Red Hat Product Errata RHSA-2026:25248 - Security Advisory Issued: 2026-06-11 Updated: 2026-06-11 RHSA-2026:25248 - Security Advisory Overview Updated Packages Synopsis Important: podman security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729) golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728) golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2418462 - CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate BZ - 2434431 - CVE-2025-61728 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip BZ - 2434432 - CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url BZ - 2437111 - CVE-2025-68121 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url BZ - 2455470 - CVE-2026-34986 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object CVEs CVE-2025-61726 CVE-2025-61728 CVE-2025-61729 CVE-2025-68121 CVE-2026-25679 CVE-2026-34986 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM podman-4.4.1-22.el9_2.11.src.rpm SHA-256: 5d1a6a07e7c14e26be1e180b6de5191fa2a027db8ee7cf5b0885a5ac8a677511 x86_64 podman-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 4230e7a86b19ec1b4e20c4ca82faea9ae46d45dcf74b32ffec86350d34b89de0 podman-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 99e00ceade4bc3e9105b7a16fb7a929a31bb6655683397ddee1f1b61d7c9d3c2 podman-debugsource-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 1ab54553e78eefb53fa3582b50a55b77b0e753ee3ba4c88524a36b6dae047722 podman-docker-4.4.1-22.el9_2.11.noarch.rpm SHA-256: 9494fc608c076f546c2686380d4cdb440a54101ddcb24b16a9b7e63680293717 podman-gvproxy-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 212695373f14a483b62c7b8debb649e5cdabad0c127833c5c5602ca37c37483a podman-gvproxy-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 73b06dafb94ecb666c11417112cda894c7d192d7e53027c135d3e08ef4a6e885 podman-plugins-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: db6929993dfda30b86ca2b1e1ba93308f3423d9b82c6db67593bada522719b98 podman-plugins-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 31134faf237c2cedb6632c1a0ca8d1e22505e0f3a2ed370a5156c70caf6af7f0 podman-remote-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 6700f7b10bfefd3151346ec040e26fbbae87944f0c7d8dcc3a822e0a3943f73b podman-remote-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 56b952cc2792cdfe1f5e3513f33d51d11838af0000f4a0840f9e61c2425850bd podman-tests-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 12efd96e06178f7e92bfc7844abf4cbf71068b17bf09843422ec3ccc56d7ff83 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM podman-4.4.1-22.el9_2.11.src.rpm SHA-256: 5d1a6a07e7c14e26be1e180b6de5191fa2a027db8ee7cf5b0885a5ac8a677511 ppc64le podman-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: 6a1bb2fd736d1c0a3d4156d4129b19ec6cdb9324b4286c456eff29cf7bf982a7 podman-debuginfo-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: ff7d1483e6a1ddf012a6000474cf1f828330b394a94e6c9fe05d42e3711438f0 podman-debugsource-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: 6562e5be1e020dff51230f2327a32cd53777c9cf8a9e326e0b6e8a5bcd5d9973 podman-docker-4.4.1-22.el9_2.11.noarch.rpm SHA-256: 9494fc608c076f546c2686380d4cdb440a54101ddcb24b16a9b7e63680293717 podman-gvproxy-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: 8ed48c021160ef61ecd15224fc575588da4cf9a3d30266026a0862221e4b9c53 podman-gvproxy-debuginfo-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: 9b6dc73a2fb1db2a09fa3ce3f60fbd04ef99a76bae208bbdf357c8391df0b9cd podman-plugins-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: a6f449c63a32cc86b4c600da21a2b37b890954ac17b40fe0bcd52b92d05b673d podman-plugins-debuginfo-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: ce322a863ae86cd5536035cd7c7ff7dbd0de86e4f7ce8b4ee262a8bbad5abac7 podman-remote-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: 72d231e8f955b5799e1fad34cbb209fbc9d964b88f889428f2952955025d01fb podman-remote-debuginfo-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: afc7874852015da2848bebbfd930eb2571b1c2bb8a4609d8ed12027725b0d04e podman-tests-4.4.1-22.el9_2.11.ppc64le.rpm SHA-256: b6c5f67b4b73041f464960c50e6a90c5079bf31dbb7a312a31880d86ee4c8f75 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM podman-4.4.1-22.el9_2.11.src.rpm SHA-256: 5d1a6a07e7c14e26be1e180b6de5191fa2a027db8ee7cf5b0885a5ac8a677511 x86_64 podman-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 4230e7a86b19ec1b4e20c4ca82faea9ae46d45dcf74b32ffec86350d34b89de0 podman-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 99e00ceade4bc3e9105b7a16fb7a929a31bb6655683397ddee1f1b61d7c9d3c2 podman-debugsource-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 1ab54553e78eefb53fa3582b50a55b77b0e753ee3ba4c88524a36b6dae047722 podman-docker-4.4.1-22.el9_2.11.noarch.rpm SHA-256: 9494fc608c076f546c2686380d4cdb440a54101ddcb24b16a9b7e63680293717 podman-gvproxy-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 212695373f14a483b62c7b8debb649e5cdabad0c127833c5c5602ca37c37483a podman-gvproxy-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 73b06dafb94ecb666c11417112cda894c7d192d7e53027c135d3e08ef4a6e885 podman-plugins-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: db6929993dfda30b86ca2b1e1ba93308f3423d9b82c6db67593bada522719b98 podman-plugins-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 31134faf237c2cedb6632c1a0ca8d1e22505e0f3a2ed370a5156c70caf6af7f0 podman-remote-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 6700f7b10bfefd3151346ec040e26fbbae87944f0c7d8dcc3a822e0a3943f73b podman-remote-debuginfo-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 56b952cc2792cdfe1f5e3513f33d51d11838af0000f4a0840f9e61c2425850bd podman-tests-4.4.1-22.el9_2.11.x86_64.rpm SHA-256: 12efd96e06178f7e92bfc7844abf4cbf71068b17bf09843422ec3ccc56d7ff83 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM podman-4.4.1-22.el9_2.11.src.rpm SHA-256: 5d1a6a07e7c14e26be1e180b6de5191fa2a027db8ee7cf5b0885a5ac8a677511 aarch64 podman-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 7b1429599e7dfd8ccde0592c4b5cc3d432a0c6e7677c696f3199d6108dece205 podman-debuginfo-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: dcb26e82eb59c268fa1d9046e3f42b82aa46e054094028f6b8bf5a7aca7bdda5 podman-debugsource-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 8e0748078e358e6a0f4984a90824a7e3d08bbfda027b866a9b299507b84d8d17 podman-docker-4.4.1-22.el9_2.11.noarch.rpm SHA-256: 9494fc608c076f546c2686380d4cdb440a54101ddcb24b16a9b7e63680293717 podman-gvproxy-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 9ca2a4b1c86c3f5e8d28e8d54523b24c5fa7493a3406cffcf96cd6c9283a5655 podman-gvproxy-debuginfo-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 9f03fe0c80d07c0aa64cdbaaa67a7d3d38e0de7f87976df898f0f934dafeaa05 podman-plugins-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 68977443a8bec9508969dc3538572dd5db5999506ff4a4f0a85bc4955ead26fd podman-plugins-debuginfo-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: d5ea91838b959a58efb82c5cd6e21f3ceb18a3636d978e301610996276954a0e podman-remote-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 359a9c403d4a3e3445a117c703ec7127b9979f1c1c6e767fd6642e653c26d2c7 podman-remote-debuginfo-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 033a797fbeefd09256cc0adf4f101dccbb90b6623adb0c7516252ae5944eb563 podman-tests-4.4.1-22.el9_2.11.aarch64.rpm SHA-256: 8eda1876bb0fee4b640d6d4079783daf499714b98519e74b6b95ca65bb61889d Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM podman-4.4.1-22.el9_2.11.src.rpm SHA-256: 5d1a6a07e7c14e26be1e180b6de5191fa2a027db8ee7cf5b0885a5ac8a677511 s390x podman-4.4.1-22.el9_2.11.s390x.rpm SHA-256: 4e36d2cbd1b89dacb8430568f7ea0f70d24edc7412ceab6bcb4fdabc83f18d85 podman-debuginfo-4.4.1-22.el9_2.11.s390x.r