Release date:
2026-05-18 16:56:54 UTC
Description:
- CVE-2026-40164: randomize hash seed to mitigate hash collision DoS
- CVE-2026-40612: limit containment check depth
- CVE-2026-41256: fix NUL truncation in program files loaded with -f
- CVE-2026-41257: fix signed-int overflow in stack_reallocate
- CVE-2026-43894: cap numeric literal length to DEC_MAX_DIGITS
- CVE-2026-43895: reject embedded NUL bytes in module import paths
- CVE-2026-43896: limit recursive object merge depth
- CVE-2026-44777: detect circular module imports
Updated packages:
-
jq-1.6-14.el9.tuxcare.els6.i686.rpm
sha:fd0044ca728a3346aa0516d7d8f791fc6a3b33080c8ac202d0b4ae906cc86e16
-
jq-1.6-14.el9.tuxcare.els6.x86_64.rpm
sha:6f8f2996606d780c67eaff791c8ef79888a57d6a44dbc1c950b5de2f9f04382b
-
jq-devel-1.6-14.el9.tuxcare.els6.i686.rpm
sha:381d1ff79c39260e15752bdbe3957149cf64a575270741a1136e0f326d21ae12
-
jq-devel-1.6-14.el9.tuxcare.els6.x86_64.rpm
sha:be962ecce93fcd099f5a720510e95f070f33a4b38172b4ce3fa05e568ad8ca9a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
