Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:22713: Important: rhc security update

cve-2026-32283redhattlscve-2026-32280
This security update addresses two high-severity Denial of Service vulnerabilities (CVE-2026-32283 and CVE-2026-32280, both CVSS 7.5) in the Go crypto/tls and crypto/x509 libraries, exploitable via crafted TLS 1.3 key update messages and certificate chain building respectively. The underlying Go language vulnerabilities affect versions prior to Go 1.25.9 and Go 1.26.0 through 1.26.1, requiring an update to Go 1.25.9 or 1.26.2. The patch is delivered via an Important update for the `rhc` client on Red Hat Enterprise Linux 10.0 Extended Update Support.
Read Full Article →

Red Hat Product Errata RHSA-2026:22713 - Security Advisory Issued: 2026-06-03 Updated: 2026-06-03 RHSA-2026:22713 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 x86_64 rhc-0.3.2-4.el10_0.x86_64.rpm SHA-256: 053bf4f4affdbfad36e7caf61483a5464ad6ed9c9abcd0c76b901e2e375c640d rhc-debuginfo-0.3.2-4.el10_0.x86_64.rpm SHA-256: 861a046bea51e972bb4f46068aac7f18b888e4591c57deab7933375f8c6d67d0 rhc-debugsource-0.3.2-4.el10_0.x86_64.rpm SHA-256: adc6ab797fa8bb19a490bc398d1271f63397e90fb49d72a182cc24fb21c9f075 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 s390x rhc-0.3.2-4.el10_0.s390x.rpm SHA-256: 835ee2945bd8068fb3fbf21bd7eb2a10ea1f08a578b2575f4bdc57a26fe5356e rhc-debuginfo-0.3.2-4.el10_0.s390x.rpm SHA-256: cee06c0670241187f9cdff77cf7b633a0266494c73950d3c126c5cace5797646 rhc-debugsource-0.3.2-4.el10_0.s390x.rpm SHA-256: fceda36827e3afc0b0f4569489fac013e69eeb9dc660d4888e9289ca706a79b5 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 ppc64le rhc-0.3.2-4.el10_0.ppc64le.rpm SHA-256: 8a8c3bb019ae72eb6d9f03de76edf33f9aea59a073ad2c319dc92d2da581ecd9 rhc-debuginfo-0.3.2-4.el10_0.ppc64le.rpm SHA-256: 08ac3263a3584bde72e67c8c8844b650bfa3bbc2fe2d3795034564d6f8fdd549 rhc-debugsource-0.3.2-4.el10_0.ppc64le.rpm SHA-256: c16d05725beb1a2975f0daba73722a4d40dda3d7de9e1edf8ecde47b3637f5cd Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 aarch64 rhc-0.3.2-4.el10_0.aarch64.rpm SHA-256: 411d4ce9901d9645ccbcba0bf2f14af272174d5284b3310e4dcfd0c94f150d9d rhc-debuginfo-0.3.2-4.el10_0.aarch64.rpm SHA-256: 5af79328bede500b738f10af40756e5a4473f23277d1dd0cf3433fd72dd2aad4 rhc-debugsource-0.3.2-4.el10_0.aarch64.rpm SHA-256: d0aed030aa61b60a9d1dd5ea0c8d3e127045934820aff8bc7e4cbbdf994b773e Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 aarch64 rhc-0.3.2-4.el10_0.aarch64.rpm SHA-256: 411d4ce9901d9645ccbcba0bf2f14af272174d5284b3310e4dcfd0c94f150d9d rhc-debuginfo-0.3.2-4.el10_0.aarch64.rpm SHA-256: 5af79328bede500b738f10af40756e5a4473f23277d1dd0cf3433fd72dd2aad4 rhc-debugsource-0.3.2-4.el10_0.aarch64.rpm SHA-256: d0aed030aa61b60a9d1dd5ea0c8d3e127045934820aff8bc7e4cbbdf994b773e Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 s390x rhc-0.3.2-4.el10_0.s390x.rpm SHA-256: 835ee2945bd8068fb3fbf21bd7eb2a10ea1f08a578b2575f4bdc57a26fe5356e rhc-debuginfo-0.3.2-4.el10_0.s390x.rpm SHA-256: cee06c0670241187f9cdff77cf7b633a0266494c73950d3c126c5cace5797646 rhc-debugsource-0.3.2-4.el10_0.s390x.rpm SHA-256: fceda36827e3afc0b0f4569489fac013e69eeb9dc660d4888e9289ca706a79b5 Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 ppc64le rhc-0.3.2-4.el10_0.ppc64le.rpm SHA-256: 8a8c3bb019ae72eb6d9f03de76edf33f9aea59a073ad2c319dc92d2da581ecd9 rhc-debuginfo-0.3.2-4.el10_0.ppc64le.rpm SHA-256: 08ac3263a3584bde72e67c8c8844b650bfa3bbc2fe2d3795034564d6f8fdd549 rhc-debugsource-0.3.2-4.el10_0.ppc64le.rpm SHA-256: c16d05725beb1a2975f0daba73722a4d40dda3d7de9e1edf8ecde47b3637f5cd Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 SRPM rhc-0.3.2-4.el10_0.src.rpm SHA-256: 01914e6dea10f95acfe9a6fe34043462db1a0ecf163a1b17e185e9f09362ec09 x86_64 rhc-0.3.2-4.el10_0.x86_64.rpm SHA-256: 053bf4f4affdbfad36e7caf61483a5464ad6ed9c9abcd0c76b901e2e375c640d rhc-debuginfo-0.3.2-4.el10_0.x86_64.rpm SHA-256: 861a046bea51e972bb4f46068aac7f18b888e4591c57deab7933375f8c6d67d0 rhc-debugsource-0.3.2-4.el10_0.x86_64.rpm SHA-256: adc6ab797fa8bb19a490bc398d1271f63397e90fb49d72a182cc24fb21c9f075 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .

Related Articles

HIGH RHSA-2026:22130: Important: rhc security update Red Hat Errata HIGH RHSA-2026:16021: Important: golang security update Red Hat Errata INFO RHSA-2026:19353: Important: opentelemetry-collector security update Red Hat Errata HIGH RHSA-2026:19714: Important: rhc-worker-playbook security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn