Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora 43 Apptainer Denial of Service Mitigation CVE-2026-32285 Advisory

fedora
Calendar Grey May 18, 2026
Dist Fedora Esm H88
Update for Fedora 43 Apptainer addresses CVE-2026-32285 and CVE-2026-34986 improving container security.
Update to upstream 1.5.0, fix CVE-2026-32285 and CVE-2026-34986 Update to upstream 1.5.0-rc.2 Update to upstream 1.5.0-rc.1

Summary

Apptainer provides functionality to make portable

containers that can be used across host environments.

Update Information:

Update to upstream 1.5.0, fix CVE-2026-32285 and CVE-2026-34986 Update to upstream 1.5.0-rc.2 Update to upstream 1.5.0-rc.1

Change Log

* Wed May 6 2026 Dave Dykstra - 1.5.0 - Update to upstream 1.5.0 * Tue Apr 14 2026 Dave Dykstra - 1.5.0~rc.2 - Update to upstream 1.5.0~rc.2 * Thu Mar 12 2026 Dave Dykstra - 1.5.0~rc.1 - Update to upstream 1.5.0~rc.1

References


[ 1 ] Bug #2447072 - apptainer-1.5.0-rc.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447072 [ 2 ] Bug #2452369 - CVE-2026-32285 apptainer: github.com/buger/jsonparser: Denial of Service via malformed JSON input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2452369 [ 3 ] Bug #2455644 - CVE-2026-34986 apptainer: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455644 [ 4 ] Bug #2467573 - apptainer-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2467573

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6c547e9f64' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: apptainer
Product: Fedora 43
Version: 1.5.0
Release: 1.fc43
Summary: Application and environment virtualization formerly known as Singularity

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here