33b87d3e1cb0939f38aa0849043d9b7a60c20b0 RLSA-2025:7478 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fix(es): * corosync: Stack buffer overflow from 'orf_token_endian_convert' (CVE-2025-30472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms corosynclib-3.1.9-1.el10_0.1.aarch64.rpm 12d12308d43f7ebb4a58e719c103b31a973f8cf43ec7b8130b3f367448740e4f RLSA-2025:7489 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for php. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217) * php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736) * php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734) * php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219) * php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861) * php: Reference counting in php_request_shutdown causes Use-After-Free (CVE-2024-11235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms php-8.3.19-1.el10_0.aarch64.rpm 2b7bbde608db7c9fcd866ac4fa37d38284a07feac5bc6994c25d792bb8ee326d php-bcmath-8.3.19-1.el10_0.aarch64.rpm 3b09c0857a258bf80ba0714820ee86f48c03de87bf466ffe24195ff78cc378d0 php-cli-8.3.19-1.el10_0.aarch64.rpm 6ce9ef0fa55797529cb67fd1095e0d73fb12117f261a41d1e3e7c1459a4e58a8 php-common-8.3.19-1.el10_0.aarch64.rpm a7f0bf365bf421dfed0390de349477ebb45cd0935463445be15f36f88edf3ed8 php-dba-8.3.19-1.el10_0.aarch64.rpm ffc21f19dba9646109392134921e82dbc16677a7befe98e791e338d16d212097 php-dbg-8.3.19-1.el10_0.aarch64.rpm debedd72814913ffd9590b2b07245c45cccdb01b1bf6d4cee733fb1a0cab32ff php-devel-8.3.19-1.el10_0.aarch64.rpm d6978b2f37a645aa184bef2fb7faaa70e53286193bb917bd7c4431635d3f8eb3 php-embedded-8.3.19-1.el10_0.aarch64.rpm 396f73f73a0748c864be3bc4ee68173a81f3eba66d60eafe5443c5fabf26db0b php-enchant-8.3.19-1.el10_0.aarch64.rpm 1771089f90d1ce305e37b279e994ff7586599d29bdf2845d941d913f32b7ef76 php-ffi-8.3.19-1.el10_0.aarch64.rpm d34877bc30fa98707a4ada9679c571ccff4175b9df74b49481753b5a36a801b0 php-fpm-8.3.19-1.el10_0.aarch64.rpm 68ecb22d629710629d8bd6f4b61a58feb2152f5bae695168e733d4ab9b2d9192 php-gd-8.3.19-1.el10_0.aarch64.rpm 923089ce99a1b66f71d4d2cc1424611f71f2891ea78114927561371aa98fe27a php-gmp-8.3.19-1.el10_0.aarch64.rpm 780ba082ca85076fbd0412ee58221a4ac4324c7448dd473b96bee60e86ddc381 php-intl-8.3.19-1.el10_0.aarch64.rpm 76dc4f09a00f3ecca19942707a684e14962814966d225965a5a67ccb6180171e php-ldap-8.3.19-1.el10_0.aarch64.rpm ae667da5d09dd783bb79098cc6a0596fb80be4f8c9126c1600e504757ea7b027 php-mbstring-8.3.19-1.el10_0.aarch64.rpm 6e3e7c8a11fed0c650c90cd106441b38027283c22cc9acd784e809215a5c63bb php-mysqlnd-8.3.19-1.el10_0.aarch64.rpm 6d86978406227e93bb3ee5e159de93e2e36168321834743673cb36478d4f8e9a php-odbc-8.3.19-1.el10_0.aarch64.rpm 55b01bd6992f430125f2fa26d3eab0b06d9e8ee62afb27f8e444effaf379cf1f php-opcache-8.3.19-1.el10_0.aarch64.rpm 48b62e61bfe6fc6031e1101e83fa29ec35c1fe1e6624734138b64732cc68ba0b php-pdo-8.3.19-1.el10_0.aarch64.rpm 0d06cdfbb3ae9a1c6cb2a744b149f7079333aa56842a2c839959ab0dd4dacd37 php-pgsql-8.3.19-1.el10_0.aarch64.rpm 1c3cdfabaf98cf9cf7b1702841386394da3fdd7c819ab21f3885af752d186980 php-process-8.3.19-1.el10_0.aarch64.rpm 75b460d2911455e81325c8d00df579b9bb7417005c7fc957332df24df3446abb php-snmp-8.3.19-1.el10_0.aarch64.rpm e2d750598c581c520b7f071a40b84ba7001a8346f9b262ba51517bd95dea08b5 php-soap-8.3.19-1.el10_0.aarch64.rpm f31b159a560909ca0fa5357d4f2d855da5253ee1ba8ca7837c4cc9a568bc0e7e php-xml-8.3.19-1.el10_0.aarch64.rpm cc4e7dc66f7ee29b4b8a7de0b232dca9d0c8a50a3fdf0f2f7847e16328618df8 RLSA-2025:7479 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) * golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868) * github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786) * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms opentelemetry-collector-0.107.0-9.el10_0.aarch64.rpm df4d486cdfc5cc1043ab1c8ff1d1c20e68cc5e87630e998bc83973bd7ef1cd76 RLSA-2025:7509 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (CVE-2025-21605) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms valkey-8.0.3-1.el10_0.aarch64.rpm 18061271f9471788e6e4c1f50abe55b591a40293b2f5b916b839baba1543e47b valkey-devel-8.0.3-1.el10_0.aarch64.rpm 719399532b37a0b00cfaad8cd6f60261ccb4ebdafcbc0d12cc1fc6833a904193 RLSA-2025:7517 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sqlite. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * SQLite: integer overflow in SQLite (CVE-2025-3277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms sqlite-3.46.1-4.el10_0.aarch64.rpm d3c1c0ff5e7b1bfa8343fe3019e45f1f913f8a63cb22b7e22454a31a3f8bd006 sqlite-devel-3.46.1-4.el10_0.aarch64.rpm 959c17c959f8e6119abf09ecd0988c0ca02254b65b1e751fd7eb2ae66038d20b RLSA-2025:7467 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for skopeo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms skopeo-1.18.1-1.el10_0.aarch64.rpm b80f9f6d3b9dadef786257c91fa91316976d863f2d8b33150c9444c415972086 skopeo-tests-1.18.1-1.el10_0.aarch64.rpm 84433b3a8f46f3e5d06a17f30a37e0d32c09146de75d4b675dda5ddcc8e30557 RLSA-2025:7459 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms buildah-1.39.4-1.el10_0.aarch64.rpm e8ea0d25aef77a9bea9ae374430f45538702ea5f6120afcc9c4726cb2a5e5e8c buildah-tests-1.39.4-1.el10_0.aarch64.rpm ffed8fb218b48fc6d1cfacb96ae3543ab3f406c7a7d8c9865fbd5380fe362f7b RLSA-2025:7512 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Expat is a C library for parsing XML documents. Security Fix(es): * libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms expat-devel-2.7.1-1.el10_0.aarch64.rpm 8a49d2777d818bf604915a42402af05551137c65c13ac7dfd02f760fcd5dcb78 RLSA-2025:7457 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for exiv2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fix(es): * exiv2: Use After Free in Exiv2 (CVE-2025-26623) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms exiv2-0.28.3-3.el10_0.2.aarch64.rpm 8d43edb00c691b981eae36dfe00bbc6669eebbccd16790683a37de153e4b7013 exiv2-libs-0.28.3-3.el10_0.2.aarch64.rpm 337e28fea3ba8edf6f2dccc627119db70139563956cf5bda7b9071aba0369a75 RLSA-2025:7524 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xz. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * xz: XZ has a heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms xz-devel-5.6.2-4.el10_0.aarch64.rpm 5c714c5bd9ad0ae4066e9e7aad494711bc86d688d443bb8c6c18fea4077d022c xz-lzma-compat-5.6.2-4.el10_0.aarch64.rpm 067fde881c15f1b403af5d3dbe3afb1a2559dc2d7dde2a3a2258a85d57e4edb5 RLSA-2025:7592 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fix(es): * yggdrasil: Local privilege escalation in yggdrasil (CVE-2025-3931) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms yggdrasil-0.4.5-3.el10_0.aarch64.rpm beea4d7fc17a73b4e00928122f3b09faa3569a0db9432cd872ebe7a9b651ce4c RLSA-2025:7593 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ghostscript. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * Ghostscript: NPDL device: Compression buffer overflow (CVE-2025-27832) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms ghostscript-10.02.1-16.el10_0.aarch64.rpm 9f363958513942357d3a8072ab9caa791506fb89f1736dd5ba72228802d6332f ghostscript-doc-10.02.1-16.el10_0.noarch.rpm f4914cfd80f9e897646ac8e36f35e168dff0f5d687bedd1ecc1e5136f57ddfa7 ghostscript-tools-fonts-10.02.1-16.el10_0.noarch.rpm c86349f057a12bd7dcb6abc7f6f0724a83df500266b99fe894462a62ef242058 ghostscript-tools-printing-10.02.1-16.el10_0.noarch.rpm f20d5ba7b32a253d2c2a24a263142c8d24062116a76f8bb2d82a0ece4b9875ea libgs-10.02.1-16.el10_0.aarch64.rpm d1cdc3782f5f2a27551e72dcfc2a6dba92fee914e58a3fceff6048cd36317b32 RLSA-2025:7599 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-8.0-8.0.16-1.el10_0.aarch64.rpm 9f04c8f076a8e7db4286fe4612fbd58cefbeacc1ecbc4e3a18471c88d39f8d73 aspnetcore-runtime-dbg-8.0-8.0.16-1.el10_0.aarch64.rpm 79e2bb90cd0be88722d576bdc2bd610dae7c4220cbfdf1ff51a379cac2ab84f7 aspnetcore-targeting-pack-8.0-8.0.16-1.el10_0.aarch64.rpm 8f48aaae18366533db35aa8e4544bd1b46dbe635b4e24adc7dfbaf50ec861bba dotnet-apphost-pack-8.0-8.0.16-1.el10_0.aarch64.rpm 5b49945d281acaf0e7fc27a0bf880580d54f5388e69d2db9e7cdd3fe1c8e532b dotnet-hostfxr-8.0-8.0.16-1.el10_0.aarch64.rpm f590c4540ae16a904d520defbdc99a6afe8be1fef244986c2f9c8f7e0fb7174f dotnet-runtime-8.0-8.0.16-1.el10_0.aarch64.rpm cb5ad0088be8164bae07226af50ceafdc3521ce0d2e4bec6c7640ee14e6f316a dotnet-runtime-dbg-8.0-8.0.16-1.el10_0.aarch64.rpm 25021f30be2b8578d4c5fd1a2bb06ed045b82cdc13d86cf551f77d66c2fa6823 dotnet-sdk-8.0-8.0.116-1.el10_0.aarch64.rpm d861c5429f4d5539908df0e011241cea4027730183ddddf79b3d40fd60925cca dotnet-sdk-dbg-8.0-8.0.116-1.el10_0.aarch64.rpm ccace88b3125a4b80f2a1488c5cb6c74c1582af27d55af187f267b7f225f8ea8 dotnet-targeting-pack-8.0-8.0.16-1.el10_0.aarch64.rpm 0a96856399a15f8e05721b14b249b0f721a1d583e2455bdc009a0cd1995efd59 dotnet-templates-8.0-8.0.116-1.el10_0.aarch64.rpm 99445be0065789af35b869ae80d0b41cf0b6b9d1b445730ff7612161c340dd67 RLSA-2025:7601 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5.Security Fix(es): * dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-9.0-9.0.5-1.el10_0.aarch64.rpm d7762d78b3846423cfb7ee5542833b2cdaf11686a9e1162b875f3bf5452f0108 aspnetcore-runtime-dbg-9.0-9.0.5-1.el10_0.aarch64.rpm 4d4cacac0833ffc30d42f605bad52518d8e11af2b870437e2156499663cd4a74 aspnetcore-targeting-pack-9.0-9.0.5-1.el10_0.aarch64.rpm b9597f486d2a5e6e5be237cfa9506a4a94338c3cca944e43a2d3817a4c4bd20c dotnet-apphost-pack-9.0-9.0.5-1.el10_0.aarch64.rpm 14ea597bddbbf31acf9a25993d83b5ec1f888ecb3ea4d8add07aac841bbd897d dotnet-host-9.0.5-1.el10_0.aarch64.rpm de9f04933f5135a5fe89b6c61d3837f665de84aca474116b892f5d152ecd9db8 dotnet-hostfxr-9.0-9.0.5-1.el10_0.aarch64.rpm a476731a732a8c87a41d20a4dc2068f815d3d1a712f896fae8cfbb02a4d5b28c dotnet-runtime-9.0-9.0.5-1.el10_0.aarch64.rpm 07c73f4d883d13225ab9a19d0ac7e339a5f0d9181e141dd089407c72678b8532 dotnet-runtime-dbg-9.0-9.0.5-1.el10_0.aarch64.rpm d1a295cba69e5e159ba5c5da9e2667c97a56198f5296416de64b520bbbfeaaeb dotnet-sdk-9.0-9.0.106-1.el10_0.aarch64.rpm 59120662a9d54082646afb2ff77f7f1a51a9aca5c468d4b3a99559e8e884b0c2 dotnet-sdk-aot-9.0-9.0.106-1.el10_0.aarch64.rpm c94ea637034eb8ec8f641e54f574410acaa2b944651b4e7ccd093ec71ac2f8db dotnet-sdk-dbg-9.0-9.0.106-1.el10_0.aarch64.rpm 5534acc941b79de7a7ec89e52d72fc32185d76689eb2061ab270afe74dfae26d dotnet-targeting-pack-9.0-9.0.5-1.el10_0.aarch64.rpm 09bf2fcc341230738bf30dbe6a8bc241379fa90a900f89bbc6d80b3cb41c1871 dotnet-templates-9.0-9.0.106-1.el10_0.aarch64.rpm 1a0afc501e4c05087759d19bd9c4740f5bc78e6ca0ecc576c2a39f4a835fb323 netstandard-targeting-pack-2.1-9.0.106-1.el10_0.aarch64.rpm e2608d5bc7e5b5d6cb5d6d2b29ccd9f0b1cd670c5dee7dd41f1fa860e4af1f34 RLSA-2025:7892 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect (CVE-2025-4123) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms grafana-10.2.6-17.el10_0.aarch64.rpm 5e9b77d17ee06657ce145929e0524f739456383cade94cddfb136d4b91ac16b1 grafana-selinux-10.2.6-17.el10_0.aarch64.rpm 1db66c315643ac8cd269366526afb4c1706f655719f68e9deee3dc630bb77231 RLSA-2025:7956 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CVE-2025-21966) * kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CVE-2025-21993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.12.1.el10_0.aarch64.rpm 1e705c0e150ee2ab57ab764b3d265b1a04a0f25b357d77377d844c662b406889 kernel-64k-debug-devel-matched-6.12.0-55.12.1.el10_0.aarch64.rpm 32c864a87e45b5d675327c2484a62f0fddb98f174b79a643061773da296335dc kernel-64k-devel-6.12.0-55.12.1.el10_0.aarch64.rpm 5fa16cb6e7f76b7c99b2bac03562b883fdeb2f57c1cff1d89651d67498cd18a5 kernel-64k-devel-matched-6.12.0-55.12.1.el10_0.aarch64.rpm 09783ebbe4a958e333a9a6615ede63f80a045a1880762a623ca73c11b4948feb kernel-debug-devel-6.12.0-55.12.1.el10_0.aarch64.rpm b249ac7c808f28d3f14a91dc07cab2b1e6dbb7eec2da3dddf74d4e66dced1df8 kernel-debug-devel-matched-6.12.0-55.12.1.el10_0.aarch64.rpm f118d341dc9867d42bf5095a015e3aa6fbc3776dc9ad5a7c41969f6b30631d12 kernel-devel-6.12.0-55.12.1.el10_0.aarch64.rpm f40f2e2af77811b7b9c55f2a2a2b146f3da532d81913b81f79bba163cc6d5f63 kernel-devel-matched-6.12.0-55.12.1.el10_0.aarch64.rpm 23900f73de85c418a9df810b2c7b6de1b847dfa1f363431ae8cbe4e471f89f15 kernel-doc-6.12.0-55.12.1.el10_0.noarch.rpm 30db1e51640edd8a4b7c99aae38a28b8bdce6157ad1dd73f6eba9bd94dff1384 kernel-headers-6.12.0-55.12.1.el10_0.aarch64.rpm 61b396b3dea610bf20d79a58e7f464ac57c5666d2ef5a771ca0ec01f808fbec1 perf-6.12.0-55.12.1.el10_0.aarch64.rpm b8b83917fa825ab73f8e3606e0f0da598b644dd9d580d245dfff644e0de59e68 python3-perf-6.12.0-55.12.1.el10_0.aarch64.rpm f85db15b768d1c9ec004b571c66399455b7592ba15ffa5efc5aae698e878740e rtla-6.12.0-55.12.1.el10_0.aarch64.rpm 2418b317bcdb3ff635b1de6678868dc4900a3b3054a5e7151710202e596788eb rv-6.12.0-55.12.1.el10_0.aarch64.rpm 9217e8f03f7fa69e995e1b22356dba1ab475befeb7d45142b7a44a521a84ca44 RLSA-2025:8047 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbounded name compression could lead to Denial of Service (CVE-2024-8508) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-unbound-1.20.0-10.el10_0.aarch64.rpm 9f2c083f74c844cf485012f53694d4ea50bebc985ecb805b4730f65311db4ba4 unbound-1.20.0-10.el10_0.aarch64.rpm 14bdb1ac09dee8be1336671100a8292d8d9fad2051dffd02d7ae9f5b3c9ea3a5 unbound-anchor-1.20.0-10.el10_0.aarch64.rpm 077ca2c607b17cab94d770df4d25597128651c69e475d5c390380a8ca7d40737 unbound-dracut-1.20.0-10.el10_0.aarch64.rpm 168347a97a7281cfd14e921a6bf5d06677aa86e2502b6c3e432d111e56f4b7ba unbound-libs-1.20.0-10.el10_0.aarch64.rpm e12d92edb46e46a79246248af0ba2e57c49d1a6738f32b7ea46152ba4a35f94f RLSA-2025:8125 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-128.10.1-1.el10_0.aarch64.rpm ddc663c77f923ebec3a09cc8e84fc72a9467efd079750c3e1d2c9a101e08e084 RLSA-2025:8128 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. Security Fix(es): * libsoup: Denial of Service attack to websocket server (CVE-2025-32049) * libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header (CVE-2025-32907) * libsoup: Cookie domain validation bypass via uppercase characters in libsoup (CVE-2025-4035) * libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libsoup3-3.6.5-3.el10_0.6.aarch64.rpm 8ff908399d99a56961aa0acf6ec3e42ab9f207e0c7de0a6500996201113aed49 libsoup3-devel-3.6.5-3.el10_0.6.aarch64.rpm 2a2d748fa4d17411753dd822a42a0e59604967c7c7a5c30e65ba94fdbe25343d RLSA-2025:8131 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for ruby. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion (CVE-2025-25186) * CGI: Denial of Service in CGI::Cookie.parse (CVE-2025-27219) * uri: userinfo leakage in URI#join, URI#merge and URI#+ (CVE-2025-27221) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms ruby-3.3.8-10.el10_0.aarch64.rpm e3d3b3b6255ad4f0f84a7ff7c041fe7ea893b4a845487e214a2cce8b15342d67 ruby-bundled-gems-3.3.8-10.el10_0.aarch64.rpm 79c2f5428481736f48d1bf4d71ca9972335c6028626d7b8913b8e5c6aa73ecb2 ruby-default-gems-3.3.8-10.el10_0.noarch.rpm 2904c2be6de7adbab5728cba1bf5f581345a9ec634bf41d756b327d5df6cdc1d ruby-devel-3.3.8-10.el10_0.aarch64.rpm 3322a77b87b6f60f9de591c7abcac8ed9ecb07f80e4aa20563da3452d4332b3b rubygem-bigdecimal-3.1.5-10.el10_0.aarch64.rpm cdcbb70f068be52bd84a9b60619e68e81316ac133b431363cb73ef899091512f rubygem-bundler-2.5.22-10.el10_0.noarch.rpm d7b4cd0ea6f73904a04b3406e6ae24ec8054e6d370477622248c6da2d0cbba61 rubygem-io-console-0.7.1-10.el10_0.aarch64.rpm e642314f6e369def1e4674c21b684a6db1d9d70a0c75f0a5a1c15ee03fe5e65f rubygem-irb-1.13.1-10.el10_0.noarch.rpm 47789a9d47f47375f2265bbfba6a021f98d2f2840f774b8c8dcb2d64a11c79f1 rubygem-json-2.7.2-10.el10_0.aarch64.rpm 5601918c32ab2ecc95425fc21848d3e872234ddfacad56a754c760725fd3dd34 rubygem-minitest-5.20.0-10.el10_0.noarch.rpm 443713643e31df383a0adb8f57a219441de801e241bcb862d3be37542d8c3d72 rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm fd83ea41220fdd4bcd8e00f692c937507141e2fac3adae231441766600ac83a9 rubygem-psych-5.1.2-10.el10_0.aarch64.rpm 2ebd5b6912c0eaeb879d07b0fe8c59330b5eebe58d211af22e2e5df8c0756271 rubygem-rake-13.1.0-10.el10_0.noarch.rpm 18f422e254af9edb5743dd00a53c2ce7a4d0e04939a2ab9ac711a7bd264a1e84 rubygem-rbs-3.4.0-10.el10_0.aarch64.rpm 3dacf56b91c1dc3845fa199b7e6eb883a4aa0090dcf1a348b2d621bea83b0e99 rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm 656cedbc171c0d9924948b15bb319b8220c71e29a74a040d6f4a4f1b3358dde0 rubygem-rexml-3.3.9-10.el10_0.noarch.rpm f63afbc11ae33c3c780e6b46f2f7274c2ef874656cfb4633779181a508e8cf9a rubygem-rss-0.3.1-10.el10_0.noarch.rpm 312bb55e83f14b500d7a0e5c911f8745d5b5d06a3fcd847fb314c943deb18d1a rubygems-3.5.22-10.el10_0.noarch.rpm bb066d3068ce2da7cefc8f9f89d01e223d2870bd4a509e0aad5ebf7432a860be rubygems-devel-3.5.22-10.el10_0.noarch.rpm d44c057b948919daf238b6b1463d7b1c47c91420a539346ccc8436b77387b527 rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm cde1cbfe9e860af0cd849fb742cffa0fe5128ceb80f93497b3f8571fa0752517 rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm 79fec13dace5e8b27fabccda2bf8904f5279779a88b3a67a4c156db8c03003da ruby-libs-3.3.8-10.el10_0.aarch64.rpm 3047cd6bffc21c866379fba799f8f0bd24ffc831039a01e7ed0947910385a96a RLSA-2025:8135 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python-tornado. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-tornado-6.4.2-1.el10_0.1.aarch64.rpm 538bbb2e6525be224cddd28de4ceb6eff51e66d269930101e0357fa4b817e685 RLSA-2025:8137 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CVE-2024-53104) * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.13.1.el10_0.aarch64.rpm 833bb1211dee45633aeb1e7275a6487e2597953eaa3f265ef7380aab51adc26b kernel-64k-debug-devel-matched-6.12.0-55.13.1.el10_0.aarch64.rpm 40ac18e8f0a055e69fc20d41bed721c60e7efc7c571679d6b6e11f0b72512307 kernel-64k-devel-6.12.0-55.13.1.el10_0.aarch64.rpm e47f4320bb888a4414cdc044045783b76961f45f88ace23b483be95c79cf40cc kernel-64k-devel-matched-6.12.0-55.13.1.el10_0.aarch64.rpm 269139309055811cf0487a705896e41176f1761944a98ef31c8e33c47459276f kernel-debug-devel-6.12.0-55.13.1.el10_0.aarch64.rpm 81899a1401f898e56bf4f71f07f1147b4f08553b331aa7c8c8677db98fb56ce1 kernel-debug-devel-matched-6.12.0-55.13.1.el10_0.aarch64.rpm e6d4eafacffc49a27608ef3b368a7a340430be7fd0bb62bb5dd923d6237d9bd8 kernel-devel-6.12.0-55.13.1.el10_0.aarch64.rpm 049ff06e926abbd7fbd5eaee7b00f2b64c7613b5c5516c602f89bad2274436c1 kernel-devel-matched-6.12.0-55.13.1.el10_0.aarch64.rpm 92d90095029abe3eadc9cfdbed2ca94f68db65225a4c19e088643b14715d27d8 kernel-doc-6.12.0-55.13.1.el10_0.noarch.rpm 482583a6393ab29fbb7c2e4e5780c0fe2ec7a06756d38cf0a4b861fc4fa884e3 kernel-headers-6.12.0-55.13.1.el10_0.aarch64.rpm 574ae2092b94a3cf622a8bd2935321eab9098e7b0ebd8857ee5681b9efa3650e perf-6.12.0-55.13.1.el10_0.aarch64.rpm ada95c9e11717c3600d7485be3dfc6905a033da1437496e2722b06c1256da0a7 python3-perf-6.12.0-55.13.1.el10_0.aarch64.rpm acd7eb0b623ad7f9dd49678198938c6a3a83ed1eb6a2aa169087e6a813f25e76 rtla-6.12.0-55.13.1.el10_0.aarch64.rpm 8b773e8d33e34c2d566f0d174dfaf69608f26423dd86727c1d20fcde97187c0e rv-6.12.0-55.13.1.el10_0.aarch64.rpm 46873ab815b35bf27e0eca500089a7a977fbc91728bb6457d0c3d66410523ea6 RLSA-2025:8184 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-3887) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gstreamer1-plugins-bad-free-1.24.11-2.el10_0.aarch64.rpm ea858f7ba32aa49adbc5155a4d39ec83ffac617993353e1827e808f2efae35c0 gstreamer1-plugins-bad-free-libs-1.24.11-2.el10_0.aarch64.rpm c7c845023a336b83e6539eb532da647615b8d14e42e484fa394af342a4f95b74 RLSA-2025:8196 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909) * thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875) * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877) * thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-128.10.1-1.el10_0.aarch64.rpm f815272496337abb938f0df455da55cfe7bc88cdc4da3dfaa23a6ecd8a1afefc RLSA-2025:8341 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-128.11.0-1.el10_0.aarch64.rpm 8e7fe33789bef842b37ee3f95c92f8e2d2cbd20ae889937252b72cb534c2da16 RLSA-2025:8374 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CVE-2025-21919) * kernel: cifs: Fix integer overflow while processing acregmax mount option (CVE-2025-21964) * kernel: ext4: fix OOB read when checking dotdot dir (CVE-2025-37785) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.14.1.el10_0.aarch64.rpm 3d1204295e1a085328219ed70d048d46d661de956b3c087ec1eb32cc3f14796d kernel-64k-debug-devel-matched-6.12.0-55.14.1.el10_0.aarch64.rpm d27f713b07905fbed1f59d17e4b038fe55e9e1504c74f75bb3789c10a59864df kernel-64k-devel-6.12.0-55.14.1.el10_0.aarch64.rpm e32628fb391f204f6787d562b5a37a546cfbc9f660721424b90543233af84910 kernel-64k-devel-matched-6.12.0-55.14.1.el10_0.aarch64.rpm b71e6cec2cf04eb79d5fb79ce108137a29cc90368f25b09d0922a1a48fdd5c95 kernel-debug-devel-6.12.0-55.14.1.el10_0.aarch64.rpm 4872a2d2c3148f27837de1a0e5e7941ea749c5fec245159d327939f50b6c2ef3 kernel-debug-devel-matched-6.12.0-55.14.1.el10_0.aarch64.rpm d8832f60755e58c6e747def1c0d2c0f6c3a7423e53085c9d065ead8307bc9f0d kernel-devel-6.12.0-55.14.1.el10_0.aarch64.rpm ceda892c569bdb85a5aff76a65c27426fd568dbe5a85d995e37e7c8fdc1affd7 kernel-devel-matched-6.12.0-55.14.1.el10_0.aarch64.rpm d869772c607a6984a9e8dc3535f8c5e43a135a628b6f62822f8af1bc430bb65c kernel-doc-6.12.0-55.14.1.el10_0.noarch.rpm 8adc17da86a9b84bffdd83f8677632954b97112d904de914093596db77ecb321 kernel-headers-6.12.0-55.14.1.el10_0.aarch64.rpm ca23272062255009125d909bda4599d221f6b5df2b5f81af0f374f65dbe90e36 perf-6.12.0-55.14.1.el10_0.aarch64.rpm c4b53a9e360ea7e06c77374985730634b115567cd85bf7a5834b333208e47459 python3-perf-6.12.0-55.14.1.el10_0.aarch64.rpm 7e4d4e46f9bdac8c568a9097dabf26b0c572c8b75aaf697b5934a02db91b5b1c rtla-6.12.0-55.14.1.el10_0.aarch64.rpm fe47aa39e51fda9ab0f95774c7bcd1ad7a7087a99cdf41ca512c60e89cfa1dcf rv-6.12.0-55.14.1.el10_0.aarch64.rpm 295de265af585deb6f467bc9af150a32519028bc2c379dc85eb13888a003c03f RLSA-2025:8477 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms golang-1.23.9-1.el10_0.aarch64.rpm 214838533d4f16dde82db9015e0f3216204774391b9797b3a3462f49b946cf39 golang-bin-1.23.9-1.el10_0.aarch64.rpm 91feafb36fcf948cef64bc503232bd950c8f473fc6bc0e2d0c1b214adbcdf330 golang-docs-1.23.9-1.el10_0.noarch.rpm bdd2760b73c9324ad1b4499a8f0ac93db56f828057b077941bb8e625050d26a7 golang-misc-1.23.9-1.el10_0.noarch.rpm 69b802400d4176e7bad9d0c1f1b5d73e5b76c67b3e976c8e150d266ce45a7ced golang-src-1.23.9-1.el10_0.noarch.rpm 431c56db3fafa2e52ebeaf24f7722efd266be7ac65dfbb6ce76ec106d22711b8 golang-tests-1.23.9-1.el10_0.noarch.rpm 3215e7950d792a9a14b68b16cc720ae61ec83fe3b50223d9fb441bcaee76e7c9 go-toolset-1.23.9-1.el10_0.aarch64.rpm e65cd9c4219c6766f8b4fe11ba111569622f1fb0f90aeb39a49555422bdc6711 RLSA-2025:8493 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for nodejs22. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices. Security Fix(es): * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms nodejs-22.16.0-1.el10_0.aarch64.rpm e068aebe64784517741581d5b515d18c091a928cab1cda91e1b1f21ea09ae36c nodejs-devel-22.16.0-1.el10_0.aarch64.rpm 1180e50876c81caae1d254c96892c864f4f31d11eace6361831385b04cd98cde nodejs-docs-22.16.0-1.el10_0.noarch.rpm f120d25fe9ff48ab63fa1691b7c726ce10a6aea9d36e5fd8d312b8da1618d995 nodejs-full-i18n-22.16.0-1.el10_0.aarch64.rpm 226925b681748d46ec02b52fa9212bf70de0fe8aab5585ab75af2b263c990728 nodejs-libs-22.16.0-1.el10_0.aarch64.rpm d0c8c67f783a6a601e217e9decf3078c616518b86db8f9a9de73f2c6a1395ab6 nodejs-npm-10.9.2-1.22.16.0.1.el10_0.aarch64.rpm ccc316b8739541fd7e2f29208446bfd4e6ef812a5c9f8ba3ec1f45ecfa8f0832 RLSA-2025:8550 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for varnish. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: request smuggling attacks (CVE-2025-47905) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms varnish-7.6.1-2.el10_0.1.aarch64.rpm a028f0a346651208b2faa4658432d1da990580575c55ee4b00b08a9d30a34df3 varnish-docs-7.6.1-2.el10_0.1.aarch64.rpm 6d9691835d72bc337ccde1a986c97c4afefbc84bbfa7e2a388717d01deea4dd0 RLSA-2025:8608 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918) * firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919) * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267) * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264) * firefox: thunderbird: Memory safety bugs (CVE-2025-5268) * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266) * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263) * firefox: thunderbird: Memory safety bug (CVE-2025-5269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-128.11.0-1.el10_0.aarch64.rpm ca9894e6e7a37f80729f5ef86110f5d4cd2244d8fe45d058b510bb054cfb5025 RLSA-2025:8636 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for perl-FCGI. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FastCGI Perl bindings. Security Fix(es): * perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms perl-FCGI-0.82-13.1.el10_0.aarch64.rpm 12d4b7f294a54818bbc71f823841d9c8d230b3bf3deca7437593aa7282f8f657 RLSA-2025:8666 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms grafana-10.2.6-18.el10_0.aarch64.rpm 5ec6d797e4092fcdab3e79b666dc711343b6497a2e89a48013882a864f0a02dd grafana-selinux-10.2.6-18.el10_0.aarch64.rpm 2da1fdd10c9127a03da7ade8081f0563a564e4c287b632329784165c1f7f7041 RLSA-2025:8669 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: vsock/virtio: discard packets if the transport changes (CVE-2025-21669) * kernel: net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926) * kernel: xsk: fix an integer overflow in xp_create_and_assign_umem() (CVE-2025-21997) * kernel: net: fix geneve_opt length integer overflow (CVE-2025-22055) * kernel: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CVE-2025-37943) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.16.1.el10_0.aarch64.rpm 30fb2c1cfedf6cd87650f8a02702e57f28aa32f3a51e35b83995cfdc52bea91b kernel-64k-debug-devel-matched-6.12.0-55.16.1.el10_0.aarch64.rpm 31d59c84f03fe3f1cc08f7ca0c5bb193be866208eaa9f4c17ae6fac8b79beceb kernel-64k-devel-6.12.0-55.16.1.el10_0.aarch64.rpm dbb33eb0812e0b8109e90b191dbc5d77946bb8de354e13d4fcc5b0b709f4fee7 kernel-64k-devel-matched-6.12.0-55.16.1.el10_0.aarch64.rpm f695515cfa4db2c5098533e0518c0450b569ffc9670ead57c3d281e5264e0eec kernel-debug-devel-6.12.0-55.16.1.el10_0.aarch64.rpm 28463e469fe6d24636afd9abe363b0df934af50f2b5e5257cb53778fdddb3f3c kernel-debug-devel-matched-6.12.0-55.16.1.el10_0.aarch64.rpm eef60074b5a200e3a92e9416b9b2c16fa43577958b889a184fd933fedec33ab7 kernel-devel-6.12.0-55.16.1.el10_0.aarch64.rpm 862175f00819ebe5ef7f9acd58c2f671b6664fbda8a371fabc1cf882d57a5ecf kernel-devel-matched-6.12.0-55.16.1.el10_0.aarch64.rpm 3d1b72d3a89bc58b65e281fd8f95c86574da45cad232a237106bfb0f14deb7d8 kernel-doc-6.12.0-55.16.1.el10_0.noarch.rpm c6d7acac1e26b0a460bdc40b0adb14fc465b0198f2359a7c8f677efe8321b0e5 kernel-headers-6.12.0-55.16.1.el10_0.aarch64.rpm fac0a26209bb50a74c671c80ee0da291209a7384cca7df1b7772e31e3d288a6b perf-6.12.0-55.16.1.el10_0.aarch64.rpm 147cc0c113a3e3a1e638d69a26db7a6013f150a180ee818319693f83a729f57b python3-perf-6.12.0-55.16.1.el10_0.aarch64.rpm ab36fcf490d0ee12a8cdee3c75c67c35cae70c60eafe5ab22c9dfd26a90e948b rtla-6.12.0-55.16.1.el10_0.aarch64.rpm 24921dc5d3b4da75a6c7a121252b2508ac132f4a4649488ad1a1d054606f7e8b rv-6.12.0-55.16.1.el10_0.aarch64.rpm bbb980754d9c4a24ebbbbe513f94a8e710828c5ad8c37cbafc22a28d31f3bf57 RLSA-2025:8814 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime 8.0.17.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-8.0-8.0.17-1.el10_0.aarch64.rpm ea11a7a3f4a3fcd5bd59ef04fc54cd0de54ef46e3e9cd83d380f71365ce4e5ec aspnetcore-runtime-dbg-8.0-8.0.17-1.el10_0.aarch64.rpm dea386f1a9c079a35f44afeffba18314219c473656109b67a8963ed7e7911090 aspnetcore-targeting-pack-8.0-8.0.17-1.el10_0.aarch64.rpm 2165259f409c299009037623e1a19261086c7de52eaff437e7034555d1101b6d dotnet-apphost-pack-8.0-8.0.17-1.el10_0.aarch64.rpm 289fbba0c6437cfa0c72da69b10715978f2c858bb0fb2cc2d73862c86302179e dotnet-hostfxr-8.0-8.0.17-1.el10_0.aarch64.rpm 554776cb7ca5ed84350bb0cc3f94813ea7d849ed58706568e073b64975c31a6b dotnet-runtime-8.0-8.0.17-1.el10_0.aarch64.rpm c1de70c25acc557e578796c17818a825eaf3116192c151788c2d79eb68bbdee1 dotnet-runtime-dbg-8.0-8.0.17-1.el10_0.aarch64.rpm e0592311bdbca2501406e40dc4779e13277907ba2b45ba3720ebbbf2428122ae dotnet-sdk-8.0-8.0.117-1.el10_0.aarch64.rpm 83cf0c847c33f029b03edf2c92d947cf041ff80f0aa8d0f4de1f57eeda4be212 dotnet-sdk-dbg-8.0-8.0.117-1.el10_0.aarch64.rpm d95a300c0bc82396be2ae2a4a7b21c8f3a7def7365518363a6c07819c4d61d64 dotnet-targeting-pack-8.0-8.0.17-1.el10_0.aarch64.rpm dc39173f2eefe868dd6c78070f707edcc9f82a18947b9029c0c8c31615b0235b dotnet-templates-8.0-8.0.117-1.el10_0.aarch64.rpm 0a301971876eb27381dccdfa7dc0cf845646e8603097e2261cdd429e8efe8f84 RLSA-2025:8816 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Security Fix(es): * dotnet: .NET Remote Code Vulnerability (CVE-2025-30399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aspnetcore-runtime-9.0-9.0.6-1.el10_0.aarch64.rpm 2630d01a35da7ba52379e8230c411cfb1f07b2bce382347874809ae4464215aa aspnetcore-runtime-dbg-9.0-9.0.6-1.el10_0.aarch64.rpm e2d6cfd177af9ea959b3b32ca531c9f71a8d4dec482d22d83713555f12084f66 aspnetcore-targeting-pack-9.0-9.0.6-1.el10_0.aarch64.rpm 1ad5a8eb2e743e4b82671307457540cd5c597f5e7114d883d76e2819ece742a5 dotnet-apphost-pack-9.0-9.0.6-1.el10_0.aarch64.rpm 11d65f15b3c76e6ce1f48b7bef71c4ab2632a1f269591ea19f64692fd6cf8fd5 dotnet-host-9.0.6-1.el10_0.aarch64.rpm aeeb037fcdfa1e767682aeb714fae10fc53b9482deb3d85aa6cab7e1862f5199 dotnet-hostfxr-9.0-9.0.6-1.el10_0.aarch64.rpm f84f6acbb39aab92de7fb6088678bd764d277b75b9906c41d38b0f6949b92747 dotnet-runtime-9.0-9.0.6-1.el10_0.aarch64.rpm 9a3c749d2174e236b0a6aa34a8bb3dcfe5443e4a7c9b362c6bde85b6c6119350 dotnet-runtime-dbg-9.0-9.0.6-1.el10_0.aarch64.rpm fc5a1e7e9dd4315b88311fb76f256e496237c7f76d343f139f9564db95c75bd2 dotnet-sdk-9.0-9.0.107-1.el10_0.aarch64.rpm 2319013c3d69dfd9dec9577e661049fda94b82ce6450a7e9987980d772b5598e dotnet-sdk-aot-9.0-9.0.107-1.el10_0.aarch64.rpm 010267412220c6204331e5a0af5d36e295f79facfd020ba2377e5fc7d31f68cd dotnet-sdk-dbg-9.0-9.0.107-1.el10_0.aarch64.rpm 680f8cc407143b14fcb3124b96c65e01e9927e122bc3504013c140ea42751e61 dotnet-targeting-pack-9.0-9.0.6-1.el10_0.aarch64.rpm 4fdc067534349619343583196e0970840d6e172d5d0fa8584cd1b95bbd291249 dotnet-templates-9.0-9.0.107-1.el10_0.aarch64.rpm 34cfad8620e035ea0acde05502b86087048c73d18252a3874c9c17e960c2ad9d netstandard-targeting-pack-2.1-9.0.107-1.el10_0.aarch64.rpm 0bc48992f5bcd7245e7a5aa2d25e1450ee94458ecc0353074a01a026d123d446 RLSA-2025:8915 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for grafana-pcp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms grafana-pcp-5.2.2-3.el10_0.aarch64.rpm 9803453c5afe2511b26a2621a2a8708d574d816ef21f3c6ad065b835a215262c RLSA-2025:9063 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms git-lfs-3.6.1-2.el10_0.aarch64.rpm 02b07fa85180b39d0e95119b5a67b7c5ff1d84e91778ac135ea9678b2cc4f073 RLSA-2025:9079 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764) * kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CVE-2025-21887) * kernel: keys: Fix UAF in key_put() (CVE-2025-21893) * kernel: cifs: Fix integer overflow while processing closetimeo mount option (CVE-2025-21962) * kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (CVE-2025-21969) * kernel: cifs: Fix integer overflow while processing acdirmax mount option (CVE-2025-21963) * kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy (CVE-2025-21979) * kernel: smb: client: fix UAF in decryption with multichannel (CVE-2025-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.17.1.el10_0.aarch64.rpm b64dcda5940be55d1d3e40bda069468bc548d6b01186c10a49156ce1e0a1e9ce kernel-64k-debug-devel-matched-6.12.0-55.17.1.el10_0.aarch64.rpm 30ea0401b2bc35917c3de3c9fa384e09d6e39bb4234a86b7b7de321c3f3b0adc kernel-64k-devel-6.12.0-55.17.1.el10_0.aarch64.rpm 82361dc88d8e46f923f2eed86bfbf73fce621e6de13cb28b75921f981a755695 kernel-64k-devel-matched-6.12.0-55.17.1.el10_0.aarch64.rpm 950b764a71e98e61d452849da52d5fd1c436a1b68f68db24a4d551fbe1178f7e kernel-debug-devel-6.12.0-55.17.1.el10_0.aarch64.rpm 8afa09f56f72cdadf39a4b47cf69ae74e8e6748baea667686d98cedea45006ae kernel-debug-devel-matched-6.12.0-55.17.1.el10_0.aarch64.rpm 8781aca1aaf781d4cb4274a416f263ff2875da0787dbe3f338c8bdc961195d11 kernel-devel-6.12.0-55.17.1.el10_0.aarch64.rpm 3a97c440de0f2c29dbd7078a42727d9d4473eb44ebe66ab5a4ba3d178d28ecde kernel-devel-matched-6.12.0-55.17.1.el10_0.aarch64.rpm 155ba755ba3c88d7da3c5261d51136b4c316acb9550fd53014f8e14cebfc1879 kernel-doc-6.12.0-55.17.1.el10_0.noarch.rpm 87ac85377552a790aad9fc9c5706e32c3dcb9be01df4e2dc52840555e14e7cb3 kernel-headers-6.12.0-55.17.1.el10_0.aarch64.rpm 72a4b2786e63769c79acb1cacc63cabd73679104ec1f73f659bb540d1a4c7e8c perf-6.12.0-55.17.1.el10_0.aarch64.rpm c3c8700a28b2d83c8fdba7304c06f279c2e2d6dce4055a3bc704307dfdcaba22 python3-perf-6.12.0-55.17.1.el10_0.aarch64.rpm 545ec2a031aaad93733d1aae6f4b45f27b24ab3d92a55acab05e9b8896826174 rtla-6.12.0-55.17.1.el10_0.aarch64.rpm 5de5f4ce4fbd1ccd2c4b8d7a91c6949044ce9b3f72c80fcd85618d26163b6b4f rv-6.12.0-55.17.1.el10_0.aarch64.rpm 70e6983a5c236e64521ddeb9bb8756b6364af42c03ab0000a2ef3c559c5433bd RLSA-2025:9120 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double-free in libvpx encoder (CVE-2025-5283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libvpx-1.14.1-3.el10_0.aarch64.rpm afdf5a1c581eab2548015dc04b09175d0e5262d9e4e2049edff71cf16757544b RLSA-2025:9121 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for wireshark. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix(es): * wireshark: Uncontrolled Recursion in Wireshark (CVE-2025-1492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms wireshark-4.4.2-3.el10_0.aarch64.rpm e3287fe24e29fa3e753576227ffdb3763350584e02ab5bf74508d478c9258c8f wireshark-cli-4.4.2-3.el10_0.aarch64.rpm b61d3af66853fc5430c98411fc44aaad4fc9cfa7c34af11e9e391b05832fff52 RLSA-2025:9148 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms buildah-1.39.4-2.el10_0.aarch64.rpm a6c7341e5bb916800458e7d3c2047b0161055e8171dce1ad6dd588ad7557b756 buildah-tests-1.39.4-2.el10_0.aarch64.rpm 4754030f20380a92032fca0c36bdbcf0b673bae8ce0bcdf7802d396586522bb1 RLSA-2025:9146 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms podman-5.4.0-10.el10_0.aarch64.rpm 82c1499b97b5518e72e5ae7a6eb93abd349a6e9f04c1b541527fd8fedf2fc2e1 podman-docker-5.4.0-10.el10_0.noarch.rpm 72ee4b59f086d755726270ee648923634a2c7363eaecb7668975444143214d9f podman-remote-5.4.0-10.el10_0.aarch64.rpm 6c13d2e086bc8c5d0c4e19d4bd81fe1f2888f04aaf232313571daa638c9ed931 RLSA-2025:9149 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for skopeo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms skopeo-1.18.1-2.el10_0.aarch64.rpm 564c3950698964f67cb49eb14983c5a598e057dd71db24462476fb01a72a5cae skopeo-tests-1.18.1-2.el10_0.aarch64.rpm bee5889d3b1d0840fe21bfdba72530beaf93bc8191b6e1a041185440e8f55226 RLSA-2025:9151 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gvisor-tap-vsock-0.8.5-2.el10_0.aarch64.rpm c8222f0577fc11cbb5371c9573d381a1dec9035025086ffdacd3eddd2692623a gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.aarch64.rpm 1f588cef07960d0ece8fb708bfe0dd68c5e4bfe020ed31500a69481dae746013 RLSA-2025:9156 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms ipp-usb-0.9.27-3.el10_0.aarch64.rpm 56f06cdff6a16f3c9e852cfbd0ac13ad5fa6bc0701da418313a6e57d76e2fc19 RLSA-2025:9178 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kea. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon. Security Fix(es): * kea: Loading a malicious hook library can lead to local privilege escalation (CVE-2025-32801) * kea: Insecure handling of file paths allows multiple local attacks (CVE-2025-32802) * kea: Insecure file permissions can result in confidential information leakage (CVE-2025-32803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kea-doc-2.6.3-1.el10_0.noarch.rpm 6275f987ab175c2cd3f1d3f921183882763992ecd48cfdf1f198505441ac888d kea-hooks-2.6.3-1.el10_0.aarch64.rpm c0e31f642d1dac295a0a25031b620a82ae4536a0fd0da6821d063d80ff1dc827 RLSA-2025:9190 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA (CVE-2025-4404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms ipa-client-4.12.2-15.el10_0.1.aarch64.rpm f87ad8d36d73036e1000f63cfcb8a56dd50d4db79d93b2a40c00537e8262a4f9 ipa-client-common-4.12.2-15.el10_0.1.noarch.rpm 6c1ae01a5131f824bf97c644496f68706f567b22085c430ca56bc03afb053207 ipa-client-encrypted-dns-4.12.2-15.el10_0.1.aarch64.rpm 1ebbfa8917c083a341b7d4d7d1262bf82c3116315fc634ef776f6615f7c88c07 ipa-client-epn-4.12.2-15.el10_0.1.aarch64.rpm 70aad74c1bbc3bbeb89369dae460695c79f2bce35a5aa385cd6201f86363fd05 ipa-client-samba-4.12.2-15.el10_0.1.aarch64.rpm 6caa0f3d3f2dd5ccd682796100b71dc6173ced18cf266dbe3885197c26365f09 ipa-common-4.12.2-15.el10_0.1.noarch.rpm bd4658263915b86e0754a48dfef208eb3a06aeacef66b87e1e3e413c2c0d9423 ipa-selinux-4.12.2-15.el10_0.1.noarch.rpm 9392af39d79b05f3d3584c5e2f8defe0aa763b7c26df19606b6ae69882e9d7f4 ipa-selinux-luna-4.12.2-15.el10_0.1.noarch.rpm 862cf3612971baf244e116d8f0860b18b99683e48e3a976f62be514c9e5ebe81 ipa-selinux-nfast-4.12.2-15.el10_0.1.noarch.rpm da232069356f6a7fed12c9b12c17d4e08adda805fbe718e9ffe83ce286498881 ipa-server-4.12.2-15.el10_0.1.aarch64.rpm 2ba31e8249e9721a80c0a627f6cd09b3d64c952079650a657a8f5f501d5347fa ipa-server-common-4.12.2-15.el10_0.1.noarch.rpm 89236fce67fe052cb19173070c2f50c2b514b865567328686e46a6f845ab302c ipa-server-dns-4.12.2-15.el10_0.1.noarch.rpm 7303e5d8311880f7cae2058f4ed51096749cd5afa1d58e4303823207aefcfce4 ipa-server-encrypted-dns-4.12.2-15.el10_0.1.aarch64.rpm 660d24b6811b0e46280503eff197ca97d7072162d2691827d0a377335ff22039 ipa-server-trust-ad-4.12.2-15.el10_0.1.aarch64.rpm 7431ee688906310eaa0c3762b4f6de1edfafb3175e059d010b302a9e8b121476 python3-ipaclient-4.12.2-15.el10_0.1.noarch.rpm 3acf20126fa2ebd03bd719db4b3fdee63e40f34cfc4a805cca9042354485004c python3-ipalib-4.12.2-15.el10_0.1.noarch.rpm 8296ccacd4fbd8cea4f94f0f3442e6dac1ef32e62d3c197cdfe69cdb6876b69b python3-ipaserver-4.12.2-15.el10_0.1.noarch.rpm 9c5d1580ae5902f184e00a231e6482c31dcb76da4b9d3d4feaea0d772ff7bbd7 RLSA-2025:9304 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode (CVE-2025-49177) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms xorg-x11-server-Xwayland-24.1.5-4.el10_0.aarch64.rpm ab5708c0db650688c39fe888a672b3fc749b62eef6a3dbf80c291eff86aa1a1c RLSA-2025:9317 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for delve. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms delve-1.24.1-2.el10_0.aarch64.rpm fbb44109671e3b8dc12519ae2492ac307c7cd4aabf06103531793422799c8467 RLSA-2025:9307 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * gnome-remote-desktop: freerdp: Unauthenticated RDP Packet Causes Segfault in FreeRDP Leading to Denial of Service (CVE-2025-4478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms freerdp-3.10.3-3.el10_0.aarch64.rpm bc3e15be3f4660526401034582822c7e5aa4e015b35a7c0c2f8e901423e8f828 freerdp-libs-3.10.3-3.el10_0.aarch64.rpm 4b94793f1cf0c4d0a2b9ab4ab885ed40624a4a8ba2e897a48f720ec9706ff8e3 libwinpr-3.10.3-3.el10_0.aarch64.rpm e69a660618cf68be3b40ff89463868ec49575199a9d3d2700ab5c14a953f20b7 RLSA-2025:9328 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libblockdev. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fix(es): * libblockdev: LPE from allow_active to root in libblockdev via udisks (CVE-2025-6019) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libblockdev-3.2.0-4.el10_0.aarch64.rpm c3d776f908ebc2dba71dba1781c382b5e946ab7fdbe09d305b57634cff770c10 libblockdev-crypto-3.2.0-4.el10_0.aarch64.rpm abb72cd41e687dcf19231646cae5b88ad5862119df03dcf751c8b0f690f9cee2 libblockdev-dm-3.2.0-4.el10_0.aarch64.rpm da1942a432abbab9b588db736276f7635ee8a49249f2429e11630c1cdecfee9e libblockdev-fs-3.2.0-4.el10_0.aarch64.rpm a32268d30147949e0be26cda4397bea7aea2e55098c2f3a2c278b35e1065d5fa libblockdev-loop-3.2.0-4.el10_0.aarch64.rpm a7d6b0cae146bc1d426fdee4455bb322365744a3e599f66598c3a48a7ecc6d44 libblockdev-lvm-3.2.0-4.el10_0.aarch64.rpm 90f6c31ddbb4ed65832d878963030d5ceccdb0001bdcea16d2059b5d09d82a65 libblockdev-lvm-dbus-3.2.0-4.el10_0.aarch64.rpm 62ae6eb50c415016f24b5e017384854ca939e682c679af958380f6fb795cb772 libblockdev-mdraid-3.2.0-4.el10_0.aarch64.rpm 7c84153a33ffdb1c624fa7056b831cfeeaae5b8814e4660352c2a61b6b3eab76 libblockdev-mpath-3.2.0-4.el10_0.aarch64.rpm c74e745b5ce9136c7e8c2e4e3ec8ad7db50dd77b45e116b62c668677709d608f libblockdev-nvdimm-3.2.0-4.el10_0.aarch64.rpm 85400b62388d1f6a7419963198ab32aaafafabad595a0f1836f89a2fbe18da44 libblockdev-nvme-3.2.0-4.el10_0.aarch64.rpm ee9355921916a47355b9148ad8ccb9ad3ceb7aa29671b56a8c7ff3d2cf3a342e libblockdev-part-3.2.0-4.el10_0.aarch64.rpm e43678f42ad500e2be7f4e88e9ad15c8588e11e69d83585ec7e681b6f428db69 libblockdev-plugins-all-3.2.0-4.el10_0.aarch64.rpm 0e2b8af5dc7266fab04b83b93f7687cf81af142ce5ef3652fddabd8228cffea2 libblockdev-smart-3.2.0-4.el10_0.aarch64.rpm 8ce98f718db2c7240dce07d89d5899c2cc2c5b73cd56c8d15461280b9e3aee5a libblockdev-smartmontools-3.2.0-4.el10_0.aarch64.rpm 1f75e57154a087287eddb4092b464fffde9a9d4498327adaa1fe7979b66ebc3b libblockdev-swap-3.2.0-4.el10_0.aarch64.rpm 26678e6b11c2678750858b18ea322f91cd8b5b7674d87de36ea7e3b3bfa2dabb libblockdev-tools-3.2.0-4.el10_0.aarch64.rpm 6c349faa5f35d23f4878eea30403afaf8b35686009375146fba6bdb9979c1b46 libblockdev-utils-3.2.0-4.el10_0.aarch64.rpm 8c14cca3c13d2d285d232ab3ee375d201afea7925350e52f91dc166d41b9bced python3-blockdev-3.2.0-4.el10_0.aarch64.rpm 07ee873e954c6fc433fffae39c09a7615cca3d6ff586b0fac3258ca81187b3d8 RLSA-2025:9348 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999) * kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150) * kernel: ext4: ignore xattrs past end (CVE-2025-37738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.18.1.el10_0.aarch64.rpm 39bd659b47308cf85f533323be9fd55fe676938048ab102b7030f0b38b54cc42 kernel-64k-debug-devel-matched-6.12.0-55.18.1.el10_0.aarch64.rpm f09a07a2923d6b7bfe2d79b5753030ae50feda515691b2ec67d929bf72ea89b2 kernel-64k-devel-6.12.0-55.18.1.el10_0.aarch64.rpm 514c9320b4be0ae53397562cf47510c3f06f8a25c83c4690196293783f5edb99 kernel-64k-devel-matched-6.12.0-55.18.1.el10_0.aarch64.rpm 90a616c068be3dc2730902a8f8690e3b6a9d93aa179e11af7840599f68a8aeee kernel-debug-devel-6.12.0-55.18.1.el10_0.aarch64.rpm ff2057575a2b821863b2a288ca731110ea4794b8847c77a26faa5753f5c8be46 kernel-debug-devel-matched-6.12.0-55.18.1.el10_0.aarch64.rpm 01c388f613483eff4b192aebfb6413becaeb091d6479ce10c7bf4bafbfeda796 kernel-devel-6.12.0-55.18.1.el10_0.aarch64.rpm bfd41c01a14a231251e75cd9d8a6ffd8f6686862caa539b762bfc26c7f27014f kernel-devel-matched-6.12.0-55.18.1.el10_0.aarch64.rpm 6fcb3c22b1b6a5ea55aae2ce4b5ffcc01845a6fab015b5cb428b6e11a8f1c68b kernel-doc-6.12.0-55.18.1.el10_0.noarch.rpm d6aadd95b52b9f9c33bb8c8c4e704754124e5611f141be290c10971bfb810ca6 kernel-headers-6.12.0-55.18.1.el10_0.aarch64.rpm 7431ad3460e4f99a69ba0a850ead959578e1f977dc47cbff04b13470ede87873 perf-6.12.0-55.18.1.el10_0.aarch64.rpm be016f3be1feb9294533a11fc785413bed440b6e91aa0001f1991ba2b33ba8da python3-perf-6.12.0-55.18.1.el10_0.aarch64.rpm abecf336585b4d777bddb0ca01df0847e2c97c5f4d36b7818d7ad5d7647d9ba2 rtla-6.12.0-55.18.1.el10_0.aarch64.rpm 42a8b1ab21053230e43ff08fbd3bd5401a46552596255d803acb5411c99b2edc rv-6.12.0-55.18.1.el10_0.aarch64.rpm 1ed35a0a09f18512e76f31a4a212a0a1049f8c83f66dd8fd903f3ca13a296576 RLSA-2025:9418 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for krb5. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): * krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions (CVE-2025-3576) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms krb5-devel-1.21.3-8.el10_0.aarch64.rpm eaaa256108bf9aeed57d61b0ae9641c406d09b1a791464251b5f44f407d35c66 RLSA-2025:9420 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Buffer Overflow vulnerability in libarchive (CVE-2025-25724) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms bsdtar-3.7.7-3.el10_0.aarch64.rpm de5af5683d62db21af9a962d83a95c4a19a74210870daf8130bc0f17301d8d91 libarchive-devel-3.7.7-3.el10_0.aarch64.rpm dcb5fff3212223f63236de105846ac8c1216dd4dcf652e990d3183c5d7864180 RLSA-2025:9466 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_proxy_cluster. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fix(es): * mod_proxy_cluster: mod_proxy_cluster unauthorized MCMP requests (CVE-2024-10306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms mod_proxy_cluster-1.3.22-1.el10_0.2.aarch64.rpm f98cabb7ed902267b4c42ff0b284957b492984a35684ff2bede485bea840ba57 RLSA-2025:9486 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for qt6-qtbase. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security Fix(es): * qt5: qt6: QtCore Assertion Failure Denial of Service (CVE-2025-5455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms qt6-qtbase-6.8.1-9.el10_0.aarch64.rpm 95d6015c0ea514bfa8d5f8711af4dc2beeeb6a41010618467db925e5b444ee0b qt6-qtbase-common-6.8.1-9.el10_0.noarch.rpm 1cb71dc28df65692eeb4c2716a3648f044980fa7291152664beaccd2b7f5185e qt6-qtbase-devel-6.8.1-9.el10_0.aarch64.rpm 8349d53861d311281d0a8ebf7cf510cb69e5db72f67e5949a705978e60c89931 qt6-qtbase-gui-6.8.1-9.el10_0.aarch64.rpm 6b253de0506015aa884307280198e1cac7650238f7448c22d6d1b8a41470e989 qt6-qtbase-mysql-6.8.1-9.el10_0.aarch64.rpm c1be7acb70544d4fb345034ede6d0607411032061b32ca61b910a6e6999bca06 qt6-qtbase-odbc-6.8.1-9.el10_0.aarch64.rpm 77d9b789229ea721a392abeb8080ea829431cfcd8707968feb9a56ab0ea63626 qt6-qtbase-postgresql-6.8.1-9.el10_0.aarch64.rpm de7377b705467535876b141f243c930ca55c0ebe8857b1d95c5ea16cd59fb575 RLSA-2025:10073 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Content-Disposition header ignored when a file is included in an embed or object tag (CVE-2025-6430) * firefox: Use-after-free in FontFaceSet (CVE-2025-6424) * firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com (CVE-2025-6429) * firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID (CVE-2025-6425) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-128.12.0-1.el10_0.aarch64.rpm d1ed13f1479697b51679f74af77f3576692e98c1fd135e48e195e4fd4717cade RLSA-2025:10140 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435) * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718) * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330) * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517) * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-devel-3.12.9-2.el10_0.2.aarch64.rpm 9c5b9eedeee179d0bb93d17179a3d57f4873dc4af9f83f5d888e54e015d2107f python3-tkinter-3.12.9-2.el10_0.2.aarch64.rpm fd77ae589f2c8a2b0cb9bf283f1fedbd56258fc61624c4682ce9a122f6392517 python-unversioned-command-3.12.9-2.el10_0.2.noarch.rpm 12d530c7bbdb489389b29978850ec791c8d04427d287c3e7041e4c212a7af900 RLSA-2025:10195 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-5986) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-128.12.0-1.el10_0.aarch64.rpm fed366e1f80fcb4b2ccba049e424ec7bcf035e10214dc78d2c7e6aeaf56c464e RLSA-2025:10371 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759) * kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CVE-2025-21991) * kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CVE-2025-37799) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.20.1.el10_0.aarch64.rpm da181b7f44d8b6a59f85c9a6bb9cb948113e5f94f4a20ed736ad56b3734b2d45 kernel-64k-debug-devel-matched-6.12.0-55.20.1.el10_0.aarch64.rpm f44d0ee2e0ce3bf1e2216c852e86e9f7c7c0801e255a07d9ee74ce67e1cc09c5 kernel-64k-devel-6.12.0-55.20.1.el10_0.aarch64.rpm 6c547f3925fcd4b33d1457cc111e9f0a1efe7d0c270fb6e53d178fa13b6e282f kernel-64k-devel-matched-6.12.0-55.20.1.el10_0.aarch64.rpm 492118503d855282cef830f1c46cf47742cd2e2112199c98ecaeaabd312fad4c kernel-debug-devel-6.12.0-55.20.1.el10_0.aarch64.rpm 06ff443a5bf63dc17765166baf772c0f40b8afd7ac87f47688a37ce0ef68a663 kernel-debug-devel-matched-6.12.0-55.20.1.el10_0.aarch64.rpm 6e86e41d985293bb573e4d80fd982e09cc40d17782db49c74f1e248d97eeac0b kernel-devel-6.12.0-55.20.1.el10_0.aarch64.rpm 75f471603c3517a8cfd923c8aa0711997397ca783c00ddc7e0313c661b72be92 kernel-devel-matched-6.12.0-55.20.1.el10_0.aarch64.rpm 87c2fee9033b129c349f174ee4dba31c99b776709425fee28d9aa8a4e5359852 kernel-doc-6.12.0-55.20.1.el10_0.noarch.rpm 84e1d7e1d5f97fdcabdfa8801e747413f60ec31266aac03ab1b52efee22825b2 kernel-headers-6.12.0-55.20.1.el10_0.aarch64.rpm c8fcbf9816864b46af04631f257a73e6d34269ec7d4d881d44b84c2892153818 perf-6.12.0-55.20.1.el10_0.aarch64.rpm b64164a99e32aa00639a865a1a5b5a88cfa5b968911258ed1462354a1b90fe4f python3-perf-6.12.0-55.20.1.el10_0.aarch64.rpm 35f6e5b11ebd9b7535dee1954832e1e2b4daf2652e1241bc6aca966ba9edfb32 rtla-6.12.0-55.20.1.el10_0.aarch64.rpm 0063b57eb5dfaa6075ab895876464dbcf18c876a4580066cd0c5f883f1890392 rv-6.12.0-55.20.1.el10_0.aarch64.rpm 89f89bc1f2745f7dcb828bc2e875d3f3608a141c7431d2f3d6e612cc0b71eead RLSA-2025:10549 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: podman missing TLS verification (CVE-2025-6032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms podman-5.4.0-12.el10_0.aarch64.rpm 06efffc4dddaaa33508de3103d8f541200e1cbfd6201bfdc1606f442cc00a0f0 podman-docker-5.4.0-12.el10_0.noarch.rpm 50e57d06c0b4b9b5f81adc49cece6f8a36edbae57426c6f6b3b6cf9939b0ab15 podman-remote-5.4.0-12.el10_0.aarch64.rpm 71cea8fe64c8e8dbc61efc9a09313b5e516579671afbb477e47f324401b39996 RLSA-2025:10635 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnome-remote-desktop. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment. Security Fix(es): * gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gnome-remote-desktop-47.3-2.el10_0.aarch64.rpm 830e187f28a75a2bf54f6cf634b023559d0191ae78e3aae39991a61a191c6d07 RLSA-2025:10630 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794) * libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795) * libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796) * libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libxml2-devel-2.12.5-7.el10_0.aarch64.rpm 300cf207129a0021068ac763ff9da631d782fddd1dc5b828064666a157eca2eb RLSA-2025:10677 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms golang-1.24.4-1.el10_0.aarch64.rpm 980e55d2e8a9c353c0a3ec784b14dff052b76e4c40e21e1305bd7b45347efc6d golang-bin-1.24.4-1.el10_0.aarch64.rpm 23ba13ceb85b13980a440e73e3364973a8efee54334c44a4e3bf8e478064ba57 golang-docs-1.24.4-1.el10_0.noarch.rpm f55ec9fb24d751ffe3187f8ca6c2726708bdf26cc2e04ed86d7500edf65a2eb9 golang-misc-1.24.4-1.el10_0.noarch.rpm c34922495aa0d17cd7ea49e63ba69169799423420eaf62cebd336663b16ba28a golang-race-1.24.4-1.el10_0.aarch64.rpm 413b128c46d0daea5e4e55e946192c83007424acad4e5932d0611b6038055079 golang-src-1.24.4-1.el10_0.noarch.rpm f49a704a94a6fae26328780398d8a6f588082da9aa5dafa3d777cf1a0eb27434 golang-tests-1.24.4-1.el10_0.noarch.rpm e2ce7eb27332c70ecc199fc129838f7f8b37a285a616b50b04779e5e62e0c77f go-toolset-1.24.4-1.el10_0.aarch64.rpm a3f0d12fa45db2c0b0f0f929e2c0540a763a78519ed78a43c01561d6c86acb02 RLSA-2025:10854 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: exfat: fix random stack corruption after get_block (CVE-2025-22036) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.21.1.el10_0.aarch64.rpm ad255a47bdac6e45c9a1f6a79dd14d086110f75de572ba02f329b0cf15d8ecc0 kernel-64k-debug-devel-matched-6.12.0-55.21.1.el10_0.aarch64.rpm be39786f091c7de3916a02c6981698d07725e6a7b08d90742109efe0721c7a90 kernel-64k-devel-6.12.0-55.21.1.el10_0.aarch64.rpm adf2bdbc6a263ab4d466b93484e12a52991582526c8ddf86736351124383d93b kernel-64k-devel-matched-6.12.0-55.21.1.el10_0.aarch64.rpm a9436a3998735f54ea3c78ce451fd6000705b055f647d21506c0c1a60b1fbcca kernel-debug-devel-6.12.0-55.21.1.el10_0.aarch64.rpm 8504312c7514545b31aa1bc64a17b61f50afe63f5b68730133bece5f445ee2e5 kernel-debug-devel-matched-6.12.0-55.21.1.el10_0.aarch64.rpm e74c83c3bef80b1232075744dc20f674fbcb07ab39049b88db517da1ef942327 kernel-devel-6.12.0-55.21.1.el10_0.aarch64.rpm ba51323cce5854ec4c7acfabfb44eb7c0be2f662e35cbe0a91b287fc3ff548cf kernel-devel-matched-6.12.0-55.21.1.el10_0.aarch64.rpm 1e6f09c6d9e06203c47eebc4c25cc8a22bd05400bb0d3cff8ac292a8a1e4ec7c kernel-doc-6.12.0-55.21.1.el10_0.noarch.rpm 0fac73f3048e88895bcfd0fe2e3c15ac66aa8975f75064ae479705e011cdcc9a kernel-headers-6.12.0-55.21.1.el10_0.aarch64.rpm 4b3cf8194c4e8c422361dd8e534531019370e0b29eff1713b750fdfd99c634f2 perf-6.12.0-55.21.1.el10_0.aarch64.rpm 1ee398107f7aae336c719dffce7804ca1e93be17012248663e02ee3c5d3d2be5 python3-perf-6.12.0-55.21.1.el10_0.aarch64.rpm dcbf5e52cbced861b305b935804550944da99aa6d5e150ffb08cc18260b9da92 rtla-6.12.0-55.21.1.el10_0.aarch64.rpm e80f704012dc803119ba6c4874a68273439f47c298044a063cd18b817ede9b55 rv-6.12.0-55.21.1.el10_0.aarch64.rpm c6e60a708f337dfe930f9e2de759518024169c8baffaa6d15bc3e2f1285f5e6f RLSA-2025:10855 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glib2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib: buffer overflow in set_connect_msg() (CVE-2024-52533) * glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar (CVE-2025-4373) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms glib2-devel-2.80.4-4.el10_0.6.aarch64.rpm 92e941096085d95d725fe731e5a86d7b5b9a1c41c41bf3a89286d0cbbef16f58 glib2-tests-2.80.4-4.el10_0.6.aarch64.rpm 2bceec9eb9d3ab6b64eaf8414281f1cab2c4a668f264a06b5f3e5de3a5c63441 RLSA-2025:11066 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Vector register overwrite bug in glibc (CVE-2025-5702) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms glibc-devel-2.39-43.el10_0.aarch64.rpm 1d469b8b729150a576439112857b21cb35aa257ae9f4067a7ac519cbf34dc8ef glibc-doc-2.39-43.el10_0.noarch.rpm ed381b944944b79f2ea78160249b79318e5cfb1e89d3a5930194fa31cd0ec093 glibc-locale-source-2.39-43.el10_0.aarch64.rpm 85a5b2b1ba39dea5c67c5836e60bdaaf0cc203f2267c71ec63cb118f361fd400 glibc-utils-2.39-43.el10_0.aarch64.rpm 45ff5491840db4d796f546d092dc0a6e637bb030bc366305656fe851b4363e12 RLSA-2025:10873 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for java-21-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * JDK: Better Glyph drawing (CVE-2025-30749) * JDK: Enhance TLS protocol support (CVE-2025-30754) * JDK: Improve HTTP client header handling (CVE-2025-50059) * JDK: Better Glyph drawing redux (CVE-2025-50106) Bug Fix(es): * In Rocky Linux 9 and Rocky Linux 10 systems, the default graphical display system is Wayland. The use of Wayland in these systems causes a failure in the traditional X11 method that java.awt.Robot uses to take a screen capture, producing a blank image. With this update, the RPM now recommends installing the PipeWire package, which the JDK can use to take screen captures in Wayland systems (Rocky Linux-102683, Rocky Linux-102684, Rocky Linux-102685) * On NUMA systems, the operating system can choose to migrate a task from one NUMA node to another. In the G1 garbage collector, G1AllocRegion objects are associated with NUMA nodes. The G1Allocator code assumes that obtaining the G1AllocRegion object for the current thread is sufficient, but OS scheduling can lead to arbitrary changes in the NUMA-to-thread association. This can cause crashes when the G1AllocRegion being used changes mid-operation. This update resolves this issue by always using the same NUMA node and associated G1AllocRegion object throughout an operation. (Rocky Linux-90307, Rocky Linux-90308, Rocky Linux-90311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms java-21-openjdk-21.0.8.0.9-1.el10.aarch64.rpm d8f41de4e9daeff92c9c05033361120f8b108357537af9e957efa62e33e74b0c java-21-openjdk-demo-21.0.8.0.9-1.el10.aarch64.rpm 54557fa28bdd6339b3eb2cdd3fca2ca3355ee7c4537aa68bccdbda46dc50dafa java-21-openjdk-devel-21.0.8.0.9-1.el10.aarch64.rpm cf06081c0208a031eac2898d713c808111e1e3cf20e68c0a1f2546a55cb40391 java-21-openjdk-headless-21.0.8.0.9-1.el10.aarch64.rpm dd2e64fafc8ddd4be6208bff883e5d81b2bb5775eba54d4b53c27bce8614c498 java-21-openjdk-javadoc-21.0.8.0.9-1.el10.aarch64.rpm e2af22fad19e7ec43e0e26cc89a82428740e4c57511be405343367aca02a4ca0 java-21-openjdk-javadoc-zip-21.0.8.0.9-1.el10.aarch64.rpm 220021d27900977a1fc90e5c554b4fe3da03d47f777475bf9d392d4ba9e029f4 java-21-openjdk-jmods-21.0.8.0.9-1.el10.aarch64.rpm 4d9847a358e92f9cfac08a95f628af3658fe1b1ff3f441e6ab883d0047c5de0c java-21-openjdk-src-21.0.8.0.9-1.el10.aarch64.rpm 5094731d64fc7427cc485c30a2beec31fc2d45307f44c1b4bbc8fbd894bd99b4 java-21-openjdk-static-libs-21.0.8.0.9-1.el10.aarch64.rpm aa68c5bc3ed6b3f9f8e7f7dac68be1ff434dd877e5d0194e2dcb1a38e4159c7b RLSA-2025:11332 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) * tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms tomcat9-9.0.87-5.el10_0.1.noarch.rpm 7c11353e58e4822db9739e90e1b99462f3be11ed491be1beb1be7807545181bd tomcat9-admin-webapps-9.0.87-5.el10_0.1.noarch.rpm 3d6851aa27bf852945314cbad8a11ba59df3e3cbe7ed6ac0e5a5f29c58225d40 tomcat9-docs-webapp-9.0.87-5.el10_0.1.noarch.rpm a9f4d0eeabb6df8ffa9e7a332446f5a161ada29c77a0d38fb801fc826504e033 tomcat9-el-3.0-api-9.0.87-5.el10_0.1.noarch.rpm 38b76b62dec96d2400b4a5030c61a93d6865897a63fd032a2b9f1076eafe9c2d tomcat9-jsp-2.3-api-9.0.87-5.el10_0.1.noarch.rpm cf01a3d83ada8424330926b49aaa536c4dfb24576f057cc989a0b3a14c441883 tomcat9-lib-9.0.87-5.el10_0.1.noarch.rpm 29e509374ef0700c32eb589736d9d80bddbe255b252cd9f927e1e3f21bf5ec3e tomcat9-servlet-4.0-api-9.0.87-5.el10_0.1.noarch.rpm 0ca600cd745cbb59544aafe2278a75381d4da269d7ac01aaeb9b61eba69210df tomcat9-webapps-9.0.87-5.el10_0.1.noarch.rpm f5b988b6558b3992d98428ec7af5cf620fc24157d925e3ab1cb9fa27488fa459 RLSA-2025:11401 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): * redis: Redis Stack Buffer Overflow (CVE-2025-27151) * redis: Redis Unauthenticated Denial of Service (CVE-2025-48367) * redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability (CVE-2025-32023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms valkey-8.0.4-1.el10_0.aarch64.rpm f05d1299c00a25bcfbb9b0d475a9b418bf58732acd4f4afc527bf4cdfef1d9ee valkey-devel-8.0.4-1.el10_0.aarch64.rpm 6b8c08f6f477ec956d4601cb59b8a771e6e67bec467e0c5e24bef678e84d34f4 RLSA-2025:11428 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: media: uvcvideo: Remove dangling pointers (CVE-2024-58002) * kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980) * kernel: wifi: iwlwifi: limit printed string from FW file (CVE-2025-21905) * kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry (CVE-2025-37958) * kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CVE-2025-38089) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.22.1.el10_0.aarch64.rpm 5227cf0372e19b5f7d665cb7ebcb13dfa970f955a59dffe063281ea365dd6881 kernel-64k-debug-devel-matched-6.12.0-55.22.1.el10_0.aarch64.rpm 5a8e1070d8919bd52129b0523b9f2ad3909ffa77277e818803f28abaaefd02e0 kernel-64k-devel-6.12.0-55.22.1.el10_0.aarch64.rpm a87026d5dbd41f5348c8e95669d7c3c833e5f31bf24eead5ce1b32f9db6bcb13 kernel-64k-devel-matched-6.12.0-55.22.1.el10_0.aarch64.rpm 652024a94697a3180ea7140ff66c4030b3867ca4409d6a5a4ee8097df654393c kernel-debug-devel-6.12.0-55.22.1.el10_0.aarch64.rpm 7b42432291b716755997a36808226cb7fb4630bd0f7dab62f19d166fcd06c3f8 kernel-debug-devel-matched-6.12.0-55.22.1.el10_0.aarch64.rpm a048fadfa5a8c597b351ef5c0e9cf06a41ac556050f5d15894bbb4e1e88f360d kernel-devel-6.12.0-55.22.1.el10_0.aarch64.rpm beacbb023ef3ad4f3704c3d7059657dba5745cee4d67c5df57bc73a40d0475e8 kernel-devel-matched-6.12.0-55.22.1.el10_0.aarch64.rpm 0fe1bbecbffcef173bf47ee4a1a154ad64cd4f2a6c30139bc7b7639300024891 kernel-doc-6.12.0-55.22.1.el10_0.noarch.rpm 57373126cd581bffae6ce7e61877d24464b49b3c16e4a3101d64c082da094efc kernel-headers-6.12.0-55.22.1.el10_0.aarch64.rpm c06de8d919074cd41cffb4e0a2582cc86cb9144186b32cd039189128b0150f55 perf-6.12.0-55.22.1.el10_0.aarch64.rpm 855078e53a00bf9c9f9d3ff5577725697afb1de603494264019ec2d2008b4746 python3-perf-6.12.0-55.22.1.el10_0.aarch64.rpm 27294678fa9418e97a22a58056009dff6a5476e8de53ed9af388d86557a25a95 rtla-6.12.0-55.22.1.el10_0.aarch64.rpm fe58daab57fa76eb133ec9cb1a4ab0828c3e407e7165c5c9f88fb64eb4107dc8 rv-6.12.0-55.22.1.el10_0.aarch64.rpm d86db90db76dcae35cd63604c568fbea5b7fdbfd055606176538b459a0dc7453 RLSA-2025:11537 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: LPE via host option (CVE-2025-32462) * sudo: LPE via chroot option (CVE-2025-32463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms sudo-python-plugin-1.9.15-8.p5.el10_0.2.aarch64.rpm c64c1ee4867f97c06a01007f855e033256009f66cae48c4e1ad9f40025d12008 RLSA-2025:11797 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-128.13.0-1.el10_0.aarch64.rpm 11493c038658b01fc58838ea15239b682a0b9fdbef8850d4f1a88204dff20c85 RLSA-2025:11855 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: RDMA/mlx5: Fix page_size variable overflow (CVE-2025-22091) * kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CVE-2025-22121) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797) * kernel: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (CVE-2025-38088) * kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CVE-2025-38110) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.24.1.el10_0.aarch64.rpm eb5a937a846a4825c80896ba6879f1b5899ce8cc2085666ac7c27e91a4dc0df8 kernel-64k-debug-devel-matched-6.12.0-55.24.1.el10_0.aarch64.rpm 77af98c55f2dc956a4c4b63551971a3b8d4e0d14a6b05e2b65d0a46f1c4f63f4 kernel-64k-devel-6.12.0-55.24.1.el10_0.aarch64.rpm f151d92c5545d813821dcea332df57f4003ea1c60ae911d60accd0919c2caf88 kernel-64k-devel-matched-6.12.0-55.24.1.el10_0.aarch64.rpm 58b898ba60dbed10394c3aa96e232d6337d060ef0dc5ef66263d568817e6cc19 kernel-debug-devel-6.12.0-55.24.1.el10_0.aarch64.rpm bb31ae3a206cb91e1614e8e2cd8aa8c16a56386f77394b376500854daa934728 kernel-debug-devel-matched-6.12.0-55.24.1.el10_0.aarch64.rpm b296c4b8d4e8e854b1394e7596b8980188e93796a36df6434eb05fb453adbe07 kernel-devel-6.12.0-55.24.1.el10_0.aarch64.rpm 0a8eb0328c8eed2c80fe830a4fa6ac55d2867d11ea32b2be0afbbc077ef911eb kernel-devel-matched-6.12.0-55.24.1.el10_0.aarch64.rpm 3c4d9dcf6184a411b04516847d9eb8d4288fb1060e45658c269c73e51635ea02 kernel-doc-6.12.0-55.24.1.el10_0.noarch.rpm eb25387de4a44c1f7f2648f580ab9c31b3eeba35aee638fc2488206fef99d504 kernel-headers-6.12.0-55.24.1.el10_0.aarch64.rpm 6b43e598a55675145c03c237a4bfef90868f1e0b407b6d9fee6b37b93e017666 perf-6.12.0-55.24.1.el10_0.aarch64.rpm 16fb4ca52adbc4708fc3103dc485502be8dc133b075fda9951539795ea6b7961 python3-perf-6.12.0-55.24.1.el10_0.aarch64.rpm 74895941de8429caca2a226ed9e7d8597f569d509d6d3d9d38491778f477b842 rtla-6.12.0-55.24.1.el10_0.aarch64.rpm 45eac54c1f563b48976c3172cd6fceabc399ed13be2ca9c478374a67284f24ec rv-6.12.0-55.24.1.el10_0.aarch64.rpm d9718f57660b753d139bcebf83a2bd2cc79f4e5a389f23a65c27c7585a81a442 RLSA-2025:11888 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for icu. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Security Fix(es): * icu: Stack buffer overflow in the SRBRoot::addTag function (CVE-2025-5222) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms icu-74.2-5.el10_0.aarch64.rpm 0c9666d12dcd2855812972ccf49d0b569583fa5f4a36c723739dc4bd37ee4c2f libicu-devel-74.2-5.el10_0.aarch64.rpm ef9d3e985eda1144ab6ddc39dc22a261ab1607cafa490204d18c407627ff4d4b RLSA-2025:11933 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for sqlite. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: Integer Truncation in SQLite (CVE-2025-6965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms sqlite-3.46.1-5.el10_0.aarch64.rpm b41b0d8df4795f36717b245e24b1c2685ef4941e243edac03cee82340c06f69c sqlite-devel-3.46.1-5.el10_0.aarch64.rpm 90b30f23946f1116efe059bf40941fdb17153364200f3516feebd67f38c63944 RLSA-2025:12056 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for perl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms perl-5.40.2-512.2.el10_0.aarch64.rpm 7948ba076307dcfc2f479983f7888a4a949d9c56dd2b5434ce259f4460e7ea6b perl-Attribute-Handlers-1.03-512.2.el10_0.noarch.rpm a50a47c9c8189cf7eec48d586f8816aa6273e5a84e24c8b38c98b3396378e0d7 perl-AutoLoader-5.74-512.2.el10_0.noarch.rpm d11dee873d7d98224cb8b63b805b266025ff6e7a7c0bbddea102a1aef6b4c1ef perl-AutoSplit-5.74-512.2.el10_0.noarch.rpm fc83da5b9f60869db73ea9335d11b087da8977bab44b669d2fc21d5ce7eedbdf perl-autouse-1.11-512.2.el10_0.noarch.rpm 022a86f3a5975a041799ad17b807e59e335f57a29b3fcd9e7624ae13d9fc343f perl-B-1.89-512.2.el10_0.aarch64.rpm 7fa5aa568d2d4b9a07c05cc74c1062e56a8ee638d296875d43135cb761420c21 perl-base-2.27-512.2.el10_0.noarch.rpm 23294c4ee06f04f99e734a520e7118b3f69b4e973afdcfa435e7fdffacb6cb30 perl-Benchmark-1.25-512.2.el10_0.noarch.rpm 7f17cc9401a6998858fbfc634fd8cacb305dd95c5557fa60dd1efc7f9e40dd6c perl-blib-1.07-512.2.el10_0.noarch.rpm 26f1caf1fa8a54fea467f5e126a8b9d295cc763ee5e84029137ee6dd9ad12668 perl-Class-Struct-0.68-512.2.el10_0.noarch.rpm 142b33b254ad949b08e59aa746019c53c09a6f9b1e8f16612c23a2222c7890bd perl-Config-Extensions-0.03-512.2.el10_0.noarch.rpm 088dd306bf83eb27d4800a7dc8a74248a7655b27025f6a1096a32664ad3f7e71 perl-DBM_Filter-0.06-512.2.el10_0.noarch.rpm 594a8f1acb1be8bea0d80d76529e16e209ab76632573ec320a3a255c1d93030d perl-debugger-1.60-512.2.el10_0.noarch.rpm 116632d66aecb227ec01b561039c998967e38b11605a08c26c6975f100d3f363 perl-deprecate-0.04-512.2.el10_0.noarch.rpm f9b6c6d93abe972e0898aed2bd517c9dd7492b589cc43f0f542ef879705eaa16 perl-devel-5.40.2-512.2.el10_0.aarch64.rpm d51ade732713ecbca1918c4a1b36775e4ec6a69c666dd8505c0a8d289fdade5b perl-Devel-Peek-1.34-512.2.el10_0.aarch64.rpm a7e45143c7832b91e0d7819674182a02d612a88220a219ff8c6f07a3a7eac38b perl-Devel-SelfStubber-1.06-512.2.el10_0.noarch.rpm 3333f3ddba623e1659029a71773b6fdd8b06009f52f630c617f5f06869d193ab perl-diagnostics-1.40-512.2.el10_0.noarch.rpm 391498cf663012d9ec9bd910b4bf53cf4234304cea25b142debbb91bda3c79ba perl-DirHandle-1.05-512.2.el10_0.noarch.rpm 3b7143910af7251015a7a91b80280ebe2390424ccb7e1ce5172d6fe3a2b579a7 perl-doc-5.40.2-512.2.el10_0.noarch.rpm 1f2e5dc38f4e1c91f43dac6269bb11d7c025b27eb55e7f4eb6461ea0220704ac perl-Dumpvalue-2.27-512.2.el10_0.noarch.rpm 4e035ced3d3eae3c988ec32be73475af7f253d99e8fe456d829cbca7887fd3e6 perl-DynaLoader-1.56-512.2.el10_0.aarch64.rpm b69a39827da36b95969b4531d6a7b02be03d6cb1723bb7ffa30fff29e985b6e3 perl-encoding-warnings-0.14-512.2.el10_0.noarch.rpm e0901d24894adcac12d89343604cf3e8775024483b6a83d3d5913153c41faf8a perl-English-1.11-512.2.el10_0.noarch.rpm cace3f6ec93d1dddf2a3880e90a746967df8ad4b18c65e3fab3d6d2837962a59 perl-Errno-1.38-512.2.el10_0.aarch64.rpm d4ac06dc6ef634652523029e15928e4fe98a8f716017f9e52af3dc30500856c4 perl-ExtUtils-Constant-0.25-512.2.el10_0.noarch.rpm a5254c20224062ab3e006e8a816d71f6a6f7c392afebeaf67c08189a04820674 perl-ExtUtils-Embed-1.35-512.2.el10_0.noarch.rpm a3a81991583e28184db2748eb512c1a95788568a6da7aafaa5ec0fc4a39b594d perl-ExtUtils-Miniperl-1.14-512.2.el10_0.noarch.rpm bff285dd9b50eac452554962e9533a81440ab5b293a5f8a131ed217e159b4abd perl-Fcntl-1.18-512.2.el10_0.aarch64.rpm 7594a2b1928b3401459544d90574fa6772d2cb14a3ea7730ffa853d998694169 perl-fields-2.27-512.2.el10_0.noarch.rpm a5185e8c106dd42e6900b9594a894c8640301c4454d6e9130996d1d2c6619743 perl-File-Basename-2.86-512.2.el10_0.noarch.rpm 0e52e24b6fe11614f52f85fac01887550aca5af48322b7297add18f8bae07af8 perl-FileCache-1.10-512.2.el10_0.noarch.rpm ddcec09ad7b7e78312d597efb775fd0795aca5064ba933ac3ba53de6ffb70ed3 perl-File-Compare-1.100.800-512.2.el10_0.noarch.rpm 36d9a304d4513dd8ab9b8e98d02cc609541bdbba22be1ea88b247e37ca61671f perl-File-Copy-2.41-512.2.el10_0.noarch.rpm eed099e78ffcf4332ed8a29bfb6ea948717fc3b61b312e205a8a3bb3783abcb0 perl-File-DosGlob-1.12-512.2.el10_0.aarch64.rpm 9b685dfaddf72186b02a525c11b23d8c172f706aa07f52d2b3ef31c695f3dc52 perl-File-Find-1.44-512.2.el10_0.noarch.rpm 1d72ea44720cc2edbea27771dd5708935c2b1f1165c12b7bd8053a281e31bff8 perl-FileHandle-2.05-512.2.el10_0.noarch.rpm da293f041854918ba2ed671bc86e0fa2495c7c6bb6bb4ae6c1d1555aa0543ccf perl-File-stat-1.14-512.2.el10_0.noarch.rpm e68ec3b54e4a04236a01260f76f52453974a71e4ba14a85a92357e611f8f0307 perl-filetest-1.03-512.2.el10_0.noarch.rpm d722cf0a055e441a8e7f804a6cb287f292ea823b01ffa0fd6aa6b9232d28a82b perl-FindBin-1.54-512.2.el10_0.noarch.rpm 309befe99d17047346772695df54eb58575c000cd4da46652dfc56edc7da597f perl-GDBM_File-1.24-512.2.el10_0.aarch64.rpm c6198178d2a20d29e9bb21aa01c483854c8e5f7ad1403f2ef0ee2ac5b4d96d12 perl-Getopt-Std-1.14-512.2.el10_0.noarch.rpm 4c704ab2ee391d717797366dd5ed6e0b4972c6915dbaf0ed0079f4cb23dd2fb3 perl-Hash-Util-0.32-512.2.el10_0.aarch64.rpm a385e0c59b1002bd94b0bdb03d74e8cd12f23f60247e272c2429be4b5c10592b perl-Hash-Util-FieldHash-1.27-512.2.el10_0.aarch64.rpm 0ca9d9424dd9cbccea743ee91fcfbc6d4811be0c6dfd4781212fe8ebcea20805 perl-I18N-Collate-1.02-512.2.el10_0.noarch.rpm bcba8afa4f930466ff0b74cd168d0223e120524176ce70249b765a1b1b7dd280 perl-I18N-Langinfo-0.24-512.2.el10_0.aarch64.rpm bc9c9667e65d31825104919960b5459ee7874e970a1c9a1f9ed1bc02c3c5de6c perl-I18N-LangTags-0.45-512.2.el10_0.noarch.rpm 76f6d8df29b37d36d869d540fe00fab661009cb9985b188caf23892bad7b52a8 perl-if-0.61.000-512.2.el10_0.noarch.rpm 5f355e52e71146d71223f34451b5ff1c11bc471ae8eeb0a1a84258d15c32594f perl-interpreter-5.40.2-512.2.el10_0.aarch64.rpm a9851763a8da1f4a639dcb654aeefbe2a9112fc0e691b3fa0ae061081857f389 perl-IO-1.55-512.2.el10_0.aarch64.rpm 7276cb0bf769d5333463a77d55d39bb1fbf4c1b0e3595261c2b3131793ed49a2 perl-IPC-Open3-1.22-512.2.el10_0.noarch.rpm 86b148a2756784bdcbdaff5cff28c5393ac52f4bf0216907756b57a5ba5ca92b perl-less-0.03-512.2.el10_0.noarch.rpm b5e848124b09387112c1d4231c76c8def385bc0538c73b2c6ec9aa685fa9200d perl-lib-0.65-512.2.el10_0.aarch64.rpm 2e52144d22a3433b883b64c5e4466d57302c63ad36e73907e172164b1019bca5 perl-libnetcfg-5.40.2-512.2.el10_0.noarch.rpm 7efe3f4939bc66049dfb3820be0b55a361dfc104ba96d7878399dee3e3d68a5d perl-libs-5.40.2-512.2.el10_0.aarch64.rpm 2f3935015b179b436c28850455f7dc954d9a5c432222102fd097a53f0641960d perl-locale-1.12-512.2.el10_0.noarch.rpm a9a3b66e223867d6208946406f5b1edf6726034cdb86c60594d1d1df8381fa18 perl-Locale-Maketext-Simple-0.21-512.2.el10_0.noarch.rpm 39e29184aa99c21e97a57e97dc02717f90d377f12a3202b0e93b71ce1ff113c6 perl-macros-5.40.2-512.2.el10_0.noarch.rpm c338c5d3a9bd8a1c1235f1c8da239f29b9d62bf58788f9983355db0106722eaf perl-Math-Complex-1.62-512.2.el10_0.noarch.rpm 6be88deaf0001307cb42142a066d5bbb8355ca3c066f287cc1dfb6c70135de31 perl-Memoize-1.16-512.2.el10_0.noarch.rpm a8b43a7f26e0da134f559117be6ec1246f4403594c78bd2c028b93ee08086207 perl-meta-notation-5.40.2-512.2.el10_0.noarch.rpm e1de3da0d11590cde4c2f31ea22160f937639c4cb14852569b46be28b046c8ee perl-Module-Loaded-0.08-512.2.el10_0.noarch.rpm 3639e9e7b65277a67c7409fe4f020b3913c7ef6b948bf577ed1ae9aa34f71efc perl-mro-1.29-512.2.el10_0.aarch64.rpm 21dc14812bb8301c026a0e1463785ddac818d2a445b5ebdc202b95ab7de783d9 perl-NDBM_File-1.17-512.2.el10_0.aarch64.rpm 0af6555aed977f6ffb264dfed57449b1f6fec73d5f4613ff02c6383046a9ce9d perl-Net-1.04-512.2.el10_0.noarch.rpm 589d4504637d13e2435420455917884df8727581aa80fae5b51020650ac8169f perl-NEXT-0.69-512.2.el10_0.noarch.rpm 6cf667a4e215805092c31399b07088b9b53ac30571429737c26ff5633c93f107 perl-ODBM_File-1.18-512.2.el10_0.aarch64.rpm a6c86cc35741c32f00e548e37b834fcc2d7359a1ed524a9bc303601117040921 perl-Opcode-1.65-512.2.el10_0.aarch64.rpm 85ac36e06f9409698d9f00a3c5d0880a47180a2eb0051684f725a3cf1f3bd994 perl-open-1.13-512.2.el10_0.noarch.rpm e6faf552b3ef8663aa5c008bb0170bd1937c21b052e19b38338b17af0140a2fa perl-overload-1.37-512.2.el10_0.noarch.rpm ef05e1e0a8d4186fd2b5fc8e9726345b0d14a30e4a7eb7a66943aa51c6032a4f perl-overloading-0.02-512.2.el10_0.noarch.rpm 418913e1c6335e9aa8f039fa6903dbba59d713bc902191272692c655b2d8f63b perl-ph-5.40.2-512.2.el10_0.aarch64.rpm 22e97580f74820a2b1d63970c46faaed8b5b2544aa117f6e35ee650c1c3fb836 perl-Pod-Functions-1.14-512.2.el10_0.noarch.rpm 9544e913bae26609c973b6fac8ef231fa230e79b79966696f27dc6169b0cce16 perl-Pod-Html-1.35-512.2.el10_0.noarch.rpm 56640ad227c8fb21e7f72fde247757f01d905d585bea3ede000adc8db4072b87 perl-POSIX-2.20-512.2.el10_0.aarch64.rpm 27c6ea27094bf56bb74de3ab820198d953163372c546871f620ef1d9a791cc52 perl-Safe-2.46-512.2.el10_0.noarch.rpm d8b10fade999abb3271355112bd700b47920bc3556996606e99cc4ac445e682d perl-Search-Dict-1.07-512.2.el10_0.noarch.rpm 7a93698979506fa211d4570b90132e5368cc45829985baec494f877a38ec0061 perl-SelectSaver-1.02-512.2.el10_0.noarch.rpm 4971816006a6fd214274853c95c74c1e4af34acb2fa145d7c36d3533f115969d perl-SelfLoader-1.27-512.2.el10_0.noarch.rpm 15a01d37dcd6c51415b3d2eb973d5e64ffe93455587282661129f31e39a37164 perl-sigtrap-1.10-512.2.el10_0.noarch.rpm d322121627446cea0a0ce9a162ac1e5cbc3c21fed5454a614f9f3231bcd6e819 perl-sort-2.05-512.2.el10_0.noarch.rpm 9a656d27009bec4a4203f84e041407805e48189799413db9637a51d307666867 perl-subs-1.04-512.2.el10_0.noarch.rpm 6f51e398f25184efd9fa656c36b32f4a66b84db33473a0084c09d2564b1fa173 perl-Symbol-1.09-512.2.el10_0.noarch.rpm e44ddbdba11f7108309e1e8268ded90b30b45d4559d329b7598c194491e65cb7 perl-Sys-Hostname-1.25-512.2.el10_0.aarch64.rpm 7baff002fb0be478168ba578e78d829393e5fc5ffe6c67d17ceb20864b8af143 perl-Term-Complete-1.403-512.2.el10_0.noarch.rpm bca25218698dc5bec307ab2833f95c80979801a3a50bde8578e87f5b0a9e9c6e perl-Term-ReadLine-1.17-512.2.el10_0.noarch.rpm eacdcb68a50137a0b436f0c843963dd397f6a08953c66383e62b6cc416203cf0 perl-Test-1.31-512.2.el10_0.noarch.rpm 7e9be4015583373451563d4ec380e02dd4acceb46311be07128844cee2bd3c99 perl-Text-Abbrev-1.02-512.2.el10_0.noarch.rpm 25b62a751bb2a0357cfcf9b4a9e159bbacbefd6cfe0748265e62219dc9683586 perl-Thread-3.05-512.2.el10_0.noarch.rpm 491d0f80e3d887e45c217e46256d581c90fb3cb07830cc546e2a6f5691b629f6 perl-Thread-Semaphore-2.13-512.2.el10_0.noarch.rpm 638204720d76bfff46b4232b6bac608876be8f587b9c7f3d1009e3dedf806dcb perl-Tie-4.6-512.2.el10_0.noarch.rpm 5c0753c9b84119f97ee29a79a6f85d2b9b8e7b43e7ccceff30076e592529fb4e perl-Tie-File-1.09-512.2.el10_0.noarch.rpm 979470cf5a306f3c4dea61028b98b449ca8befcfe02987ef6e147c7321f6d3fa perl-Tie-Memoize-1.1-512.2.el10_0.noarch.rpm caab07ab606928b27eff25c56d245649147171e90b94c8f4ebc6168c2c04d1a6 perl-Time-1.04-512.2.el10_0.noarch.rpm 9f0208c626290f1e4e435ec425e901cb8c2db44c8e1caa64fc244a9172006d4f perl-Time-Piece-1.3401-512.2.el10_0.aarch64.rpm af73491311a4636cc0421836471909daf4e99144a50192a9fc567d7a15d02147 perl-Unicode-UCD-0.78-512.2.el10_0.noarch.rpm 8127dfa5d5006949b78316bea4cd438b83f616dbb2c9160dee0d3c88dd354d8e perl-User-pwent-1.05-512.2.el10_0.noarch.rpm 61be0c87a8ef400af759697ab882a54dc62018958aa86f3a3f6a2bac93666b68 perl-utils-5.40.2-512.2.el10_0.noarch.rpm c89e6e8052e14ed8e1c2d3c9c09ef67d1f90be7705d624293c916ee926fd4ae8 perl-vars-1.05-512.2.el10_0.noarch.rpm 877c2bdd38a85c3510e06a9a271b5badc4b80c917109f39f65f3ca4796eca380 perl-vmsish-1.04-512.2.el10_0.noarch.rpm b2e68ff6ffa4970afdeff6e1d9988decbf7cabe45d08dabee3d6b41284f869d7 RLSA-2025:12064 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: Unbound Cache poisoning (CVE-2025-5994) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-unbound-1.20.0-12.el10_0.aarch64.rpm 1370cfd438a1ead65254034ff22f42341a9cd37994c533f8093bbddfeb0bfcc8 unbound-1.20.0-12.el10_0.aarch64.rpm dbcd0ba597e2da1a185f6534aa7a42e63ddbc9743429b000051db0d33c781787 unbound-anchor-1.20.0-12.el10_0.aarch64.rpm eb243da277db7cc9f15bca492e32ea78224d599af6c4fc65a95799742a1bbc41 unbound-dracut-1.20.0-12.el10_0.aarch64.rpm e5a245971fe91032608d7a4face7670c8860ab4450a3f19cfc23541966aad76c unbound-libs-1.20.0-12.el10_0.aarch64.rpm 450c1635f509aa9b4c4ec07883f5aa523e32d990e70c7d09fabb2f476fa46b55 RLSA-2025:12188 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028) * firefox: thunderbird: Memory safety bugs (CVE-2025-8035) * firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031) * firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027) * firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030) * firefox: Memory safety bugs (CVE-2025-8034) * firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033) * firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032) * firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-128.13.0-3.el10_0.aarch64.rpm 72301ddc442e46f2e4bbcacd1ad46a528f321c82928095195d8c4768ec0792f2 RLSA-2025:12662 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: padata: fix UAF in padata_reorder (CVE-2025-21727) * kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928) * kernel: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CVE-2025-21929) * kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020) * kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113) * kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085) * kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890) * kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052) * kernel: net: ch9200: fix uninitialised access during mii_nway_restart (CVE-2025-38086) * kernel: net/sched: fix use-after-free in taprio_dev_notifier (CVE-2025-38087) * kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.25.1.el10_0.aarch64.rpm a0efc159affd03ae991a32b977e01af22d60df2f2599727ab48bb162bdac130d kernel-64k-debug-devel-matched-6.12.0-55.25.1.el10_0.aarch64.rpm 3f9155a08e3f10b1c2a3dd90c90ac2c3bbd3ac2d4a178b83905397d24c4dc78b kernel-64k-devel-6.12.0-55.25.1.el10_0.aarch64.rpm 73053564d1c6f818cede5f5582d97455c650b8489814cbbe74fc3ead28e6d583 kernel-64k-devel-matched-6.12.0-55.25.1.el10_0.aarch64.rpm c5c00e79f33920da6d846c3d593c5043867ce010331c28e64b1674aec226e291 kernel-debug-devel-6.12.0-55.25.1.el10_0.aarch64.rpm fde7470c731890759eb048dc8eb4ba5d99b0174fc1359e499a28ba5b5c71e24c kernel-debug-devel-matched-6.12.0-55.25.1.el10_0.aarch64.rpm 1fe815e1e55d9c3f19fed71f9978388f66c12d9eaa270922211f9ac0005a6ec9 kernel-devel-6.12.0-55.25.1.el10_0.aarch64.rpm efb5a454c9154c169f470f70a9c37214c1c27388e435108961f7959ee5a9d50b kernel-devel-matched-6.12.0-55.25.1.el10_0.aarch64.rpm 0d2ba43b4f0cf6c115639c07aa277987a17461d26aecb1388df6b29ae0f67f70 kernel-doc-6.12.0-55.25.1.el10_0.noarch.rpm 2cb9b732ef69aef143919db2a6e778164052cbc7a74beabbb9ed69c93c76ef69 kernel-headers-6.12.0-55.25.1.el10_0.aarch64.rpm f95e8ed9782bc0a928ceb04a48d436bd962fab0ca205621c4374e8469b726ca3 perf-6.12.0-55.25.1.el10_0.aarch64.rpm dc2244859f95b59263d2886cd2fa9b220e8caacdca3fd911500c70a5228a04a7 python3-perf-6.12.0-55.25.1.el10_0.aarch64.rpm 01164369453654f2119eef4eeef62b796aab73e168b56a33a6adcd1a004f8687 rtla-6.12.0-55.25.1.el10_0.aarch64.rpm 77c6d9df7616ee08396b5b5c63fb680742e8d72d74db9b7544022937068b0e14 rv-6.12.0-55.25.1.el10_0.aarch64.rpm 2df7a8af04ccae513e61d785c357ca3a231bbb94a96ba56556c07e341734eb7c RLSA-2025:12850 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms opentelemetry-collector-0.127.0-1.el10_0.aarch64.rpm 10803eb9084883de2678d983a79c8b57997f2993f1a7089f6fc3f22a33f27d69 RLSA-2025:12862 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gdk-pixbuf2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fix(es): * gdk?pixbuf: Heap?buffer?overflow in gdk?pixbuf (CVE-2025-7345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gdk-pixbuf2-2.42.12-4.el10_0.aarch64.rpm bd44c505cf720205e8221654c6dcf3035e5d4d9b57dd5800f78a3763b1801c7c gdk-pixbuf2-devel-2.42.12-4.el10_0.aarch64.rpm d33cb7dc0fd2cf6a8ef78fd6a1f5f9be9e22d5099a6f91a1b387b4a5e98cf689 gdk-pixbuf2-modules-2.42.12-4.el10_0.aarch64.rpm 5dea460b53ee2e034aa08c6a2bf28bccec8b55d03e3602e94ab4b9d196c9ef26 RLSA-2025:13240 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Double free in glibc (CVE-2025-8058) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms glibc-devel-2.39-46.el10_0.aarch64.rpm cfa928e01c68b6c831635491a44d3ea3e912b1b4c6938695aee0200545259b0a glibc-doc-2.39-46.el10_0.noarch.rpm aec94e9135f742ab005553dee9ee0ebbbcc83155e4cbbed46f79b316e801e763 glibc-locale-source-2.39-46.el10_0.aarch64.rpm 7f2c9b65392c6b17191086903346f58b8897034fd28d8b13d2af5b1e75c5a5b4 glibc-utils-2.39-46.el10_0.aarch64.rpm 477786b0ef3e4abf110f4c6fcdfbf3b7a9d5cd45132f221ad259d0eb1f7a50a3 RLSA-2025:13429 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414) * libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libxml2-devel-2.12.5-9.el10_0.aarch64.rpm 46bc5f9f08fcd13c05294f2f45b782e8dfaea0ac45437fb9e7871ae334febe8a RLSA-2025:13598 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721) * kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079) * kernel: mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084) * kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085) * kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159) * kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering (CVE-2025-38137) * kernel: wifi: ath12k: fix invalid access to memory (CVE-2025-38292) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.27.1.el10_0.aarch64.rpm 1e5a2e75ed95a2ac15a4b2871e3bea74c7556fa6c1d397c97ee27e07cc37d8b1 kernel-64k-debug-devel-matched-6.12.0-55.27.1.el10_0.aarch64.rpm e1ddc7fae4a7f5ad863e010e9ca7eafeb199fa695a874c44d6a99b92b125a609 kernel-64k-devel-6.12.0-55.27.1.el10_0.aarch64.rpm e6aa38e8428dfa339653724289e48e709b28e2031ddae23ea20682520130defe kernel-64k-devel-matched-6.12.0-55.27.1.el10_0.aarch64.rpm 2da1bb89a8f5952d1d8614176f2a4d70d033807df51e33607e087b7ec598fc16 kernel-debug-devel-6.12.0-55.27.1.el10_0.aarch64.rpm b9bb23bbf717e6a80ec9f900da1ba7fa71d62132021959f351e740038913f3e0 kernel-debug-devel-matched-6.12.0-55.27.1.el10_0.aarch64.rpm d9e659751a263d72f1ac30078bcc2023967333d599fbd813e235e7878ab4a668 kernel-devel-6.12.0-55.27.1.el10_0.aarch64.rpm 6704212e7e2da0084b6ca57544ca2c3bbd2af32817580b182b4dcffd27329f76 kernel-devel-matched-6.12.0-55.27.1.el10_0.aarch64.rpm d76b133e0faf309978142003ee9ed7a4f12eeee46ba3644f512b413cbdb0a7df kernel-doc-6.12.0-55.27.1.el10_0.noarch.rpm 794200da05e099238a3419aae127c59934fcd9d5a559c7a996adaa9da27a7a81 kernel-headers-6.12.0-55.27.1.el10_0.aarch64.rpm 52f2b5286a3c61eace0637c5a991a8c7af2df60b31598a5d1c0ad56873fd777b perf-6.12.0-55.27.1.el10_0.aarch64.rpm ad3d5ccdb1a162dbafff1e8bce6bf3c0901acd5a66a07d874526b8a383136120 python3-perf-6.12.0-55.27.1.el10_0.aarch64.rpm 63d41a715451846ae70f889cf6d59a477f852f61ae4f16ab3d9188244a009778 rtla-6.12.0-55.27.1.el10_0.aarch64.rpm 5df9ebeb8b4cec5f34db1ed8951945193df6768684d4f475618a4e6eae55b975 rv-6.12.0-55.27.1.el10_0.aarch64.rpm 345b67f30b327b188ab35856df99b64e1318c65f73726ba6f5fc66b25c74aaa9 RLSA-2025:13674 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for toolbox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): * nvidia-container-toolkit: Privilege Escalation via Hook Initialization in NVIDIA Container Toolkit (CVE-2025-23266) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms toolbox-0.2-1.el10_0.aarch64.rpm 639c7133a6d4af439f5eecb2d41d37a4b71da036189ad7828cfc641e07ce261b RLSA-2025:13941 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The golang packages provide the Go programming language compiler. Security Fix(es): * cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms golang-1.24.6-1.el10_0.aarch64.rpm 59c4a451d7e6bc7ba104db85f1cd04335fd889acf03c1a8caa202df30ea0fd19 golang-bin-1.24.6-1.el10_0.aarch64.rpm 1addd829d2a39b4f5d084e7c3e491f3295c8bb371eeff61b8b797bfdda6d755c golang-docs-1.24.6-1.el10_0.noarch.rpm c8015b335c5881328c5e1ea21aab8e9487e278ded209f83b111b0a870925aea1 golang-misc-1.24.6-1.el10_0.noarch.rpm 9d833125417d6f49f9dc2a9c19bf9454ea27c78b6d319168faff5c6491b640b7 golang-race-1.24.6-1.el10_0.aarch64.rpm 5d1a671f785bb5cd44206e06a59fd343c9068187a5c579e69090637f64b33b2b golang-src-1.24.6-1.el10_0.noarch.rpm aace02df66e63925e08917bd1704188ea6726490a414e5f5f1f5b9b0ff6051c9 golang-tests-1.24.6-1.el10_0.noarch.rpm e7152f56606fe5f068a38d2d2e40d491f9670cc56cb216e7c1d8fc558ffd4491 go-toolset-1.24.6-1.el10_0.aarch64.rpm d61fdb69cf82dacd7aef544a67bcd589059558cf5a0caa2a1b6bbe641b2d6433 RLSA-2025:13944 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for openjpeg2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: OpenJPEG OOB heap memory write (CVE-2025-54874) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms openjpeg2-2.5.2-4.el10_0.1.aarch64.rpm 4e609ec883b5b2f0e00d991afc56c60e88c8c6e600d5bc065a92f32512084c84 RLSA-2025:14137 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms bsdtar-3.7.7-4.el10_0.aarch64.rpm 2c39661a9b0ceecbc4cb6777159a91c2c9e0047c1e2cdf8e5572cc290fd3aca7 libarchive-devel-3.7.7-4.el10_0.aarch64.rpm c652591965617bf3082892518fb7a2c96bba3dedd148dc50e55cb46dff0d7314 RLSA-2025:14178 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-52434) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms tomcat9-9.0.87-5.el10_0.3.noarch.rpm 74e2a6fbef93fe6dada5062baa99ea2ae81539c66150c379e326ceff3d5f00ae tomcat9-admin-webapps-9.0.87-5.el10_0.3.noarch.rpm d5991ed5ea05046e1b9ded1ee71728137bf6cd5265e7a85fd43cc234b4a63cf1 tomcat9-docs-webapp-9.0.87-5.el10_0.3.noarch.rpm 27e9f00f4b4db5a618c88766816ea04e334e413b81d6df87309f92e797f2af01 tomcat9-el-3.0-api-9.0.87-5.el10_0.3.noarch.rpm 661c5eb96bedd37e4dd1988be1912a09dfb4246df01619be0a95decb6a739a0a tomcat9-jsp-2.3-api-9.0.87-5.el10_0.3.noarch.rpm d564b100d3af37696d23407cbec19f38dc10d5f263bc6463526307f297f9e751 tomcat9-lib-9.0.87-5.el10_0.3.noarch.rpm 56221df788f2fd94b729cbc24645ef14577c2a60e21394c4ccebbe3c466e437a tomcat9-servlet-4.0-api-9.0.87-5.el10_0.3.noarch.rpm 197343759673b4df77e1cd4b653ff18640c1145a111abcf65f293bdf2cd640b3 tomcat9-webapps-9.0.87-5.el10_0.3.noarch.rpm a92fb0bc741de5bed29ded39ffc1090c13d44d8e4663ed876455b9ec62dc79f0 RLSA-2025:14179 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988) * tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) * apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976) * tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * tomcat: Apache Tomcat denial of service (CVE-2025-52520) * tomcat: Apache Tomcat denial of service (CVE-2025-53506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms tomcat-10.1.36-1.el10_0.2.noarch.rpm ecb917e318806b30780490e980d3321c09c3a9d0a55191e03a6e6aa155bb2f9b tomcat-admin-webapps-10.1.36-1.el10_0.2.noarch.rpm a170a83d4db067f3716cc75b312457ae573a69b8abc08e35bf067456dd8d6556 tomcat-docs-webapp-10.1.36-1.el10_0.2.noarch.rpm afc999a8b23e6e5bcd6fa3cb5dd0cec0c53b7092bdb3c8f5763ba7523102d44c tomcat-el-5.0-api-10.1.36-1.el10_0.2.noarch.rpm d74a96e6451c0457caf006ecf5cb3f9c05a335f5155526ff7e43ea76d96de5ec tomcat-jsp-3.1-api-10.1.36-1.el10_0.2.noarch.rpm 40f0d2b7943d8439b32a461f3b324e8add8d7a2eb2989ca4c685b0a4ff0806bd tomcat-lib-10.1.36-1.el10_0.2.noarch.rpm ae430958b25c1ff702c75b963827c5cd5c79c9d0e1b7cc97c10a86e80c3e2625 tomcat-servlet-6.0-api-10.1.36-1.el10_0.2.noarch.rpm eafac0514a1c171b579247cb0bd32de6b9e6446344213797e664d21eb1f5ee3f tomcat-webapps-10.1.36-1.el10_0.2.noarch.rpm b7378649e8898b6bbbbaaf8633261fdfb57139d41c243d6269728b2a2ecaf834 RLSA-2025:14417 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-128.14.0-2.el10_0.aarch64.rpm 8021d23980e6eaf4d756b751caba4f8e299816ed4d5872891a6b8298ac454d93 RLSA-2025:14510 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net_sched: ets: Fix double list add in class with netem as child qdisc (CVE-2025-37914) * kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200) * kernel: ice: fix eswitch code memory leak in reset scenario (CVE-2025-38417) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.29.1.el10_0.aarch64.rpm e2df3bd8ff0af8541f5a75857850b01d7dde42a05ee17b771c3132d6dcea32d6 kernel-64k-debug-devel-matched-6.12.0-55.29.1.el10_0.aarch64.rpm 44775c057f6e876cb1e377cd6a1498ad4308b1372279f4f4608aee61906934fd kernel-64k-devel-6.12.0-55.29.1.el10_0.aarch64.rpm dba57426a4454c2b01bdb118f77411a53da8a800c5996651c98bc7c98251f368 kernel-64k-devel-matched-6.12.0-55.29.1.el10_0.aarch64.rpm 6483634a15dbfc1d4f98d385ab23adf9934663838c3e2eea5c35ef035e034eaf kernel-debug-devel-6.12.0-55.29.1.el10_0.aarch64.rpm bb4c5861520783ad1aaab0c1376daf4391a0b89fd66f5c359cfaaf9c9f11b5f0 kernel-debug-devel-matched-6.12.0-55.29.1.el10_0.aarch64.rpm c66d401e52cfac41db061221e920182f332eece468e589f811e153bbd967ad07 kernel-devel-6.12.0-55.29.1.el10_0.aarch64.rpm 484744c9fa162c222dfd14473b2f129867b7c42cd94272e0f1ac746566a3245b kernel-devel-matched-6.12.0-55.29.1.el10_0.aarch64.rpm 42d9205ad3545d55fedba6a6f06c4e352306023c3d150b1c823d25418e3cde16 kernel-doc-6.12.0-55.29.1.el10_0.noarch.rpm 69f9d1a4bfddfb638d9fb96b6b6e9bdaaf79156301c0b03028e131716bdc138a kernel-headers-6.12.0-55.29.1.el10_0.aarch64.rpm e1fa534c6d6d35d61e4935e4ef377da73a1d3fb8b9c748c90470092538ebac3f perf-6.12.0-55.29.1.el10_0.aarch64.rpm 6443f87904b74ee7599f17e3d0145474dc9a74c3da9640eabc33d8f8978bba6c python3-perf-6.12.0-55.29.1.el10_0.aarch64.rpm 94eeacca657831b070f61b52d1592f60f129ad57eaf34d11ca2217996b2fe7ae rtla-6.12.0-55.29.1.el10_0.aarch64.rpm 5966d0d7e2822bdd118d87c07289728d706204a06e3cd4ab3a4b8e1fdfaf18ce rv-6.12.0-55.29.1.el10_0.aarch64.rpm 98094167c5b36730000ff01f3d03d4aa451e229c52d0238514d819f08d725d02 RLSA-2025:14592 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for aide. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fix(es): * aide: improper output neutralization enables bypassing (CVE-2025-54389) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms aide-0.18.6-8.el10_0.2.aarch64.rpm 31c3c97e21cf56d8aa6416f5084fbb010eb003765b5e8fbfe57073c1f13aaf61 RLSA-2025:14625 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mod_http2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module (CVE-2025-49630) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms mod_http2-2.0.29-2.el10_0.1.aarch64.rpm b6d8d920e34e84024b1ddee381bc1ae8530e1c65de09c17aa73e349bfab8e866 RLSA-2025:14826 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for postgresql16. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. Security Fix(es): * postgresql: PostgreSQL executes arbitrary code in restore operation (CVE-2025-8715) * postgresql: PostgreSQL code execution in restore operation (CVE-2025-8714) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms postgresql-16.10-1.el10_0.aarch64.rpm 6fffa109992b6454304b1d391ba602e5f28410bc97766498ddb55fe024ce53df postgresql-contrib-16.10-1.el10_0.aarch64.rpm 7ca2027c04188036e6a035e6016a6c4ebecf6b35ba301c8f38e6fdd3aec1325d postgresql-docs-16.10-1.el10_0.aarch64.rpm 4cecd69122d8c9ab4d78e5c69f1e5057aa29dd1459d7823c0819fdfc76167e87 postgresql-plperl-16.10-1.el10_0.aarch64.rpm da5043babcfae9dfa958426dee7a19fa1cc2a618b7684986eeab66de87cac094 postgresql-plpython3-16.10-1.el10_0.aarch64.rpm 9a9e2fcc50ea01f044d0e5629201d6f2ca40ab7ef10752da32b418d7e35f830f postgresql-pltcl-16.10-1.el10_0.aarch64.rpm 78d3444758c3b1cc167b979457fbbcb9de80f29c96de4d4f67f6e4929472c256 postgresql-private-devel-16.10-1.el10_0.aarch64.rpm 0b2e016dd46a800371eb71c1939c40e6d172038e9a962ce07370b598c9f6db96 postgresql-private-libs-16.10-1.el10_0.aarch64.rpm f28d394ad17a0fb46a3aa8b0c68037aa80307dddb12d414980d8667debbe8344 postgresql-server-16.10-1.el10_0.aarch64.rpm 4c475ef0f895d22b7404a4a4ec0fdb6f5146bd16e60c93ec312f3505cfdc0225 postgresql-server-devel-16.10-1.el10_0.aarch64.rpm 89ff8d4e1082e7af2a4ca47246a0e9e5501cebe5f9537737322b55c32cecd185 postgresql-static-16.10-1.el10_0.aarch64.rpm 541ce40e8b5854fd4be38b2235915cd55825791ff61cc28c63d568c01ac1e464 postgresql-test-16.10-1.el10_0.aarch64.rpm b089517a0cc70ad45209bb96927af55990fb39cff829f60cb5ca0c09109947af postgresql-upgrade-16.10-1.el10_0.aarch64.rpm 6248863faf3daff9633b7fb37c0c0e835999f3f74e6300666a2ed3f58489d483 postgresql-upgrade-devel-16.10-1.el10_0.aarch64.rpm e712801f63431317bca28ca4cc74b9cdb72d9500e7c2c989c2fda312f302bb56 RLSA-2025:14844 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182) * thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179) * thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180) * thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181) * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-128.14.0-3.el10_0.aarch64.rpm 740a1e1c00ccd393792876da789b99894f6702351d1ed5d18a76e7d0b7d82760 RLSA-2025:14984 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Cpython infinite loop when parsing a tarfile (CVE-2025-8194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms python3-devel-3.12.9-2.el10_0.3.aarch64.rpm 7522e59c0ca9b4c7c3f76fd37e1e16afa5313d3ad9ab4cf1e82c6f4dccfb814a python3-tkinter-3.12.9-2.el10_0.3.aarch64.rpm 1fa803e74f668dd72561fb1d83019522875ab04a5a81612944b0d09010f5f434 python-unversioned-command-3.12.9-2.el10_0.3.noarch.rpm b37ef9efba6bdaa9eac25323e7e87e04400e496028647b724ec73e7022096fa9 RLSA-2025:15020 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for udisks2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks: Out-of-bounds read in UDisks Daemon (CVE-2025-8067) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libudisks2-2.10.90-5.el10_0.1.aarch64.rpm 0576af01bfa34f97811294dd23649d946e67255b5e30f3e3684dd32e175f6fd0 udisks2-2.10.90-5.el10_0.1.aarch64.rpm 7077c6062ab0878227b0dc981b6396c7ec6964d1f666d4fca42a9a7851999d65 udisks2-iscsi-2.10.90-5.el10_0.1.aarch64.rpm a4eff6d0580b9a043c2fff9a6d8e229565fb613615167bb049d7c3e26fc7aa5e udisks2-lsm-2.10.90-5.el10_0.1.aarch64.rpm 0a5578d363ffbf45779aec5fb24d000b5e950f4de4a72ec5eedc83f9868ce725 udisks2-lvm2-2.10.90-5.el10_0.1.aarch64.rpm 5eed3dffdec9ade14c3424fc71e46b97258410ca2d4f95e11e75d3e0d9cb0e13 RLSA-2025:15005 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: udp: Fix memory accounting leak. (CVE-2025-22058) * kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CVE-2025-37823) * kernel: ext4: only dirty folios when data journaling regular files (CVE-2025-38220) * kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211) * kernel: tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464) * kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461) * kernel: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.30.1.el10_0.aarch64.rpm 8647d28fab2a20906883e9a39c46c4e7550431f223bd3b4136660b0e0abf3339 kernel-64k-debug-devel-matched-6.12.0-55.30.1.el10_0.aarch64.rpm f6a595c71032d9fd5d9873e3bab635dc75f0f02f784c347f05a33800758a9077 kernel-64k-devel-6.12.0-55.30.1.el10_0.aarch64.rpm 19bb48189713db0651557d7e4adce9c7318742a1948262c4f1d74be7963896a0 kernel-64k-devel-matched-6.12.0-55.30.1.el10_0.aarch64.rpm 300d954c4e79ad6de1eef7e0ba48ae98e6764bd14a1ced73a66ee45fdab60905 kernel-debug-devel-6.12.0-55.30.1.el10_0.aarch64.rpm a2e1c12d3cda5f6161f074e66a750640c4304f438a047e5ce3f7fe8551ca2fa6 kernel-debug-devel-matched-6.12.0-55.30.1.el10_0.aarch64.rpm 4dba427484caca3073c0435d6eeccba4553be49ac06a24352482cdb16d139469 kernel-devel-6.12.0-55.30.1.el10_0.aarch64.rpm 385507b8a1ada1d7cabc0b3cdf5fb5a9312f8cbb54fb26b3cfe4d94567f690d0 kernel-devel-matched-6.12.0-55.30.1.el10_0.aarch64.rpm 309a113a324b60b2aa4873dd92f48f02bf28547fc94322115a7146a706b5dfcb kernel-doc-6.12.0-55.30.1.el10_0.noarch.rpm b5e78963af0511b76ad1fa2bd53104ac8a38b0f4d183188311175acdf7c08f07 perf-6.12.0-55.30.1.el10_0.aarch64.rpm d96f647c3a8907821fb107be389472a3dea8bf2b934ac538b57cffae273b980d python3-perf-6.12.0-55.30.1.el10_0.aarch64.rpm 2d47ae0ee9faa2af61e5beaa930185e314e17825d42e9ef1b3aa59727922ad60 rtla-6.12.0-55.30.1.el10_0.aarch64.rpm 0bf532f2994e30004f221cb9ede2a07a7b24704d542131d62be8b892d9176c6e rv-6.12.0-55.30.1.el10_0.aarch64.rpm eae03d64aae1e571ef93da636250e843c075063513945167b8e6e3875d23d0fd RLSA-2025:15095 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: insufficient escaping of user-supplied data in mod_ssl (CVE-2024-47252) * httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption (CVE-2025-23048) * httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms httpd-2.4.63-1.el10_0.2.aarch64.rpm 6cea1701c9dae5042886268c3d16dd16eb74f687cbbf81bb359c3122d71ca8ab httpd-core-2.4.63-1.el10_0.2.aarch64.rpm 3bc795192ef970272157cb8f0ee59091f94e1459e646481fa715f0b1f19069e0 httpd-devel-2.4.63-1.el10_0.2.aarch64.rpm f31cb41a72f691d39906d2ed904f58855cf86e69802da581511a8cf893155e37 httpd-filesystem-2.4.63-1.el10_0.2.noarch.rpm 5be7b3a8027ace91358c2f798e53f4dcc46b2e434314f8c1cca16d3d37b96673 httpd-manual-2.4.63-1.el10_0.2.noarch.rpm f55510c6628918f1cb42924ddff3203f84c000b1cd1e4db33205dc9ed5d67887 httpd-tools-2.4.63-1.el10_0.2.aarch64.rpm 7556909c3606c7a8436c962294c9abd4f7195b88aad4e5c0c7f7ae11d7d1813a mod_ldap-2.4.63-1.el10_0.2.aarch64.rpm a4f0d41ba3250620e7d50196347cee63bcf6eb1d8f2b608a12f4c97f6e2aadc2 mod_lua-2.4.63-1.el10_0.2.aarch64.rpm 9e6193fb99115fab98a16df8ce3e000638ad92a254b0eee086ceef4eab92fa6b mod_proxy_html-2.4.63-1.el10_0.2.aarch64.rpm bf06e5422ccff323dc4206d297cb640f420668ec2fd3cc48792e2ce774bec0d5 mod_session-2.4.63-1.el10_0.2.aarch64.rpm 33f6fc88db7abf9f03897c609e8bb731b3dddb06abd29f90a63923bb0dbdf872 mod_ssl-2.4.63-1.el10_0.2.aarch64.rpm e7397ecfd5a8c65afea39be46bdb4b456f118fd465023b063b24554e3b0ad0a2 RLSA-2025:15662 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.32.1.el10_0.aarch64.rpm ee6506761c3bbad0c0b30871500eb4b61958850a7d03171d28b374dc843845a2 kernel-64k-debug-devel-matched-6.12.0-55.32.1.el10_0.aarch64.rpm cb0a5e854b8cac3d1dfde32760597e2d3fe9a73d8c6c380e6f040359ab3aa3c8 kernel-64k-devel-6.12.0-55.32.1.el10_0.aarch64.rpm cae67e78dd74cabf9df146b0d9b1e5e3c05c9b50e7c0ef65838a7005732156a1 kernel-64k-devel-matched-6.12.0-55.32.1.el10_0.aarch64.rpm 5e7cacb857aee276007e8ccf1f0c28f7d9b92056e5b66efed7a32f4e3e8908bd kernel-debug-devel-6.12.0-55.32.1.el10_0.aarch64.rpm 18fa47dc7c5155f4d59725e504bd42e4dae1f57e4594fb17d630bd6856611267 kernel-debug-devel-matched-6.12.0-55.32.1.el10_0.aarch64.rpm 443419e3eafa4b4a22c2667f595af7ac668fdad823327b48f913201969b974da kernel-devel-6.12.0-55.32.1.el10_0.aarch64.rpm 503c1574dd39f60c79cf319a7cb93baf80d1138cc2dce3321b050bae89140581 kernel-devel-matched-6.12.0-55.32.1.el10_0.aarch64.rpm f25a6fe4115d951f1ac1d4776dd6a5729d257cd7efe9be87aa48bdc624a2e4e5 perf-6.12.0-55.32.1.el10_0.aarch64.rpm 9f5487b94a3bf8c3723f3d0751af0de54379f23421e3308ad62752709f7da47e python3-perf-6.12.0-55.32.1.el10_0.aarch64.rpm 791422ef7c82cdd2be2d061fbfb0034d6ace0de9c6e2adfe573a5e4c4e294d24 rtla-6.12.0-55.32.1.el10_0.aarch64.rpm d4938aa3a2577ac02ea0cd7ddb4eea2ec77ce284ba3f48bbf6748a96d09d54b3 rv-6.12.0-55.32.1.el10_0.aarch64.rpm 2d59a8ad4f11ba3b7d064368ac031da777bb758fe9886122f919d6bafd006ca6 RLSA-2025:15699 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for mysql8.4, mysql-selinux. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fix(es): * openssl: Timing side-channel in ECDSA signature computation (CVE-2024-13176) * mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30688) * mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025) (CVE-2025-30699) * mysql: UDF unspecified vulnerability (CPU Apr 2025) (CVE-2025-30721) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30682) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30683) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30715) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21574) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21585) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21588) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30681) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-21577) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30687) * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21580) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30696) * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30705) * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21575) * mysql: Options unspecified vulnerability (CPU Apr 2025) (CVE-2025-21579) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30685) * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30704) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21581) * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30689) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30695) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30703) * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693) * mysql: DDL unspecified vulnerability (CPU Apr 2025) (CVE-2025-21584) * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30684) * curl: libcurl: WebSocket endless loop (CVE-2025-5399) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50092) * mysql: mysqldump unspecified vulnerability (CPU Jul 2025) (CVE-2025-50081) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50079) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50077) * mysql: DML unspecified vulnerability (CPU Jul 2025) (CVE-2025-50078) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50091) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50101) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50093) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50099) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50085) * mysql: Components Services unspecified vulnerability (CPU Jul 2025) (CVE-2025-50086) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50082) * mysql: Encryption unspecified vulnerability (CPU Jul 2025) (CVE-2025-50097) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50104) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50087) * mysql: Stored Procedure unspecified vulnerability (CPU Jul 2025) (CVE-2025-50080) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50088) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50083) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50084) * mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025) (CVE-2025-50100) * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50094) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50098) * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50096) * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50102) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms mysql8.4-8.4.6-2.el10_0.aarch64.rpm 697d4d8ec6f4f03ac95959e09ff1df722284dc7d4d9efd405f98fe735d728101 mysql8.4-common-8.4.6-2.el10_0.noarch.rpm b00f64905687fb131a234fa7eb8cfbf01c82d55158e117d99ce6b0f8dfff877c mysql8.4-errmsg-8.4.6-2.el10_0.noarch.rpm 4e4119b62c7395860583065fc1a0792e5cf336b0e3820babc0b39cc7de6528f0 mysql8.4-libs-8.4.6-2.el10_0.aarch64.rpm 0e8a8e33180134c110f049ed836265a2189c048e6b745871cc1f7a21bce6d8d7 mysql8.4-server-8.4.6-2.el10_0.aarch64.rpm aa48465ce6e4fb50c8f06114894f5c2663a05689cf7717ef8dade8dd89c8828f mysql-selinux-1.0.14-1.el10_0.noarch.rpm 6e96fc73b86d1fcb2205efe0362501f06665351449502bf0ca4bd11e15c17025 RLSA-2025:15701 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for cups. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS (CVE-2025-58364) * cups: Authentication Bypass in CUPS Authorization Handling (CVE-2025-58060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms cups-2.4.10-11.el10_0.1.aarch64.rpm 87aa871b1f5a040730904aa08c61c2e0f685bb84008666057e2c05762fbe3463 cups-client-2.4.10-11.el10_0.1.aarch64.rpm 515e778be38926a9e09874a69890bab5765fe29b5ef04df52e7a1806a64ee1fb cups-devel-2.4.10-11.el10_0.1.aarch64.rpm 9feb3f54241be0bc5ce392633a6f64dd684ace7ca7c8b96ba06d00e19c455ad6 cups-ipptool-2.4.10-11.el10_0.1.aarch64.rpm a4b3323e18e17cfad4c1fef711e3f016012a7eeccde0fe0a4c0951abf7c1c4d4 cups-lpd-2.4.10-11.el10_0.1.aarch64.rpm cf404702848ac788050daa911078a4e4df99c60406c17b0df1ad68a67a2e4ab8 cups-printerapp-2.4.10-11.el10_0.1.aarch64.rpm 8e386678f0968838249de866217187f085f30210e18e0545164db71de539059b RLSA-2025:15901 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * podman: Podman kube play command may overwrite host files (CVE-2025-9566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms podman-5.4.0-13.el10_0.aarch64.rpm 8a80c615a19cddafc08963572e8f25bdf1fdc3169629e354ce3ccae869e3dfaa podman-docker-5.4.0-13.el10_0.noarch.rpm d244c5274a4dcfb729f6b4dbaa6d690299fe89c525f5c66f69555dfca5fe9963 podman-remote-5.4.0-13.el10_0.aarch64.rpm 1af574e69db90adc73d42f81ac65965a1a5622c8a78c2c848b369eed974efd43 RLSA-2025:16109 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms firefox-140.3.0-1.el10_0.aarch64.rpm b8d13747225299e999c26eac1088fe785b0460eb93f7e78e6e10796e4c5db3cf RLSA-2025:16115 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for gnutls. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: Vulnerability in GnuTLS certtool template parsing (CVE-2025-32990) * gnutls: Vulnerability in GnuTLS SCT extension parsing (CVE-2025-32989) * gnutls: Vulnerability in GnuTLS otherName SAN export (CVE-2025-32988) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (CVE-2025-6395) Bug Fix(es) and Enhancement(s): * gnutls: Vulnerability in GnuTLS certtool template parsing (BZ#2359620) * gnutls: Vulnerability in GnuTLS SCT extension parsing (BZ#2359621) * gnutls: Vulnerability in GnuTLS otherName SAN export (BZ#2359622) * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (BZ#2376755) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms gnutls-c++-3.8.9-9.el10_0.14.aarch64.rpm 749fcd41a91b30516b51a240ac2259cbce1403ce90d5bcfaff345029f670471a gnutls-dane-3.8.9-9.el10_0.14.aarch64.rpm 69a3678463812dc5492a382b32a68fa1c9d74c5176c290fd280a583b70908f5d gnutls-devel-3.8.9-9.el10_0.14.aarch64.rpm 09bc8dd51da65e1801433a92efcd623fedbdce2610ec674e72793186923e0a22 gnutls-fips-3.8.9-9.el10_0.14.aarch64.rpm 3426c2d31a49dc3301f58b53557f3685f1ab6956e5eff4c7f14b5bd706a873ba gnutls-utils-3.8.9-9.el10_0.14.aarch64.rpm 25c3ba9276d67e6e308c7ddd621314610b6d521c8bf89a837601057fb5c1cdc6 RLSA-2025:16157 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Important

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fix(es): * firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component (CVE-2025-10527) * firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component (CVE-2025-10532) * firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component (CVE-2025-10528) * firefox: thunderbird: Same-origin policy bypass in the Layout component (CVE-2025-10529) * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 (CVE-2025-10537) * firefox: thunderbird: Information disclosure in the Networking: Cache component (CVE-2025-10536) * firefox: thunderbird: Integer overflow in the SVG component (CVE-2025-10533) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms thunderbird-140.3.0-1.el10_0.aarch64.rpm 9b8038f0576d6d9138d123cf6e5ae82d622d4492cd344cdc572d50ad7a045d08 RLSA-2025:16354 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length (CVE-2025-37810) * kernel: sunrpc: fix handling of server side tls alerts (CVE-2025-38566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms kernel-64k-debug-devel-6.12.0-55.34.1.el10_0.aarch64.rpm 52b1e9570431c604d71135d3bfa19456b6913a4176a3a234f3624a00f1ebbf2e kernel-64k-debug-devel-matched-6.12.0-55.34.1.el10_0.aarch64.rpm d84f04b7a5c5145760b8d3e6f8774dc1a09e7240dcd412673d7440755fb4a04d kernel-64k-devel-6.12.0-55.34.1.el10_0.aarch64.rpm 75a05c6f9a10a617b6fd3f83c6bd2f0234067fa2876a5525ec10b14416c48733 kernel-64k-devel-matched-6.12.0-55.34.1.el10_0.aarch64.rpm a626ad3c451f6bc4e48151a5323ab5a408f37955b20fdb4b2418843f8dfe562f kernel-debug-devel-6.12.0-55.34.1.el10_0.aarch64.rpm 907dcc691c4942c3001ff2fcb435d0badb17ea80b341721c644e5dfd8a00c680 kernel-debug-devel-matched-6.12.0-55.34.1.el10_0.aarch64.rpm 3d4d94550e264ba979fc6635bf3c58d591a1b2e058489fb894b19972dc17913e kernel-devel-6.12.0-55.34.1.el10_0.aarch64.rpm 4487b615f2182ecf152c4019fee3e2aa222ad098669d9c2c584445b51d4839b2 kernel-devel-matched-6.12.0-55.34.1.el10_0.aarch64.rpm e0311ba79b2dd7a96ee86b506137c2dc27fb00d2e76951cce968ff9351a7e74e kernel-doc-6.12.0-55.34.1.el10_0.noarch.rpm f9fb5270006daa120355ae10c42284aa2f0091619a2cb1c1fda623e07bec156e perf-6.12.0-55.34.1.el10_0.aarch64.rpm ba082351c6e721ed3f7115849dd4705ae4b44c3e98904bfef1d69cac62258403 python3-perf-6.12.0-55.34.1.el10_0.aarch64.rpm a52a64d69b1aa6abbf638af03395fbea73c60969b914fbb30ee0ac0b96715988 rtla-6.12.0-55.34.1.el10_0.aarch64.rpm 03a1144272603309a784ff7061379a1374a2137e026bc09085575c46af518584 rv-6.12.0-55.34.1.el10_0.aarch64.rpm 09ec578c5f8e32076e726729e07e20f086e1d48f6b52f721e137b0390397b92a RLSA-2025:16432 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fix(es): * net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms opentelemetry-collector-0.127.0-3.el10_0.aarch64.rpm 9473a67556c27fd9cb2e81fce975b6ee3cf4b388830c31c03eca88212dc79f40 RLSA-2025:16428 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for libtpms. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtpms is a library providing Trusted Platform Module (TPM) functionality for virtual machines. Security Fix(es): * libtpms: Libtpms Out-of-Bounds Read Vulnerability (CVE-2025-49133) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms libtpms-0.9.6-11.el10_0.aarch64.rpm 0fbd2094685d8174e0296a6f7114216da3410a37a87cfb812b3b843e7124a1ae RLSA-2025:16441 Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 10 1 Moderate

An update is available for avahi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Security Fix(es): * avahi: Avahi Wide-Area DNS Uses Constant Source Port (CVE-2024-52615) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-10-0-aarch64-appstream-rpms avahi-devel-0.9~rc2-1.el10_0.1.aarch64.rpm 935eabdd1a6105dad319f3b06f5cec264cb426bac24af736b64bf271c990cb01 avahi-glib-0.9~rc2-1.el10_0.1.aarch64.rpm 66d4fdf5d4bdd03e4c8c242b1c05915c5457482ee720ce53c686073c72db812b avahi-tools-0.9~rc2-1.el10_0.1.aarch64.rpm 90cf2322308479cbbf5d54e6b311f841c6bdca9795284ee255884495ecc26e16