Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-21676 http://linux.oracle.com/errata/ELSA-2026-21676.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: cockpit-356.2-1.0.1.el10_2.x86_64.rpm cockpit-bridge-356.2-1.0.1.el10_2.noarch.rpm cockpit-doc-356.2-1.0.1.el10_2.noarch.rpm cockpit-packagekit-356.2-1.0.1.el10_2.noarch.rpm cockpit-storaged-356.2-1.0.1.el10_2.noarch.rpm cockpit-system-356.2-1.0.1.el10_2.noarch.rpm cockpit-ws-356.2-1.0.1.el10_2.x86_64.rpm cockpit-ws-selinux-356.2-1.0.1.el10_2.x86_64.rpm aarch64: cockpit-356.2-1.0.1.el10_2.aarch64.rpm cockpit-bridge-356.2-1.0.1.el10_2.noarch.rpm cockpit-doc-356.2-1.0.1.el10_2.noarch.rpm cockpit-packagekit-356.2-1.0.1.el10_2.noarch.rpm cockpit-storaged-356.2-1.0.1.el10_2.noarch.rpm cockpit-system-356.2-1.0.1.el10_2.noarch.rpm cockpit-ws-356.2-1.0.1.el10_2.aarch64.rpm cockpit-ws-selinux-356.2-1.0.1.el10_2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/cockpit-356.2-1.0.1.el10_2.src.rpm Related CVEs: CVE-2026-4802 Description of changes: [356.2-1.0.1] - Storage: Enable btrfs support [Orabug: 37464632] - Replaced upstream urls in documentation with oracle links [Orabug: 36528753] - Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110] - Remove duplicate reference to server in cockpit [Orabug: 34030494] - Update documentation links [Orabug: 30271413], [Orabug: 32013095], [Orabug: 32795691], [Orabug: 34398512], [Orabug: 34742876], [Orabug: 37253273] - Update spec file for new release [356.1-1] - ws: Prevent remote code execution with SSH argument injection (RHEL-158306) - node: update lodash dependency (RHEL-164067) _______________________________________________ El-errata mailing list
Important: perl-DBI:1.641 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:38901", "synopsis": "Important: perl-DBI:1.641 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for perl-DBI, module.perl-DBI.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The perl-DBI package provides the standard database interface module for the Perl programming language. It implements a database-independent interface, meaning it defines a consistent set of methods, variables, and conventions for database operations.\n\nSecurity Fix(es):\n\n* DBI: DBI: Buffer overflow in error handling can lead to arbitrary code execution (CVE-2026-9698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2486734", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2486734", "description": ""}], "cves": [{"name": "CVE-2026-9698", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9698", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "8.2", "cwe": "CWE-120"}], "references": [], "publishedAt": "2026-07-15T12:01:08.928069Z", "rpms": {"Rocky Linux 8": {"nvras": ["perl-DBI-0:1.641-5.module+el8.10.0+40245+1df7f06b.aarch64.rpm", "perl-DBI-0:1.641-5.module+el8.10.0+40245+1df7f06b.src.rpm", "perl-DBI-0:1.641-5.module+el8.10.0+40245+1df7f06b.x86_64.rpm", "perl-DBI-debuginfo-0:1.641-5.module+el8.10.0+40245+1df7f06b.aarch64.rpm", "perl-DBI-debuginfo-0:1.641-5.module+el8.10.0+40245+1df7f06b.x86_64.rpm", "perl-DBI-debugsource-0:1.641-5.module+el8.10.0+40245+1df7f06b.aarch64.rpm","perl-DBI-debugsource-0:1.641-5.module+el8.10.0+40245+1df7f06b.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Perl-DBI receives important security updates for Rocky Linux addressing a buffer overflow that could lead to code execution.. Rocky Linux updates, perl-DBI security, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
alsa-lib could be made to crash or run programs as your login if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8538-1 July 14, 2026 alsa-lib vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: alsa-lib could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - alsa-lib: shared library for ALSA applications Details: It was discovered that alsa-lib incorrectly handled certain ALSA configuration text. An attacker could use this issue to cause alsa-lib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libasound2t64 1.2.15.3-1ubuntu1.1 Ubuntu 24.04 LTS libasound2t64 1.2.11-1ubuntu0.3 Ubuntu 22.04 LTS libasound2 1.2.6.1-1ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8538-1 CVE-2026-56109 Package Information: https://launchpad.net/ubuntu/+source/alsa-lib/1.2.15.3-1ubuntu1.1 https://launchpad.net/ubuntu/+source/alsa-lib/1.2.11-1ubuntu0.3 https://launchpad.net/ubuntu/+source/alsa-lib/1.2.6.1-1ubuntu1.2 . Security concerns with alsa-lib in Ubuntu may lead to crashes or unauthorized program execution if crafted files are opened. Update now!. Alsa-Lib Security, Ubuntu Update, Denial of Service, Critical Vulnerability. . Severity: Critical. LinuxSecurity.com Team
It was discovered that there were two issues in Redis, the in-memory key/value database: CVE-2026-23631 An authenticated attacker could have exploited the master-replica synchronization mechanism to trigger a use-after-free on replicas. Debian LTS Advisory DLA-4682-1
Several security issues were fixed in libssh2.. ========================================================================== Ubuntu Security Notice USN-8532-1 July 13, 2026 libssh2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS Summary: Several security issues were fixed in libssh2. Software Description: - libssh2: Client-side C library implementing the SSH2 protocol Details: It was discovered that libssh2 incorrectly handled certain publickey subsystem attributes. A remote attacker controlling a malicious SSH server could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2026-58050) It was discovered that libssh2 did not properly initialize publickey list entries before parsing. A remote attacker controlling a malicious SSH server could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2026-58051) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libssh2-1t64 1.11.1-1ubuntu0.26.04.3 Ubuntu 24.04 LTS libssh2-1t64 1.11.0-4.1ubuntu0.24.04.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8532-1 CVE-2026-58050, CVE-2026-58051 Package Information: https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.26.04.3 https://launchpad.net/ubuntu/+source/libssh2/1.11.0-4.1ubuntu0.24.04.3 . Recent fixes for libssh2 address critical security issues in Ubuntu affecting remote code execution and denial of service.. Ubuntu libssh2 security fix, remote code execution Ubuntu, denial of service vulnerability, libssh2 issues, security update Ubuntu. . Severity: Critical. LinuxSecurity.com Team
1.2.9, CVE fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fbd55e52fb 2026-07-12 01:10:38.798647+00:00 -------------------------------------------------------------------------------- Name : python-dulwich Product : Fedora 44 Version : 1.2.9 Release : 1.fc44 URL : https://www.dulwich.io/ Summary : Python implementation of the Git file formats and protocols Description : Dulwich is a Python implementation of the Git file formats and protocols. The project is named after the village in which Mr. and Mrs. Git live in the Monty Python sketch. -------------------------------------------------------------------------------- Update Information: 1.2.9, CVE fixes -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Gwyn Ciesla - 1.2.9-1 - 1.2.9 * Mon Jul 6 2026 Gwyn Ciesla - 1.2.8-1 - 1.2.8 * Tue Jun 30 2026 Gwyn Ciesla - 1.2.7-1 - 1.2.7 * Tue Jun 30 2026 Benjamin A. Beasley - 1.2.6-3 - Allow PyO3 0.29 - Update the `License` expression * Thu Jun 4 2026 Python Maint - 1.2.6-2 - Rebuilt for Python 3.15 * Tue Jun 2 2026 Gwyn Ciesla - 1.2.6-1 - 1.2.6 * Fri May 29 2026 Gwyn Ciesla - 1.2.5-1 - 1.2.5 * Thu May 21 2026 Gwyn Ciesla - 1.2.3-1 - 1.2.3 * Wed Apr 29 2026 Gwyn Ciesla - 1.2.1-1 - 1.2.1 * Thu Apr 23 2026 Gwyn Ciesla - 1.2.0-1 - 1.2.0 * Wed Feb 18 2026 Gwyn Ciesla - 1.1.0-1 - 1.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2487904 - CVE-2026-47712 python-dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487904 [ 2 ] Bug #2487907 - CVE-2026-47734 python-dulwich: Dulwich: Denial of Service via crafted Git thin pack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487907 [ 3 ] Bug #2498479 -CVE-2026-42305 python-dulwich: Dulwich: Remote Code Execution via Malicious Git Repository [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498479 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fbd55e52fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
This update addresses a few security issues, one of which could plausibly result in remote code execution.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-eed9e67393 2026-07-12 00:58:35.903616+00:00 -------------------------------------------------------------------------------- Name : libssh2 Product : Fedora 43 Version : 1.11.1 Release : 9.fc43 URL : https://www.libssh2.org/ Summary : A library implementing the SSH2 protocol Description : libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). -------------------------------------------------------------------------------- Update Information: This update addresses a few security issues, one of which could plausibly result in remote code execution. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 25 2026 Paul Howarth - 1.11.1-9 - Fix CVE-2025-15661: Information disclosure and denial of service via crafted SFTP response * Tue Jun 23 2026 Mikel Olasagasti Uranga - 1.11.1-8 - Fix CVE-2026-55200 & CVE-2026-55199 * Fri Jun 12 2026 Yaakov Selkowitz - 1.11.1-7 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2491730 - CVE-2026-55199 libssh2: libssh2: Denial of Service via crafted SSH_MSG_EXT_INFO message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2491730 [ 2 ] Bug #2491738 - CVE-2026-55200 libssh2: libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2491738 [ 3 ] Bug #2492698 - CVE-2025-15661 libssh2: libssh2: Information disclosure and denial of service via crafted SFTP response [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2492698 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-eed9e67393' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
An update that solves four vulnerabilities can now be installed.. # Security update for libaom Announcement ID: SUSE-SU-2026:2829-1 Release Date: 2026-07-09T18:40:25Z Rating: important References: * bsc#1268650 * bsc#1268651 * bsc#1268653 * bsc#1268655 Cross-References: * CVE-2026-56208 * CVE-2026-56209 * CVE-2026-56210 * CVE-2026-56211 CVSS scores: * CVE-2026-56208 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56208 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2026-56208 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-56208 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-56209 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56209 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-56209 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2026-56209 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2026-56210 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-56210 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-56210 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-56210 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-56211 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56211 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-56211 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2026-56211 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSELinux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for libaom fixes the following issues: * CVE-2026-56208: untrusted encoder configuration inputs can lead to a heap- based buffer overflow and a process crash (bsc#1268650). * CVE-2026-56209: crafted video frames with specific Y-plane pixel values can lead to an arbitrary memory write (bsc#1268651). * CVE-2026-56210: missing bounds check on layer_id inputs can lead to an out- of-bounds heap read (bsc#1268653). * CVE-2026-56211: out-of-range spatial/temporal layer selection can lead to remote code execution (bsc#1268655). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2829=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2829=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2829=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2829=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patchSUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2829=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2829=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2829=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libaom3-64bit-debuginfo-3.7.1-150400.3.12.1 * libaom3-64bit-3.7.1-150400.3.12.1 * openSUSE Leap 15.4 (x86_64) * libaom3-32bit-3.7.1-150400.3.12.1 * libaom3-32bit-debuginfo-3.7.1-150400.3.12.1 * openSUSE Leap 15.4 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP5 (aarch64 x86_64) * libaom-debugsource-3.7.1-150400.3.12.1 * aom-tools-debuginfo-3.7.1-150400.3.12.1 * libaom3-3.7.1-150400.3.12.1 * libaom-devel-3.7.1-150400.3.12.1 * aom-tools-3.7.1-150400.3.12.1 * libaom3-debuginfo-3.7.1-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * libaom-devel-doc-3.7.1-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-56208.html * https://www.suse.com/security/cve/CVE-2026-56209.html * https://www.suse.com/security/cve/CVE-2026-56210.html * https://www.suse.com/security/cve/CVE-2026-56211.html * https://bugzilla.suse.com/show_bug.cgi?id=1268650 * https://bugzilla.suse.com/show_bug.cgi?id=1268651 * https://bugzilla.suse.com/show_bug.cgi?id=1268653 * https://bugzilla.suse.com/show_bug.cgi?id=1268655 . # Security update for libaom Announcement ID: SUSE-SU-2026:2829-1 Release Date: 2026-07-09T18:40:25Z. update, solves, vulnerabilities, installed, security, libaom, announ. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.