Alerts This Week
Warning Icon 1 1,146
Alerts This Week
Warning Icon 1 1,146

Fedora 43 Apptainer Important DoS Fix CVE-2026-27145 FEDORA-2026-f8ab642466

fedora
Calendar Grey July 2, 2026
Dist Fedora Esm H88
Fixes CVE-2026-27145 in Apptainer 1.5.2 for Fedora 43, resolving denial of service issues.
Update to upstream 1.5.2

Summary

Apptainer provides functionality to make portable

containers that can be used across host environments.

Update Information:

Update to upstream 1.5.2. Also fixes CVE-2026-27145 because golang was new enough.

Change Log

* Tue Jun 23 2026 Dave Dykstra - 1.5.2 - Update to upstream 1.5.2

References


[ 1 ] Bug #2437258 - Apptainer is compiled without FIPS support https://bugzilla.redhat.com/show_bug.cgi?id=2437258 [ 2 ] Bug #2489307 - Apptainer persistently segfaults during SIF file compression using mksquashfs https://bugzilla.redhat.com/show_bug.cgi?id=2489307 [ 3 ] Bug #2494375 - CVE-2026-27145 apptainer: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494375

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f8ab642466' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: apptainer
Product: Fedora 43
Version: 1.5.2
Release: 1.fc43
Summary: Application and environment virtualization formerly known as Singularity

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here