Release date:
2026-05-20 10:44:00 UTC
Description:
- CVE-2026-40164: randomize hash seed to mitigate hash collision DoS
- CVE-2026-40612: limit containment check depth
- CVE-2026-41256: fix NUL truncation in program files loaded with -f
- CVE-2026-41257: fix signed-int overflow in stack_reallocate
- CVE-2026-43894: cap numeric literal length to DEC_MAX_DIGITS
- CVE-2026-43895: reject embedded NUL bytes in module import paths
- CVE-2026-43896: limit recursive object merge depth
- CVE-2026-44777: detect circular module imports
Updated packages:
-
jq-1.6-17.el9_6.2.tuxcare.els3.i686.rpm
sha:f0202326ef93d89c6895d45ecedc1fd71f5115835ffdb6c8753017b2ad80a180
-
jq-1.6-17.el9_6.2.tuxcare.els3.x86_64.rpm
sha:e57216fb6658d7b292061f8c30eadcfa8ef559279e7b8be56c629582fb1c92b0
-
jq-devel-1.6-17.el9_6.2.tuxcare.els3.i686.rpm
sha:ad7579f8d89abc5113652500e7918e6fc9bb3916d1189f6700778b41be43cc41
-
jq-devel-1.6-17.el9_6.2.tuxcare.els3.x86_64.rpm
sha:694e809fd7c17c2746be4bf2f49fb63579f8752992c44e7d3b18466b854bdb6a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
