Rocky Linux 958 Published by

Rocky Linux published four important security advisories addressing vulnerabilities in hplip, python3.12, python3.9, and maven:3.8. Each advisory carries a CVSS base score that details the severity of the identified flaws across Rocky Linux versions 8, 9, and 10.

RLSA-2026:39976: Important: hplip security update
RLSA-2026:39771: Important: python3.12 security update
RLSA-2026:39798: Important: python3.9 security, bug fix, and enhancement update
RLSA-2026:40841: Important: maven:3.8 security update




RLSA-2026:39976: Important: hplip security update


An update is available for hplip.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:39976: Important: hplip security update



RLSA-2026:39771: Important: python3.12 security update


An update is available for python3.12.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:39771: Important: python3.12 security update



RLSA-2026:39798: Important: python3.9 security, bug fix, and enhancement update


An update is available for python3.9.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:39798: Important: python3.9 security, bug fix, and enhancement update



RLSA-2026:40841: Important: maven:3.8 security update


An update is available for module.maven, module.apache-commons-lang3, apache-commons-io, slf4j, apache-commons-codec, jsr-305, module.cdi-api, plexus-containers, guava, httpcomponents-client, cdi-api, module.sisu, module.plexus-classworlds, plexus-interpolation, module.httpcomponents-core, module.apache-commons-io, atinject, google-guice, module.plexus-cipher, plexus-sec-dispatcher, module.guava, module.jsr-305, module.maven-shared-utils, jakarta-annotations, module.plexus-interpolation, plexus-classworlds, maven-wagon, apache-commons-cli, apache-commons-lang3, module.jansi, module.apache-commons-codec, module.plexus-containers, jansi, maven, module.plexus-utils, sisu, module.atinject, maven-shared-utils, module.google-guice, module.maven-resolver, module.apache-commons-cli, module.slf4j, httpcomponents-core, module.httpcomponents-client, maven-resolver, module.maven-wagon, plexus-cipher, plexus-utils, module.plexus-sec-dispatcher, module.jakarta-annotations.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:40841: Important: maven:3.8 security update