CLSA-2026:1772572505

[CLSA-2026:1772572505] munge: Fix of CVE-2026-25506

Type:

security

Severity:

Important

Release date:

2026-03-03 21:15:10 UTC

Description:

- CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks
  and input validation for address length; prevent leak of cryptographic MAC
  subkey and forging of arbitrary credentials

Updated packages:

munge-0.5.13-13.el9_6.tuxcare.els1.x86_64.rpm
sha:c77a64301c1ff690a0b1c2e518cb4bc248b33a1edb939f75f0d1aba24d97cf25
munge-devel-0.5.13-13.el9_6.tuxcare.els1.i686.rpm
sha:fe2209544090c27f6eb5620ff45ac5b524885e8fb1979cbf75ad438bdfad7231
munge-devel-0.5.13-13.el9_6.tuxcare.els1.x86_64.rpm
sha:ee9420977d1cf82fbbabed9a68a33cd29f0049b47b63b26eeae6c295ed1acbef
munge-libs-0.5.13-13.el9_6.tuxcare.els1.i686.rpm
sha:fea88d7385dcbd4211e791a150caf26c666dbdc84f48bbe2ddb6688a5d9e7370
munge-libs-0.5.13-13.el9_6.tuxcare.els1.x86_64.rpm
sha:134434ef609ee36c06a5bb1185c92108191dac39698112ae12178d096323e710

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.