[ALSA-2026:30859] Important: perl-IO-Compress security update
Type:
security
Severity:
important
Release date:
2026-06-29
Description:
This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution: * Compress-Zlib * IO-Compress-Zlib * IO-Compress-Bzip2 * IO-Compress-Base Security Fix(es): * perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
noarch perl-IO-Compress-2.102-4.el9_8.1.noarch.rpm 9180bc36dc0e26f58a3079d46bf7aac1866c77ea730d2324eae291ada265a029
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.