CLSA-2026-1779701895

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1779701895

Upstream

CVE-2026-32280

CVE-2026-32283

CVE-2026-34986

Published

2026-05-25T09:38:19Z

Modified

2026-06-01T00:32:54.841643835Z

Summary

podman: Fix of 3 CVEs

Details

Rebuild with golang >= 1.25.7-1.el9_6.tuxcare.els5 to fix Go standard library CVEs:
- CVE-2026-32280: cap intermediate certificates in crypto/x509 chain building to mitigate denial-of-service via excessive chain construction work
- CVE-2026-32283: prevent crypto/tls deadlock when a TLS 1.3 peer sends multiple key update messages in a single record
CVE-2026-34986: fix panic in vendored go-jose/v3 when decrypting a JWE whose alg field requests a key-wrapping algorithm (suffix KW, excluding GCMKW variants) with an empty encrypted_key

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1779701895.html

Affected packages

TuxCare:AlmaLinux:9.6

podman

Package

Name: podman
Purl: pkg:rpm/tuxcare/podman?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.4.0-13.el9_6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json"

podman-docker

Package

Name: podman-docker
Purl: pkg:rpm/tuxcare/podman-docker?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.4.0-13.el9_6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json"

podman-plugins

Package

Name: podman-plugins
Purl: pkg:rpm/tuxcare/podman-plugins?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.4.0-13.el9_6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json"

podman-remote

Package

Name: podman-remote
Purl: pkg:rpm/tuxcare/podman-remote?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.4.0-13.el9_6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json"

podman-tests

Package

Name: podman-tests
Purl: pkg:rpm/tuxcare/podman-tests?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.4.0-13.el9_6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779701895.json"