Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19450: Important: yggdrasil security update

rhelmqttcve-2026-32283
A vulnerability (CVE-2026-32283, CVSS 7.5 HIGH) in the Go `crypto/tls` library allows for a Denial of Service attack via the transmission of multiple TLS 1.3 key update messages. The flaw affects the yggdrasil daemon on Red Hat Enterprise Linux 10.0 EUS and impacts Go versions `< 1.25.9` and `>= 1.26.0, < 1.26.2`. The fix requires updating the underlying Go runtime to version `1.25.9` or `1.26.2`.
Read Full Article →

Red Hat Product Errata RHSA-2026:19450 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19450 - Security Advisory Overview Updated Packages Synopsis Important: yggdrasil security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for yggdrasil is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fix(es): crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVEs CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 x86_64 yggdrasil-0.4.7-4.el10_0.x86_64.rpm SHA-256: 3f9b8cb219e34d0ea47977e741186df52d61c0b157873ab5e7e81313f5f882b6 yggdrasil-debuginfo-0.4.7-4.el10_0.x86_64.rpm SHA-256: 3473ea9412eeadbe626a9669df08479bdacae03012280463f37c3b254cc0e1e5 yggdrasil-debugsource-0.4.7-4.el10_0.x86_64.rpm SHA-256: f710b8ef12b5aac28518094dc649786615381b65b4613f7cf91283227f4f99c2 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.x86_64.rpm SHA-256: 490b452d355933773cb5c39a1fa636279c7604bb1e1629e0b26d969b96348e8d Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 s390x yggdrasil-0.4.7-4.el10_0.s390x.rpm SHA-256: 4b75e1b016a34c5de442502922dde8e0ced3ba1bfad3883f9b0f8106357ea783 yggdrasil-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: ed1c2aea9663dedf1dfc0d512a5f4b4d154fd81a939b8074d52cc990209726f4 yggdrasil-debugsource-0.4.7-4.el10_0.s390x.rpm SHA-256: 3424e24280251f1a8d87011c134d9ab605c094b7f0600f0ef693ea8501656c3b yggdrasil-examples-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: c5c9238cf013027893876f137a1c915b68af446ed646a280420a11e2a5b81e0c Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 ppc64le yggdrasil-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 17bf1597eb0bd553e4fada367c820c0b8fd871fbf0a5e6c44cbdd364645211fb yggdrasil-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 68b53d7b64f7f25473d4e8f220529b3267f0a2e5a320deec4863ef5b2e15fe18 yggdrasil-debugsource-0.4.7-4.el10_0.ppc64le.rpm SHA-256: dea43914f651042f424732b809e79b4a0ed3778facb1ec28c8f1bad89acbe059 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 809f45205656a50c07af8e852a4a9c64a2bfdb53a31d8c25472b7c24dad11ca8 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 aarch64 yggdrasil-0.4.7-4.el10_0.aarch64.rpm SHA-256: 198a805a4736a662acda8960c960efc943f661703790d15812997b8c9c39351d yggdrasil-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 544f0f08d53e37b0551fdfa5b3f17d5ca9ef7df1708050b18a57db5e95ed61bf yggdrasil-debugsource-0.4.7-4.el10_0.aarch64.rpm SHA-256: 0ace815a8f712e8adff8ea7f1718e35f3e61c5f792f737c6cdbfdf96bd98a4fd yggdrasil-examples-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 69e15692ecd1545bf304ca112a87121643ff4d702338c16c9ac7c16fa80b2b36 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 SRPM x86_64 yggdrasil-debuginfo-0.4.7-4.el10_0.x86_64.rpm SHA-256: 3473ea9412eeadbe626a9669df08479bdacae03012280463f37c3b254cc0e1e5 yggdrasil-debugsource-0.4.7-4.el10_0.x86_64.rpm SHA-256: f710b8ef12b5aac28518094dc649786615381b65b4613f7cf91283227f4f99c2 yggdrasil-devel-0.4.7-4.el10_0.x86_64.rpm SHA-256: c19c6dc6f32972a9b7b7a1b5c0a024b0140e59e243304c7c7ba780d5418d9b90 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.x86_64.rpm SHA-256: 490b452d355933773cb5c39a1fa636279c7604bb1e1629e0b26d969b96348e8d Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 SRPM ppc64le yggdrasil-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 68b53d7b64f7f25473d4e8f220529b3267f0a2e5a320deec4863ef5b2e15fe18 yggdrasil-debugsource-0.4.7-4.el10_0.ppc64le.rpm SHA-256: dea43914f651042f424732b809e79b4a0ed3778facb1ec28c8f1bad89acbe059 yggdrasil-devel-0.4.7-4.el10_0.ppc64le.rpm SHA-256: d3044ccc61bc7d8e26121c6636ae0961b49f4923c678c1b51bdfcd5ae2d14841 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 809f45205656a50c07af8e852a4a9c64a2bfdb53a31d8c25472b7c24dad11ca8 Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 SRPM s390x yggdrasil-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: ed1c2aea9663dedf1dfc0d512a5f4b4d154fd81a939b8074d52cc990209726f4 yggdrasil-debugsource-0.4.7-4.el10_0.s390x.rpm SHA-256: 3424e24280251f1a8d87011c134d9ab605c094b7f0600f0ef693ea8501656c3b yggdrasil-devel-0.4.7-4.el10_0.s390x.rpm SHA-256: af5567d4ad9bdbcb39494c57b387dcd1024de7134252f3ada78b29790cb6a559 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: c5c9238cf013027893876f137a1c915b68af446ed646a280420a11e2a5b81e0c Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 SRPM aarch64 yggdrasil-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 544f0f08d53e37b0551fdfa5b3f17d5ca9ef7df1708050b18a57db5e95ed61bf yggdrasil-debugsource-0.4.7-4.el10_0.aarch64.rpm SHA-256: 0ace815a8f712e8adff8ea7f1718e35f3e61c5f792f737c6cdbfdf96bd98a4fd yggdrasil-devel-0.4.7-4.el10_0.aarch64.rpm SHA-256: e550df40d8771f22324be82f694172727b52b61eac3c8d7ad2c7289364869e78 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 69e15692ecd1545bf304ca112a87121643ff4d702338c16c9ac7c16fa80b2b36 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 aarch64 yggdrasil-0.4.7-4.el10_0.aarch64.rpm SHA-256: 198a805a4736a662acda8960c960efc943f661703790d15812997b8c9c39351d yggdrasil-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 544f0f08d53e37b0551fdfa5b3f17d5ca9ef7df1708050b18a57db5e95ed61bf yggdrasil-debugsource-0.4.7-4.el10_0.aarch64.rpm SHA-256: 0ace815a8f712e8adff8ea7f1718e35f3e61c5f792f737c6cdbfdf96bd98a4fd yggdrasil-examples-debuginfo-0.4.7-4.el10_0.aarch64.rpm SHA-256: 69e15692ecd1545bf304ca112a87121643ff4d702338c16c9ac7c16fa80b2b36 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 s390x yggdrasil-0.4.7-4.el10_0.s390x.rpm SHA-256: 4b75e1b016a34c5de442502922dde8e0ced3ba1bfad3883f9b0f8106357ea783 yggdrasil-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: ed1c2aea9663dedf1dfc0d512a5f4b4d154fd81a939b8074d52cc990209726f4 yggdrasil-debugsource-0.4.7-4.el10_0.s390x.rpm SHA-256: 3424e24280251f1a8d87011c134d9ab605c094b7f0600f0ef693ea8501656c3b yggdrasil-examples-debuginfo-0.4.7-4.el10_0.s390x.rpm SHA-256: c5c9238cf013027893876f137a1c915b68af446ed646a280420a11e2a5b81e0c Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 ppc64le yggdrasil-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 17bf1597eb0bd553e4fada367c820c0b8fd871fbf0a5e6c44cbdd364645211fb yggdrasil-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 68b53d7b64f7f25473d4e8f220529b3267f0a2e5a320deec4863ef5b2e15fe18 yggdrasil-debugsource-0.4.7-4.el10_0.ppc64le.rpm SHA-256: dea43914f651042f424732b809e79b4a0ed3778facb1ec28c8f1bad89acbe059 yggdrasil-examples-debuginfo-0.4.7-4.el10_0.ppc64le.rpm SHA-256: 809f45205656a50c07af8e852a4a9c64a2bfdb53a31d8c25472b7c24dad11ca8 Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 SRPM yggdrasil-0.4.7-4.el10_0.src.rpm SHA-256: c3cd506aa5dfdd43b4f2c4a1fa672d33aa0ad4df5ac57d353fad90f8c4709a73 x86_64 yggdrasil-0.4.7-4.el10_0.x

Related Articles

INFO RHSA-2026:16024: Important: golang security update Red Hat Errata HIGH RHSA-2026:17084: Important: gvisor-tap-vsock security update Red Hat Errata HIGH RHSA-2026:17287: Important: podman security update Red Hat Errata INFO RHSA-2026:19550: Important: golang-github-openprinting-ipp-usb security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn