Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora 44 Apptainer Important Denial of Service Fix CVE-2026-27145

fedora
Calendar Grey July 2, 2026
Dist Fedora Esm H88
Apptainer update to 1.5.2 in Fedora 44 addresses CVE-2026-27145 Denial of Service potential due to DNS entries.
Update to upstream 1.5.2

Summary

Apptainer provides functionality to make portable

containers that can be used across host environments.

Update Information:

Update to upstream 1.5.2. Also fixes CVE-2026-27145 because golang was new enough.

Change Log

* Tue Jun 23 2026 Dave Dykstra - 1.5.2 - Update to upstream 1.5.2 * Mon Jun 22 2026 Dave Dykstra - 1.5.1-2 - Rebuild after applying patch to skip PRoot on x86_64 f45.

References


[ 1 ] Bug #2437258 - Apptainer is compiled without FIPS support https://bugzilla.redhat.com/show_bug.cgi?id=2437258 [ 2 ] Bug #2489307 - Apptainer persistently segfaults during SIF file compression using mksquashfs https://bugzilla.redhat.com/show_bug.cgi?id=2489307 [ 3 ] Bug #2494375 - CVE-2026-27145 apptainer: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494375

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ca1825e29e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: apptainer
Product: Fedora 44
Version: 1.5.2
Release: 1.fc44
Summary: Application and environment virtualization formerly known as Singularity

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here