[ALSA-2026:30860] Important: perl-IO-Compress security update
Type:
security
Severity:
important
Release date:
2026-06-30
Description:
This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution: * Compress-Zlib * IO-Compress-Zlib * IO-Compress-Bzip2 * IO-Compress-Base Security Fix(es): * perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
noarch perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm 741508f5ad1fac081838f6f573ee7ee5aed1ab60be165fde7eab4c556b6b2f28
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.