Rocky Linux 955 Published by

Rocky Linux has released multiple security errata for versions 8, 9, and 10 addressing vulnerabilities across several core packages. The updates include important severity patches for nginx, container management tools, Maven, and compat-openssl10, alongside moderate security fixes for freeipmi.

RLSA-2026:38847: Important: nginx:1.24 security, bug fix, and enhancement update
RLSA-2026:38504: Important: container-tools:rhel8 security update
RLSA-2026:36211: Moderate: freeipmi security update
RLSA-2026:36210: Moderate: freeipmi security update
RLSA-2026:38500: Important: maven:3.9 security update
RLSA-2026:36215: Important: compat-openssl10 security update




RLSA-2026:38847: Important: nginx:1.24 security, bug fix, and enhancement update


An update is available for nginx, module.nginx.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:38847: Important: nginx:1.24 security, bug fix, and enhancement update



RLSA-2026:38504: Important: container-tools:rhel8 security update


An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook, skopeo, module.containernetworking-plugins, module.criu, crun, module.toolbox, containers-common, fuse-overlayfs, conmon, runc, module.aardvark-dns, aardvark-dns, cockpit-podman, module.container-selinux, module.cockpit-podman, containernetworking-plugins, module.slirp4netns, module.fuse-overlayfs, libslirp, module.skopeo.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:38504: Important: container-tools:rhel8 security update



RLSA-2026:36211: Moderate: freeipmi security update


An update is available for freeipmi.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:36211: Moderate: freeipmi security update



RLSA-2026:36210: Moderate: freeipmi security update


An update is available for freeipmi.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:36210: Moderate: freeipmi security update



RLSA-2026:38500: Important: maven:3.9 security update


An update is available for module.maven, apache-commons-io, slf4j, apache-commons-codec, jsr-305, plexus-containers, guava, httpcomponents-client, module.sisu, module.plexus-classworlds, plexus-interpolation, aopalliance, module.httpcomponents-core, module.apache-commons-io, atinject, google-guice, module.plexus-cipher, plexus-sec-dispatcher, module.guava, module.jsr-305, module.maven-shared-utils, jakarta-annotations, module.plexus-interpolation, plexus-classworlds, maven-wagon, apache-commons-cli, module.jansi, module.apache-commons-codec, module.plexus-containers, jansi, maven, module.plexus-utils, sisu, module.atinject, maven-shared-utils, module.google-guice, module.maven-resolver, module.apache-commons-cli, module.slf4j, httpcomponents-core, module.httpcomponents-client, module.aopalliance, maven-resolver, module.maven-wagon, plexus-cipher, plexus-utils, module.plexus-sec-dispatcher, module.jakarta-annotations.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:38500: Important: maven:3.9 security update



RLSA-2026:36215: Important: compat-openssl10 security update


An update is available for compat-openssl10.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RLSA-2026:36215: Important: compat-openssl10 security update