Most recent updated packages for CentOS 9-stream s390x BaseOS

vim-filesystem-2:8.2.2637-31.el9.noarch

Wed, 27 May 2026 11:17:28 AM GMT

vim-filesystem - VIM filesystem layout

This package provides some directories which are required by other
packages that add vim files, p.e. additional syntax files or filetypes.

Change Log:

Wed, 27 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-31
- CVE-2026-34982 vim: arbitrary command execution via modeline sandbox bypass

Thu, 21 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-30
- CVE-2026-41411 vim: Command injection via backticks in tag files

Wed, 20 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-29
- CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path
  traversal bypass

...

vim-minimal-2:8.2.2637-31.el9.s390x

Wed, 27 May 2026 11:15:48 AM GMT

vim-minimal - A minimal version of the VIM editor

VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more. The
vim-minimal package includes a minimal version of VIM, providing
the commands vi, view, ex, rvi, and rview. NOTE: The online help is
only available when the vim-common package is installed.

Change Log:

Wed, 27 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-31
- CVE-2026-34982 vim: arbitrary command execution via modeline sandbox bypass

Thu, 21 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-30
- CVE-2026-41411 vim: Command injection via backticks in tag files

Wed, 20 May 2026 GMT - Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-29
- CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path
  traversal bypass

...

kernel-abi-stablelists-5.14.0-710.el9.noarch

Wed, 27 May 2026 08:34:14 AM GMT

kernel-abi-stablelists - The Red Hat Enterprise Linux kernel ABI symbol stablelists

The kABI package contains information pertaining to the Red Hat Enterprise
Linux kernel ABI, including lists of kernel symbols that are needed by
external Linux kernel modules, and a yum plugin to aid enforcement.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-zfcpdump-modules-extra-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-zfcpdump-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-zfcpdump-modules-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-zfcpdump-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-zfcpdump-modules-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-zfcpdump-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-zfcpdump-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-zfcpdump-core - The Linux kernel compiled for zfcpdump usage

The kernel package contains the Linux kernel (vmlinuz) for use by the
zfcpdump infrastructure.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-zfcpdump-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-zfcpdump - kernel meta-package for the zfcpdump kernel

The meta-package for the zfcpdump kernel

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-tools-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-tools - Assortment of tools for the Linux kernel

This package contains the tools/ directory from the kernel source
and the supporting documentation.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-modules-extra-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-modules-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-modules-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-debug-modules-extra-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-debug-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-debug-modules-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-debug-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-debug-modules-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-debug-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-debug-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-debug-core - The Linux kernel compiled for zfcpdump usage

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-debug-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-debug - kernel meta-package for the debug kernel

The meta-package for the debug kernel

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-core-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel-core - The Linux kernel

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

kernel-5.14.0-710.el9.s390x

Wed, 27 May 2026 08:32:42 AM GMT

kernel - The Linux kernel

The kernel meta package

Change Log:

Wed, 27 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]

Mon, 25 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
- netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
- xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix the xattr scrub to detect freemap/entries array collisions (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: strengthen attr leaf block freemap checking (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: refactor attr3 leaf table size computation (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: fix freemap adjustments when adding xattrs to leaf blocks (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- xfs: delete attr leaf freemap entries when empty (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
- Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CKI Backport Bot) [RHEL-172859] {CVE-2026-31772}
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (CKI Backport Bot) [RHEL-172600] {CVE-2026-43023}
- Bluetooth: MGMT: validate LTK enc_size on load (CKI Backport Bot) [RHEL-172573] {CVE-2026-43020}

Wed, 20 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-708.el9]
- netfilter: flowtable: strictly check for maximum number of actions (CKI Backport Bot) [RHEL-176922] {CVE-2026-43329}
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174565] {CVE-2026-43284}
- net: sched: act_csum: validate nested VLAN headers (CKI Backport Bot) [RHEL-171139] {CVE-2026-31684}
- cifs: make default value of retrans as zero (Paulo Alcantara) [RHEL-159632]

...

rng-tools-6.17-10.el9.s390x

Mon, 25 May 2026 01:00:34 PM GMT

rng-tools - Random number generator related utilities

This is a random number generator daemon and its tools. It monitors
a set of entropy sources present on a system (like /dev/hwrng, RDRAND,
TPM, jitter) and supplies entropy from them to a kernel entropy pool.

Change Log:

Wed, 20 May 2026 GMT - Vladislav Dronov <vdronov@redhat.com> - 6.17-10
- Update to the upstream v6.17 @ e8da3cdc (RHEL-176340)
- Handle new radiacode entropy source
- Build with the updated jitterentropy v3.7.0 library
- Drop the older i686 force-PIC fix

Thu, 26 Jun 2025 GMT - Vladis Dronov <vdronov@redhat.com> - 6.17-2
- Disable jitter entropy source by default (RHEL-91119)

Fri, 25 Oct 2024 GMT - Vladis Dronov <vdronov@redhat.com> - 6.17-1
- Add Intel CET IBT instrumentation to assembly code
- Update to the upstream v6.17 @ ac43f912 (RHEL-64951)

jitterentropy-3.7.0-1.el9.s390x

Thu, 21 May 2026 07:51:14 PM GMT

jitterentropy - Library implementing the jitter entropy source

Library implementing the CPU jitter entropy source

Change Log:

Wed, 20 May 2026 GMT - Vladislav Dronov <vdronov@redhat.com> - 3.7.0-1
- Update to the upstream v3.7.0 @ e783cf1c (RHEL-176349)
- Fix PowerPC architecture detection code
- Simplify jent_get_nstime() for PowerPC
- Restore previous jitterentropy public api

Fri, 25 Oct 2024 GMT - Vladis Dronov <vdronov@redhat.com> - 3.6.0-1
- Update to the upstream v3.6.0 @ 11829386 (RHEL-64947)

NetworkManager-initscripts-updown-1:1.54.4-1.el9.noarch

Thu, 21 May 2026 01:25:38 PM GMT

NetworkManager-initscripts-updown - Legacy ifup/ifdown scripts for NetworkManager that replace initscripts (network-scripts)

Installs alternative ifup/ifdown scripts that talk to NetworkManager.
This is only for backward compatibility with initscripts (network-scripts).
Preferably use nmcli instead.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-config-server-1:1.54.4-1.el9.noarch

Thu, 21 May 2026 01:25:38 PM GMT

NetworkManager-config-server - NetworkManager config file for "server-like" defaults

This adds a NetworkManager configuration file to make it behave more
like the old "network" service. In particular, it stops NetworkManager
from automatically running DHCP on unconfigured ethernet devices, and
allows connections with static IP addresses to be brought up even on
ethernet devices with no carrier.

This package is intended to be installed by default for server
deployments.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-wwan-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-wwan - Mobile broadband device plugin for NetworkManager

This package contains NetworkManager support for mobile broadband (WWAN)
devices.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-wifi-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-wifi - Wifi plugin for NetworkManager

This package contains NetworkManager support for Wifi and OLPC devices.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-tui-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-tui - NetworkManager curses-based UI

This adds a curses-based "TUI" (Text User Interface) to
NetworkManager, to allow performing some of the operations supported
by nm-connection-editor and nm-applet in a non-graphical environment.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-team-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-team - Team device plugin for NetworkManager

This package contains NetworkManager support for team devices.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-libnm-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-libnm - Libraries for adding NetworkManager support to applications.

This package contains the libraries that make it easier to use some
NetworkManager functionality from applications.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-bluetooth-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-bluetooth - Bluetooth device plugin for NetworkManager

This package contains NetworkManager support for Bluetooth devices.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-adsl-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager-adsl - ADSL device plugin for NetworkManager

This package contains NetworkManager support for ADSL devices.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

NetworkManager-1:1.54.4-1.el9.s390x

Thu, 21 May 2026 01:24:03 PM GMT

NetworkManager - Network connection manager and user applications

NetworkManager is a system service that manages network interfaces and
connections based on user or automatic configuration. It supports
Ethernet, Bridge, Bond, VLAN, Team, InfiniBand, Wi-Fi, mobile broadband
(WWAN), PPPoE and other devices, and supports a variety of different VPN
services.

Change Log:

Thu, 21 May 2026 GMT - Ján Václav <jvaclav@redhat.com> - 1:1.54.4-1
- Update to 1.54.4
- fix handling onlink route flag for ECMP routes (RHEL-157391)
- Add Geneve support (RHEL-154245)
- Fix arp_missed_max/lacp_active error on reapply (RHEL-157392)
- Removed 802.1x auth patch as it was released upstream

Thu, 07 May 2026 GMT - Rahul Rajesh <rrajesh@redhat.com> - 1:1.54.3-3
- Fix 802.1x auth for bridge interface (RHEL-151942)

Wed, 07 Jan 2026 GMT - Beniamino Galvani <bgalvani@redhat.com> - 1:1.54.3-2
- Add hard dependency on iputils (RHEL-134751)

...

python3-libdnf-0.69.0-19.el9.s390x

Wed, 20 May 2026 07:12:19 PM GMT

python3-libdnf - Python 3 bindings for the libdnf library.

Python 3 bindings for the libdnf library.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 0.69.0-19
- swig: Add missing %template for std::vector<TransactionPersistence> (RHEL-154734)

Mon, 09 Feb 2026 GMT - Ales Matej <amatej@redhat.com> - 0.69.0-18
- Fix a crash when parsing multiple key files fails (RHEL-145618)
- Mark all protected packages as user installed for all transactions (RHEL-76112)
- Add `filterUnneededExtraUserinstalled` and Python version to the API
- Describe all problems even when there are protected removals (RHEL-115194)
- Clearer error for protected package broken dependencies

Tue, 03 Feb 2026 GMT - Matej Focko <mfocko@redhat.com> - 0.69.0-17
- Fix comparison of RPM items in the transaction (RHEL-81779)

...

python3-hawkey-0.69.0-19.el9.s390x

Wed, 20 May 2026 07:12:19 PM GMT

python3-hawkey - Python 3 bindings for the hawkey library

Python 3 bindings for the hawkey library.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 0.69.0-19
- swig: Add missing %template for std::vector<TransactionPersistence> (RHEL-154734)

Mon, 09 Feb 2026 GMT - Ales Matej <amatej@redhat.com> - 0.69.0-18
- Fix a crash when parsing multiple key files fails (RHEL-145618)
- Mark all protected packages as user installed for all transactions (RHEL-76112)
- Add `filterUnneededExtraUserinstalled` and Python version to the API
- Describe all problems even when there are protected removals (RHEL-115194)
- Clearer error for protected package broken dependencies

Tue, 03 Feb 2026 GMT - Matej Focko <mfocko@redhat.com> - 0.69.0-17
- Fix comparison of RPM items in the transaction (RHEL-81779)

...

libdnf-0.69.0-19.el9.s390x

Wed, 20 May 2026 07:12:19 PM GMT

libdnf - Library providing simplified C and Python API to libsolv

A Library providing simplified C and Python API to libsolv.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 0.69.0-19
- swig: Add missing %template for std::vector<TransactionPersistence> (RHEL-154734)

Mon, 09 Feb 2026 GMT - Ales Matej <amatej@redhat.com> - 0.69.0-18
- Fix a crash when parsing multiple key files fails (RHEL-145618)
- Mark all protected packages as user installed for all transactions (RHEL-76112)
- Add `filterUnneededExtraUserinstalled` and Python version to the API
- Describe all problems even when there are protected removals (RHEL-115194)
- Clearer error for protected package broken dependencies

Tue, 03 Feb 2026 GMT - Matej Focko <mfocko@redhat.com> - 0.69.0-17
- Fix comparison of RPM items in the transaction (RHEL-81779)

...

dnf-data-4.14.0-36.el9.noarch

Wed, 20 May 2026 06:49:53 PM GMT

dnf-data - Common data and configuration files for DNF

Common data and configuration files for DNF

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-36
- history info: Fix Persistence display for interval queries (RHEL-154737)

Thu, 26 Mar 2026 GMT - Petr Pisar <ppisar@redhat.com> - 4.14.0-35
- Preserve ACL when rotating logs (RHEL-122013)

Wed, 25 Mar 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-34
- bootc: unlock only if /usr is read-only (RHEL-138512)

...

dnf-automatic-4.14.0-36.el9.noarch

Wed, 20 May 2026 06:49:53 PM GMT

dnf-automatic - Package manager - automated upgrades

Systemd units that can periodically download package upgrades and apply them.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-36
- history info: Fix Persistence display for interval queries (RHEL-154737)

Thu, 26 Mar 2026 GMT - Petr Pisar <ppisar@redhat.com> - 4.14.0-35
- Preserve ACL when rotating logs (RHEL-122013)

Wed, 25 Mar 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-34
- bootc: unlock only if /usr is read-only (RHEL-138512)

...

dnf-4.14.0-36.el9.noarch

Wed, 20 May 2026 06:49:53 PM GMT

dnf - Package manager

Utility that allows users to manage packages on their systems.
It supports RPMs, modules and comps groups & environments.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-36
- history info: Fix Persistence display for interval queries (RHEL-154737)

Thu, 26 Mar 2026 GMT - Petr Pisar <ppisar@redhat.com> - 4.14.0-35
- Preserve ACL when rotating logs (RHEL-122013)

Wed, 25 Mar 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-34
- bootc: unlock only if /usr is read-only (RHEL-138512)

...

python3-dnf-4.14.0-36.el9.noarch

Wed, 20 May 2026 06:49:53 PM GMT

python3-dnf - Python 3 interface to DNF

Python 3 interface to DNF.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-36
- history info: Fix Persistence display for interval queries (RHEL-154737)

Thu, 26 Mar 2026 GMT - Petr Pisar <ppisar@redhat.com> - 4.14.0-35
- Preserve ACL when rotating logs (RHEL-122013)

Wed, 25 Mar 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-34
- bootc: unlock only if /usr is read-only (RHEL-138512)

...

yum-4.14.0-36.el9.noarch

Wed, 20 May 2026 06:49:53 PM GMT

yum - Package manager

Utility that allows users to manage packages on their systems.
It supports RPMs, modules and comps groups & environments.

Change Log:

Wed, 20 May 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-36
- history info: Fix Persistence display for interval queries (RHEL-154737)

Thu, 26 Mar 2026 GMT - Petr Pisar <ppisar@redhat.com> - 4.14.0-35
- Preserve ACL when rotating logs (RHEL-122013)

Wed, 25 Mar 2026 GMT - Evan Goode <egoode@redhat.com> - 4.14.0-34
- bootc: unlock only if /usr is read-only (RHEL-138512)

...

cockpit-system-362-1.el9.noarch

Wed, 20 May 2026 06:31:02 PM GMT

cockpit-system - Cockpit admin interface package for configuring and troubleshooting a system

This package contains the Cockpit shell and system configuration interfaces.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

cockpit-doc-362-1.el9.noarch

Wed, 20 May 2026 06:31:02 PM GMT

cockpit-doc - Cockpit deployment and developer guide

The Cockpit Deployment and Developer Guide shows sysadmins how to
deploy Cockpit on their machines as well as helps developers who want to
embed or extend Cockpit.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

cockpit-bridge-362-1.el9.noarch

Wed, 20 May 2026 06:31:02 PM GMT

cockpit-bridge - Cockpit bridge server-side component

The Cockpit bridge component installed server side and runs commands on the
system on behalf of the web based user interface.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

cockpit-ws-selinux-362-1.el9.s390x

Wed, 20 May 2026 06:29:25 PM GMT

cockpit-ws-selinux - SELinux security policy for cockpit-ws

SELinux policy module for the cockpit-ws package.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

cockpit-ws-362-1.el9.s390x

Wed, 20 May 2026 06:29:25 PM GMT

cockpit-ws - Cockpit Web Service

The Cockpit Web Service listens on the network, and authenticates users.

If sssd-dbus is installed, you can enable client certificate/smart card
authentication via sssd/FreeIPA.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

cockpit-362-1.el9.s390x

Wed, 20 May 2026 06:29:25 PM GMT

cockpit - Web Console for Linux servers

The Cockpit Web Console enables users to administer GNU/Linux servers using a
web browser.

It offers network configuration, log inspection, diagnostic reports, SELinux
troubleshooting, interactive command-line sessions, and more.

Change Log:

Wed, 20 May 2026 GMT - Packit <hello@packit.dev> - 362-1
- Bug fixes and translation updates
- Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802)

Tue, 21 Apr 2026 GMT - Packit <hello@packit.dev> - 361-1
- Remove all "Mount" actions in Anaconda mode
- Dependency updates

Tue, 14 Apr 2026 GMT - Packit <hello@packit.dev> - 360.1-1
- Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)
- Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855)

...

kmod-kvdo-8.2.7.4-194.el9.s390x

Wed, 20 May 2026 01:26:15 PM GMT

kmod-kvdo - Kernel Modules for Virtual Data Optimizer

Virtual Data Optimizer (VDO) is a device mapper target that delivers
block-level deduplication, compression, and thin provisioning.

This package provides the kernel modules for VDO.

Change Log:

Wed, 20 May 2026 GMT - - Chung Chung <cchung@redhat.com> - 8.2.7.4-194.el9
- Rebuilt for latest kernel.
- Resolves: RHEL-163930

Fri, 15 May 2026 GMT - - Chung Chung <cchung@redhat.com> - 8.2.7.4-193.el9
- Rebuilt for latest kernel.
- Resolves: RHEL-163930

Mon, 11 May 2026 GMT - - Chung Chung <cchung@redhat.com> - 8.2.7.4-192.el9
- Rebuilt for latest kernel.
- Resolves: RHEL-163930

...

python3-pip-wheel-21.3.1-2.el9.noarch

Wed, 20 May 2026 09:26:54 AM GMT

python3-pip-wheel - The pip wheel

A Python wheel of pip to use with venv.

Change Log:

Tue, 19 May 2026 GMT - Miro Hrončok <mhroncok@redhat.com> - 21.3.1-2
- Bump epoch for the virtual pip Provide, for this package to take precedence over python3.14-pip
Resolves: RHEL-178095

tuna-0.20-3.el9.noarch

Tue, 19 May 2026 08:28:19 PM GMT

tuna - Application tuning GUI & command line utility

Provides interface for changing scheduler and IRQ tunables, at whole CPU and at
per thread/IRQ level. Allows isolating CPUs for use by a specific application
and moving threads and interrupts to a CPU by just dragging and dropping them.
Operations can be done on CPU sockets, understanding CPU topology.

Can be used as a command line utility without requiring the GUI libraries to be
installed.

Change Log:

Tue, 19 May 2026 GMT - John Kacur <jkacur@redhat.com> - 0.20-3
- Print warning if setting affinity results in EPERM and continue
Resolves: RHEL-174229

Mon, 12 Jan 2026 GMT - John Kacur <jkacur@redhat.com> - 0.20-2
- Disable tuna apply
Resolves: RHEL-140839

Tue, 28 Oct 2025 GMT - John Kacur <jkacur@redhat.com> - 0.20-1
- Update to upstream version 0.20
- Remove all patches (now included in upstream)
- Remove oscilloscope (unsupported in RHEL)
Resolves: RHEL-83079

...

selinux-policy-targeted-38.1.80-1.el9.noarch

Mon, 18 May 2026 02:37:28 PM GMT

selinux-policy-targeted - SELinux targeted policy

SELinux targeted policy package.

Change Log:

Mon, 18 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.80-1
- Allow fido services connect to postgres database
Resolves: RHEL-28814
- Allow qatlib map kernel modules
Resolves: RHEL-133799

Tue, 12 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.79-1
- Do not audit iptables attempts to read other process state
Resolves: RHEL-152287
- Allow iptables_t read state of some processes
Resolves: RHEL-152287
- Allow iptables read firewalld process state
Resolves: RHEL-152287
- Allow systemd-machined read virtd process state
Resolves: RHEL-152287
- Allow systemd-machined read svirt process state
Resolves: RHEL-152287
- Label /dev/HID-SENSOR-.* with hid_sensor_device_t
Resolves: RHEL-166739

Tue, 21 Apr 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.78-1
- Allow dbus-broker to use inherited user ttys
Resolves: RHEL-86925
- Allow sysadm user connect to lvm over a unix stream socket
Resolves: RHEL-150996

...

selinux-policy-sandbox-38.1.80-1.el9.noarch

Mon, 18 May 2026 02:37:28 PM GMT

selinux-policy-sandbox - SELinux sandbox policy

SELinux sandbox policy for use with the sandbox utility.

Change Log:

Mon, 18 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.80-1
- Allow fido services connect to postgres database
Resolves: RHEL-28814
- Allow qatlib map kernel modules
Resolves: RHEL-133799

Tue, 12 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.79-1
- Do not audit iptables attempts to read other process state
Resolves: RHEL-152287
- Allow iptables_t read state of some processes
Resolves: RHEL-152287
- Allow iptables read firewalld process state
Resolves: RHEL-152287
- Allow systemd-machined read virtd process state
Resolves: RHEL-152287
- Allow systemd-machined read svirt process state
Resolves: RHEL-152287
- Label /dev/HID-SENSOR-.* with hid_sensor_device_t
Resolves: RHEL-166739

Tue, 21 Apr 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.78-1
- Allow dbus-broker to use inherited user ttys
Resolves: RHEL-86925
- Allow sysadm user connect to lvm over a unix stream socket
Resolves: RHEL-150996

...

selinux-policy-mls-38.1.80-1.el9.noarch

Mon, 18 May 2026 02:37:28 PM GMT

selinux-policy-mls - SELinux MLS policy

SELinux MLS (Multi Level Security) policy package.

Change Log:

Mon, 18 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.80-1
- Allow fido services connect to postgres database
Resolves: RHEL-28814
- Allow qatlib map kernel modules
Resolves: RHEL-133799

Tue, 12 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.79-1
- Do not audit iptables attempts to read other process state
Resolves: RHEL-152287
- Allow iptables_t read state of some processes
Resolves: RHEL-152287
- Allow iptables read firewalld process state
Resolves: RHEL-152287
- Allow systemd-machined read virtd process state
Resolves: RHEL-152287
- Allow systemd-machined read svirt process state
Resolves: RHEL-152287
- Label /dev/HID-SENSOR-.* with hid_sensor_device_t
Resolves: RHEL-166739

Tue, 21 Apr 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.78-1
- Allow dbus-broker to use inherited user ttys
Resolves: RHEL-86925
- Allow sysadm user connect to lvm over a unix stream socket
Resolves: RHEL-150996

...

selinux-policy-doc-38.1.80-1.el9.noarch

Mon, 18 May 2026 02:37:28 PM GMT

selinux-policy-doc - SELinux policy documentation

SELinux policy documentation package.
This package contains manual pages and documentation of the policy modules.

Change Log:

Mon, 18 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.80-1
- Allow fido services connect to postgres database
Resolves: RHEL-28814
- Allow qatlib map kernel modules
Resolves: RHEL-133799

Tue, 12 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.79-1
- Do not audit iptables attempts to read other process state
Resolves: RHEL-152287
- Allow iptables_t read state of some processes
Resolves: RHEL-152287
- Allow iptables read firewalld process state
Resolves: RHEL-152287
- Allow systemd-machined read virtd process state
Resolves: RHEL-152287
- Allow systemd-machined read svirt process state
Resolves: RHEL-152287
- Label /dev/HID-SENSOR-.* with hid_sensor_device_t
Resolves: RHEL-166739

Tue, 21 Apr 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.78-1
- Allow dbus-broker to use inherited user ttys
Resolves: RHEL-86925
- Allow sysadm user connect to lvm over a unix stream socket
Resolves: RHEL-150996

...

selinux-policy-38.1.80-1.el9.noarch

Mon, 18 May 2026 02:37:28 PM GMT

selinux-policy - SELinux policy configuration

SELinux core policy package.
Originally based off of reference policy,
the policy has been adjusted to provide support for Fedora.

Change Log:

Mon, 18 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.80-1
- Allow fido services connect to postgres database
Resolves: RHEL-28814
- Allow qatlib map kernel modules
Resolves: RHEL-133799

Tue, 12 May 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.79-1
- Do not audit iptables attempts to read other process state
Resolves: RHEL-152287
- Allow iptables_t read state of some processes
Resolves: RHEL-152287
- Allow iptables read firewalld process state
Resolves: RHEL-152287
- Allow systemd-machined read virtd process state
Resolves: RHEL-152287
- Allow systemd-machined read svirt process state
Resolves: RHEL-152287
- Label /dev/HID-SENSOR-.* with hid_sensor_device_t
Resolves: RHEL-166739

Tue, 21 Apr 2026 GMT - Zdenek Pytela <zpytela@redhat.com> - 38.1.78-1
- Allow dbus-broker to use inherited user ttys
Resolves: RHEL-86925
- Allow sysadm user connect to lvm over a unix stream socket
Resolves: RHEL-150996

...

python3-libxml2-2.9.13-15.el9.s390x

Mon, 18 May 2026 09:07:39 AM GMT

python3-libxml2 - Python 3 bindings for the libxml2 library

The libxml2-python3 package contains a Python 3 module that permits
applications written in the Python programming language, version 3, to use the
interface supplied by the libxml2 library to manipulate XML files.

This library allows to manipulate XML files. It includes support
to read, modify and write XML and HTML files. There is DTDs support
this includes parsing and validation even with complex DTDs, either
at parse time or later once the document has been modified.

Change Log:

Mon, 18 May 2026 GMT - David King <dking@redhat.com> - 2.9.13-15
- Fix CVE-2024-34459 (RHEL-36406)

Thu, 13 Nov 2025 GMT - Laura Barcziova <lbarczio@redhat.com> - 2.9.13-14
- Rebuilt for the correct target in RHEL (9.7-z) (RHEL-119283)

Tue, 04 Nov 2025 GMT - RHEL Packaging Agent <jotnar@redhat.com> - 2.9.13-13
- Fix CVE-2025-9714 (RHEL-119283)

...

libxml2-2.9.13-15.el9.s390x

Mon, 18 May 2026 09:07:39 AM GMT

libxml2 - Library providing XML and HTML support

This library allows to manipulate XML files. It includes support
to read, modify and write XML and HTML files. There is DTDs support
this includes parsing and validation even with complex DtDs, either
at parse time or later once the document has been modified. The output
can be a simple SAX stream or and in-memory DOM like representations.
In this case one can use the built-in XPath and XPointer implementation
to select sub nodes or ranges. A flexible Input/Output mechanism is
available, with existing HTTP and FTP modules and combined to an
URI library.

Change Log:

Mon, 18 May 2026 GMT - David King <dking@redhat.com> - 2.9.13-15
- Fix CVE-2024-34459 (RHEL-36406)

Thu, 13 Nov 2025 GMT - Laura Barcziova <lbarczio@redhat.com> - 2.9.13-14
- Rebuilt for the correct target in RHEL (9.7-z) (RHEL-119283)

Tue, 04 Nov 2025 GMT - RHEL Packaging Agent <jotnar@redhat.com> - 2.9.13-13
- Fix CVE-2025-9714 (RHEL-119283)

...

rpm-sequoia-1.10.2.1-1.el9.s390x

Wed, 13 May 2026 04:43:02 PM GMT

rpm-sequoia - Implementation of the RPM PGP interface using Sequoia

An implementation of the RPM PGP interface using Sequoia.

Change Log:

Wed, 13 May 2026 GMT - Jakub Jelen <jjelen@redhat.com> - 1.10.2.1-1
- Rebase to 1.10.2 and sequioa-openpgp with fixes for CVE-2026-42784

Fri, 04 Jul 2025 GMT - Jakub Jelen <jjelen@redhat.com> - 1.9.0.1-1
- Pull PQC crypto to rpm-sequoia

Thu, 22 May 2025 GMT - Stanislav Zidek <szidek@redhat.com> - 1.6.0-2
- RHEL-9 CI and gating setup

...

procps-ng-i18n-3.3.17-15.el9.noarch

Wed, 13 May 2026 03:14:13 PM GMT

procps-ng-i18n - Internationalization pack for procps-ng

Internationalization pack for procps-ng

Change Log:

Wed, 13 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 3.3.17-15
- top: scan all user processes after sorting by memory enabled
- Resolves: RHEL-46760

procps-ng-3.3.17-15.el9.s390x

Wed, 13 May 2026 03:12:38 PM GMT

procps-ng - System and process monitoring utilities

The procps package contains a set of system utilities that provide
system information. Procps includes ps, free, skill, pkill, pgrep,
snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,
pwdx and pidwait.
The ps command displays a snapshot of running processes. The top command
provides a repetitive update of the statuses of running processes.
The free command displays the amounts of free and used memory on your
system. The skill command sends a terminate command (or another
specified signal) to a specified set of processes. The snice
command is used to change the scheduling priority of specified
processes. The tload command prints a graph of the current system
load average to a specified tty. The uptime command displays the
current time, how long the system has been running, how many users
are logged on, and system load averages for the past one, five,
and fifteen minutes. The w command displays a list of the users
who are currently logged on and what they are running. The watch
program watches a running program. The vmstat command displays
virtual memory statistics about processes, memory, paging, block
I/O, traps, and CPU activity. The pwdx command reports the current
working directory of a process or processes. The pidwait command
waits for processes of specified names.

Change Log:

Wed, 13 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 3.3.17-15
- top: scan all user processes after sorting by memory enabled
- Resolves: RHEL-46760

opensc-0.23.0-7.el9.s390x

Wed, 13 May 2026 01:37:14 PM GMT

opensc - Smart card library and applications

OpenSC provides a set of libraries and utilities to work with smart cards. Its
main focus is on cards that support cryptographic operations, and facilitate
their use in security applications such as authentication, mail encryption and
digital signatures. OpenSC implements the PKCS#11 API so applications
supporting this API (such as Mozilla Firefox and Thunderbird) can use it. On
the card OpenSC implements the PKCS#15 standard and aims to be compatible with
every software/card that does so, too.

Change Log:

Tue, 12 May 2026 GMT - Jakub Jelen <jjelen@redhat.com> - 0.23.0-7
- Avoid using mlock()/munlock() to unbreak opensc in chromium browsers (RHEL-149712)

Mon, 21 Jul 2025 GMT - Veronika Hanulikova <vhanulik@redhat.com> - 0.23.0-6
- Fix free before dereference when reading public key (RHEL-96029)

Thu, 24 Oct 2024 GMT - Veronika Hanulikova <vhanulik@redhat.com> - 0.23.0-5
- Add URI in PKCS#11 objects and pkcs11-tool (RHEL-53115)

dnsconfd-unbound-1.7.5-2.el9.noarch

Wed, 13 May 2026 01:32:05 PM GMT

dnsconfd-unbound - dnsconfd unbound module

Dnsconfd management of unbound server

Change Log:

Wed, 13 May 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-2
- Minimize selinux requirements
- Resolves: RHEL-173665

Thu, 08 Jan 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-1
- Rebase to 1.7.5
- Resolves: RHEL-139901

Tue, 03 Jun 2025 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.3-1
- Rebase to 1.7.3
- Resolves: RHEL-94999
- Resolves: RHEL-94998
- Resolves: RHEL-94997

...

dnsconfd-selinux-1.7.5-2.el9.noarch

Wed, 13 May 2026 01:32:05 PM GMT

dnsconfd-selinux - dnsconfd SELinux policy

Dnsconfd SELinux policy module.

Change Log:

Wed, 13 May 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-2
- Minimize selinux requirements
- Resolves: RHEL-173665

Thu, 08 Jan 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-1
- Rebase to 1.7.5
- Resolves: RHEL-139901

Tue, 03 Jun 2025 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.3-1
- Rebase to 1.7.3
- Resolves: RHEL-94999
- Resolves: RHEL-94998
- Resolves: RHEL-94997

...

dnsconfd-micro-1.7.5-2.el9.s390x

Wed, 13 May 2026 01:30:25 PM GMT

dnsconfd-micro - Minimized native implementation of Dnsconfd

Minimized native implementation of Dnsconfd. Able to configure
Unbound according to NetworkManager global configuration.

Change Log:

Wed, 13 May 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-2
- Minimize selinux requirements
- Resolves: RHEL-173665

Thu, 08 Jan 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-1
- Rebase to 1.7.5
- Resolves: RHEL-139901

Tue, 03 Jun 2025 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.3-1
- Rebase to 1.7.3
- Resolves: RHEL-94999
- Resolves: RHEL-94998
- Resolves: RHEL-94997

...

dnsconfd-dracut-1.7.5-2.el9.s390x

Wed, 13 May 2026 01:30:25 PM GMT

dnsconfd-dracut - dnsconfd dracut module

Dnsconfd dracut module

Change Log:

Wed, 13 May 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-2
- Minimize selinux requirements
- Resolves: RHEL-173665

Thu, 08 Jan 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-1
- Rebase to 1.7.5
- Resolves: RHEL-139901

Tue, 03 Jun 2025 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.3-1
- Rebase to 1.7.3
- Resolves: RHEL-94999
- Resolves: RHEL-94998
- Resolves: RHEL-94997

...

dnsconfd-1.7.5-2.el9.s390x

Wed, 13 May 2026 01:30:25 PM GMT

dnsconfd - Local DNS cache configuration daemon

Dnsconfd configures local DNS cache services.

Change Log:

Wed, 13 May 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-2
- Minimize selinux requirements
- Resolves: RHEL-173665

Thu, 08 Jan 2026 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.5-1
- Rebase to 1.7.5
- Resolves: RHEL-139901

Tue, 03 Jun 2025 GMT - Tomas Korbar <tkorbar@redhat.com> - 1.7.3-1
- Rebase to 1.7.3
- Resolves: RHEL-94999
- Resolves: RHEL-94998
- Resolves: RHEL-94997

...

polkit-libs-0.117-16.el9.s390x

Wed, 13 May 2026 12:50:31 PM GMT

polkit-libs - Libraries for polkit

Libraries files for polkit.

Change Log:

Wed, 13 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-16
- fix DoS issue introduced by previous fix
- Resolves: CVE-2026-4897

Tue, 12 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-15
- CVE-2026-4897: getline() string overflow via unsanitized input
- Resolves: CVE-2026-4897

Tue, 05 Aug 2025 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-14
- aarch64: test failure with undefined symbol: __aarch64_ldadd4_acq_rel
- Resolves: RHEL-98662

...

polkit-0.117-16.el9.s390x

Wed, 13 May 2026 12:50:31 PM GMT

polkit - An authorization framework

polkit is a toolkit for defining and handling authorizations. It is
used for allowing unprivileged processes to speak to privileged
processes.

Change Log:

Wed, 13 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-16
- fix DoS issue introduced by previous fix
- Resolves: CVE-2026-4897

Tue, 12 May 2026 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-15
- CVE-2026-4897: getline() string overflow via unsanitized input
- Resolves: CVE-2026-4897

Tue, 05 Aug 2025 GMT - Jan Rybar <jrybar@redhat.com> - 0.117-14
- aarch64: test failure with undefined symbol: __aarch64_ldadd4_acq_rel
- Resolves: RHEL-98662

...

openssl-libs-1:3.5.5-3.el9.s390x

Wed, 13 May 2026 11:45:52 AM GMT

openssl-libs - A general purpose cryptography library with TLS implementation

OpenSSL is a toolkit for supporting cryptography. The openssl-libs
package contains the libraries that are used by various applications which
support cryptographic algorithms and protocols.

Change Log:

Wed, 13 May 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-3
- Fix CVE-2026-28390
  Resolves: RHEL-165870

Thu, 09 Apr 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-2
- Fix CVE-2026-31790
  Resolves: RHEL-161586

Tue, 27 Jan 2026 GMT - Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.5-1
- Rebase to OpenSSL 3.5.5
  Resolves: RHEL-136895
  Resolves: RHEL-142004
  Resolves: RHEL-142012
  Resolves: RHEL-142020
  Resolves: RHEL-142024
  Resolves: RHEL-142028
  Resolves: RHEL-142032
  Resolves: RHEL-142036
  Resolves: RHEL-142040
  Resolves: RHEL-142044
  Resolves: RHEL-142048
  Resolves: RHEL-142052
  Resolves: RHEL-142056

...

openssl-fips-provider-1:3.5.5-3.el9.s390x

Wed, 13 May 2026 11:45:52 AM GMT

openssl-fips-provider - The FIPS Provider module

OpenSSL is a toolkit for supporting cryptography. The openssl-fips-provider
package provides the fips.so provider, a cryptography provider that follows
FIPS requirements and provides FIPS approved algorithms.

Change Log:

Wed, 13 May 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-3
- Fix CVE-2026-28390
  Resolves: RHEL-165870

Thu, 09 Apr 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-2
- Fix CVE-2026-31790
  Resolves: RHEL-161586

Tue, 27 Jan 2026 GMT - Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.5-1
- Rebase to OpenSSL 3.5.5
  Resolves: RHEL-136895
  Resolves: RHEL-142004
  Resolves: RHEL-142012
  Resolves: RHEL-142020
  Resolves: RHEL-142024
  Resolves: RHEL-142028
  Resolves: RHEL-142032
  Resolves: RHEL-142036
  Resolves: RHEL-142040
  Resolves: RHEL-142044
  Resolves: RHEL-142048
  Resolves: RHEL-142052
  Resolves: RHEL-142056

...

openssl-1:3.5.5-3.el9.s390x

Wed, 13 May 2026 11:45:52 AM GMT

openssl - Utilities from the general purpose cryptography library with TLS implementation

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Change Log:

Wed, 13 May 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-3
- Fix CVE-2026-28390
  Resolves: RHEL-165870

Thu, 09 Apr 2026 GMT - Pavol Žáčik <pzacik@redhat.com> - 1:3.5.5-2
- Fix CVE-2026-31790
  Resolves: RHEL-161586

Tue, 27 Jan 2026 GMT - Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.5-1
- Rebase to OpenSSL 3.5.5
  Resolves: RHEL-136895
  Resolves: RHEL-142004
  Resolves: RHEL-142012
  Resolves: RHEL-142020
  Resolves: RHEL-142024
  Resolves: RHEL-142028
  Resolves: RHEL-142032
  Resolves: RHEL-142036
  Resolves: RHEL-142040
  Resolves: RHEL-142044
  Resolves: RHEL-142048
  Resolves: RHEL-142052
  Resolves: RHEL-142056

...

systemd-rpm-macros-252-70.el9.noarch

Tue, 12 May 2026 11:49:42 AM GMT

systemd-rpm-macros - Macros that define paths and scriptlets related to systemd

Just the definitions of rpm macros.

See
https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd
for information how to use those macros.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

rhel-net-naming-sysattrs-252-70.el9.noarch

Tue, 12 May 2026 11:49:42 AM GMT

rhel-net-naming-sysattrs - RHEL-specific network naming sysattrs

rhel-net-naming-sysattrs package provides hwdb and udev rule needed for stable
network naming scheme across RHEL releases.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-udev-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-udev - Rule-based device node and kernel event manager

This package contains systemd-udev and the rules and hardware database
needed to manage device nodes. This package is necessary on physical
machines and in virtual machines, but not in containers.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-resolved-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-resolved - System daemon that provides network name resolution to local applications

systemd-resolved is a system service that provides network name
resolution to local applications. It implements a caching and
validating DNS/DNSSEC stub resolver, as well as an LLMNR and
MulticastDNS resolver and responder.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-pam-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-pam - systemd PAM module

Systemd PAM module registers the session with systemd-logind.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-oomd-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-oomd - A userspace out-of-memory (OOM) killer

systemd-oomd is a system service that uses cgroups-v2 and pressure stall
information (PSI) to monitor and take action on processes before an OOM
occurs in kernel space.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-libs-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-libs - systemd libraries

Libraries for systemd and udev.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-container-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd-container - Tools for containers and VMs

Systemd tools to spawn and manage containers and virtual machines.

This package contains systemd-nspawn, machinectl, systemd-machined,
and systemd-importd.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

systemd-252-70.el9.s390x

Tue, 12 May 2026 11:47:57 AM GMT

systemd - System and Service Manager

systemd is a system and service manager that runs as PID 1 and starts
the rest of the system. It provides aggressive parallelization
capabilities, uses socket and D-Bus activation for starting services,
offers on-demand starting of daemons, keeps track of processes using
Linux control groups, maintains mount and automount points, and
implements an elaborate transactional dependency-based service control
logic. systemd supports SysV and LSB init scripts and works as a
replacement for sysvinit. Other parts of this package are a logging daemon,
utilities to control basic system configuration like the hostname,
date, locale, maintain a list of logged-in users, system accounts,
runtime directories and settings, and daemons to manage simple network
configuration, network time synchronization, log forwarding, and name
resolution.

Change Log:

Tue, 12 May 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-70
- core: cleanup unit's dropin directories from global cache (RHEL-127425)
- udev: allow persistent storage rules for rbd devices (RHEL-3631)
- udev/net_id: introduce naming scheme for RHEL-9.9 (RHEL-25518)
- fstab-generator: support swap on network block devices (RHEL-166187)
- core: increment start limit counter only when we can start the unit (RHEL-164539)
- TEST-07-PID1: wait for systemd-resolved being stopped (RHEL-164539)
- test: extend start limit interval (RHEL-164539)

Thu, 16 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-69
- nspawn: apply BindUser/Ephemeral from settings file only if trusted (RHEL-163871)
- nspawn: normalize pivot_root paths (RHEL-163871)
- core/service: do not propagate reload for combined RELOADING=1 + READY=1 when notify-reload (RHEL-108575)
- udev: check for invalid chars in various fields received from the kernel (RHEL-163877)
- udev: fix review mixup (RHEL-163877)
- udev/scsi-id: check for invalid chars in various fields received from the kernel (RHEL-163877)

Wed, 08 Apr 2026 GMT - systemd maintenance team <systemd-maint@redhat.com> - 252-68
- integritysetup: Add support for hmac-sha512 (RHEL-50213)
- integritysetup: Add PHMAC algorithm to list of known algorithms (RHEL-50213)
- manager: fix scope for environment generators (RHEL-159230)
- core: validate input cgroup path more prudently (RHEL-155393)

...

lsscsi-0.32-8.el9.s390x

Mon, 11 May 2026 09:22:20 PM GMT

lsscsi - List SCSI devices (or hosts) and associated information

Uses information provided by the sysfs pseudo file system in Linux kernel
2.6 series to list SCSI devices or all SCSI hosts. Includes a "classic"
option to mimic the output of "cat /proc/scsi/scsi" that has been widely
used prior to the lk 2.6 series.

Author:
--------
Doug Gilbert

Change Log:

Mon, 11 May 2026 GMT - Paul Evans <pevans@redhat.com> - 0.32-8
- lsscsi: Transport type FC and FCOE output inconsistencies [Patch v2] (RHEL-84793)

Thu, 02 Apr 2026 GMT - Paul Evans <pevans@redhat.com>  - 0.32-7
- lsscsi: Fixes for SBP (Firewire) host in transport_h_init() (RHEL-164341)
- lsscsi: Change default output trailing space after each device entry (RHEL-164345)
- lsscsi: Transport type FC and FCOE output inconsistencies (RHEL-84793)
- lsscsi: Device name spacing before major:minor when dev name exceeds 9 chars (RHEL-157864)

python3-markdown-3.3.4-5.el9.noarch

Mon, 11 May 2026 02:09:16 PM GMT

python3-markdown - Markdown implementation in Python

This is a Python implementation of John Gruber's Markdown. It is
almost completely compliant with the reference implementation, though
there are a few known issues.

Change Log:

Mon, 30 Mar 2026 GMT - David King <dking@redhat.com> - 3.3.4-5
- Fix CVE-2025-69534 (RHEL-153747)

rsync-3.2.5-7.el9.s390x

Mon, 11 May 2026 12:42:21 PM GMT

rsync - A program for synchronizing files over a network

Rsync uses a reliable algorithm to bring remote and host files into
sync very quickly. Rsync is fast because it just sends the differences
in the files over the network instead of sending the complete
files. Rsync is often used as a very powerful mirroring process or
just as a more capable replacement for the rcp command. A technical
report which describes the rsync algorithm is included in this
package.

Change Log:

Mon, 11 May 2026 GMT - Michal Ruprich <mruprich@redhat.com> - 3.2.5-7
- Resolves: RHEL-173468 - CVE-2024-12086 rsync server leaks arbitrary client files

Mon, 04 May 2026 GMT - Michal Ruprich <mruprich@redhat.com> - 3.2.5-6
- Resolves: RHEL-169151 - CVE-2026-41035 - Use-after-free vulnerability in extended attribute handling

Tue, 07 Apr 2026 GMT - Michal Ruprich <mruprich@redhat.com> - 3.2.5-5
- Resolves: RHEL-152536 - CVE-2025-10158 Out of bounds array access via negative index

...

curl-minimal-7.76.1-43.el9.s390x

Mon, 11 May 2026 06:32:23 AM GMT

curl-minimal - Conservatively configured build of curl for minimal installations

This is a replacement of the 'curl' package for minimal installations. It
comes with a limited set of features compared to the 'curl' package. On the
other hand, the package is smaller and requires fewer run-time dependencies to
be installed.

Change Log:

Thu, 07 May 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-43
- tests: disable flaky proxy tests on ppc64le in Konflux builds (RHEL-173187)

Tue, 31 Mar 2026 GMT - Veronika Kabatova <vkabatov@redhat.com> - 7.76.1-42
- Rebuild to fix missing binaries due to buildsystem oversight

Mon, 23 Mar 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-41
- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3

...

curl-7.76.1-43.el9.s390x

Mon, 11 May 2026 06:32:23 AM GMT

curl - A utility for getting files from remote servers (FTP, HTTP, and others)

curl is a command line tool for transferring data with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP
uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer
resume, proxy tunneling and a busload of other useful tricks.

Change Log:

Thu, 07 May 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-43
- tests: disable flaky proxy tests on ppc64le in Konflux builds (RHEL-173187)

Tue, 31 Mar 2026 GMT - Veronika Kabatova <vkabatov@redhat.com> - 7.76.1-42
- Rebuild to fix missing binaries due to buildsystem oversight

Mon, 23 Mar 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-41
- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3

...

libcurl-minimal-7.76.1-43.el9.s390x

Mon, 11 May 2026 06:32:23 AM GMT

libcurl-minimal - Conservatively configured build of libcurl for minimal installations

This is a replacement of the 'libcurl' package for minimal installations. It
comes with a limited set of features compared to the 'libcurl' package. On the
other hand, the package is smaller and requires fewer run-time dependencies to
be installed.

Change Log:

Thu, 07 May 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-43
- tests: disable flaky proxy tests on ppc64le in Konflux builds (RHEL-173187)

Tue, 31 Mar 2026 GMT - Veronika Kabatova <vkabatov@redhat.com> - 7.76.1-42
- Rebuild to fix missing binaries due to buildsystem oversight

Mon, 23 Mar 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-41
- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3

...

libcurl-7.76.1-43.el9.s390x

Mon, 11 May 2026 06:32:23 AM GMT

libcurl - A library for getting files from web servers

libcurl is a free and easy-to-use client-side URL transfer library, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT,
FTP uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer
resume, http proxy tunneling and more.

Change Log:

Thu, 07 May 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-43
- tests: disable flaky proxy tests on ppc64le in Konflux builds (RHEL-173187)

Tue, 31 Mar 2026 GMT - Veronika Kabatova <vkabatov@redhat.com> - 7.76.1-42
- Rebuild to fix missing binaries due to buildsystem oversight

Mon, 23 Mar 2026 GMT - Jacek Migacz <jmigacz@redhat.com> - 7.76.1-41
- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3

...

cryptsetup-libs-2.8.6-1.el9.s390x

Sun, 10 May 2026 08:10:54 PM GMT

cryptsetup-libs - Cryptsetup shared library

This package contains the cryptsetup shared library, libcryptsetup.

Change Log:

Fri, 08 May 2026 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.6-1
- Update to cryptsetup 2.8.6.
- patch: ci: Replace jq with bash wrapper.
- patch: ci: Fix jq no longer handling 0x00 characters.
- patch: reencrypt: update internal reencryption error state descriptions.
- patch: reencrypt: merge REENC_ERR and REENC_ROLLBACK errors in one.
- patch: reencrypt: better name error values to match the description.
- patch: reencrypt: refactor overlay devices teardown.
- patch: reencrypt: add more gracefull reencryption error path.
- patch: tests: Add reencryption error path tests.
- Resolves: 161183

Thu, 18 Dec 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-3
- patch: Read integrity profile info from top level device.
- patch: Fix possible use of uninitialized variable.
- patch: Reinstate pbkdf serialization flag in device activation.
- patch: Fix LUKS2 device status in inline HW mode and detached header.
- patch: Set inline integrity flag if no underlying dm-integrity device.
- patch: Fix wrong device size status reports in cryptsetup and integritysetup.
- Resolves: RHEL-122297 RHEL-125152 RHEL-125167 RHEL-132585 RHEL-140106

Fri, 12 Sep 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-2
- patch: Improve check for a function attribute support.
- Resolves: 100089

...

cryptsetup-2.8.6-1.el9.s390x

Sun, 10 May 2026 08:10:54 PM GMT

cryptsetup - Utility for setting up encrypted disks

The cryptsetup package contains a utility for setting up
disk encryption using dm-crypt kernel module.

Change Log:

Fri, 08 May 2026 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.6-1
- Update to cryptsetup 2.8.6.
- patch: ci: Replace jq with bash wrapper.
- patch: ci: Fix jq no longer handling 0x00 characters.
- patch: reencrypt: update internal reencryption error state descriptions.
- patch: reencrypt: merge REENC_ERR and REENC_ROLLBACK errors in one.
- patch: reencrypt: better name error values to match the description.
- patch: reencrypt: refactor overlay devices teardown.
- patch: reencrypt: add more gracefull reencryption error path.
- patch: tests: Add reencryption error path tests.
- Resolves: 161183

Thu, 18 Dec 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-3
- patch: Read integrity profile info from top level device.
- patch: Fix possible use of uninitialized variable.
- patch: Reinstate pbkdf serialization flag in device activation.
- patch: Fix LUKS2 device status in inline HW mode and detached header.
- patch: Set inline integrity flag if no underlying dm-integrity device.
- patch: Fix wrong device size status reports in cryptsetup and integritysetup.
- Resolves: RHEL-122297 RHEL-125152 RHEL-125167 RHEL-132585 RHEL-140106

Fri, 12 Sep 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-2
- patch: Improve check for a function attribute support.
- Resolves: 100089

...

integritysetup-2.8.6-1.el9.s390x

Sun, 10 May 2026 08:10:54 PM GMT

integritysetup - A utility for setting up dm-integrity volumes

The integritysetup package contains a utility for setting up
disk integrity protection using dm-integrity kernel module.

Change Log:

Fri, 08 May 2026 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.6-1
- Update to cryptsetup 2.8.6.
- patch: ci: Replace jq with bash wrapper.
- patch: ci: Fix jq no longer handling 0x00 characters.
- patch: reencrypt: update internal reencryption error state descriptions.
- patch: reencrypt: merge REENC_ERR and REENC_ROLLBACK errors in one.
- patch: reencrypt: better name error values to match the description.
- patch: reencrypt: refactor overlay devices teardown.
- patch: reencrypt: add more gracefull reencryption error path.
- patch: tests: Add reencryption error path tests.
- Resolves: 161183

Thu, 18 Dec 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-3
- patch: Read integrity profile info from top level device.
- patch: Fix possible use of uninitialized variable.
- patch: Reinstate pbkdf serialization flag in device activation.
- patch: Fix LUKS2 device status in inline HW mode and detached header.
- patch: Set inline integrity flag if no underlying dm-integrity device.
- patch: Fix wrong device size status reports in cryptsetup and integritysetup.
- Resolves: RHEL-122297 RHEL-125152 RHEL-125167 RHEL-132585 RHEL-140106

Fri, 12 Sep 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-2
- patch: Improve check for a function attribute support.
- Resolves: 100089

...

veritysetup-2.8.6-1.el9.s390x

Sun, 10 May 2026 08:10:54 PM GMT

veritysetup - A utility for setting up dm-verity volumes

The veritysetup package contains a utility for setting up
disk verification using dm-verity kernel module.

Change Log:

Fri, 08 May 2026 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.6-1
- Update to cryptsetup 2.8.6.
- patch: ci: Replace jq with bash wrapper.
- patch: ci: Fix jq no longer handling 0x00 characters.
- patch: reencrypt: update internal reencryption error state descriptions.
- patch: reencrypt: merge REENC_ERR and REENC_ROLLBACK errors in one.
- patch: reencrypt: better name error values to match the description.
- patch: reencrypt: refactor overlay devices teardown.
- patch: reencrypt: add more gracefull reencryption error path.
- patch: tests: Add reencryption error path tests.
- Resolves: 161183

Thu, 18 Dec 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-3
- patch: Read integrity profile info from top level device.
- patch: Fix possible use of uninitialized variable.
- patch: Reinstate pbkdf serialization flag in device activation.
- patch: Fix LUKS2 device status in inline HW mode and detached header.
- patch: Set inline integrity flag if no underlying dm-integrity device.
- patch: Fix wrong device size status reports in cryptsetup and integritysetup.
- Resolves: RHEL-122297 RHEL-125152 RHEL-125167 RHEL-132585 RHEL-140106

Fri, 12 Sep 2025 GMT - Kristina Hanicova <khanicov@redhat.com> - 2.8.1-2
- patch: Improve check for a function attribute support.
- Resolves: 100089

...

glibc-langpack-tl-2.34-270.el9.s390x