[Apollo] Advisories Statistics light light Login

RLSA-2026:28236

Security Mirrored from RHSA-2026:28236
Issued at: 2026-06-24
Updated at: 2026-06-25

Synopsis

Moderate: libsolv security update



Description

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm.

Security Fix(es):

* libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums (CVE-2026-9150)

* libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file (CVE-2026-9149)

* libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data (CVE-2026-48864)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 riscv64 Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2460380 2460379 2460425

CVEs

CVE-2026-48864 CVE-2026-9149 CVE-2026-9150

Affected packages

Rocky Linux 10 aarch64 - BaseOS

libsolv-debuginfo-0:0.7.33-5.el10_2.aarch64.rpm libsolv-0:0.7.33-5.el10_2.src.rpm libsolv-debugsource-0:0.7.33-5.el10_2.aarch64.rpm libsolv-0:0.7.33-5.el10_2.aarch64.rpm

Rocky Linux 10 aarch64 - CRB

libsolv-tools-debuginfo-0:0.7.33-5.el10_2.aarch64.rpm libsolv-tools-base-0:0.7.33-5.el10_2.aarch64.rpm libsolv-devel-0:0.7.33-5.el10_2.aarch64.rpm libsolv-tools-base-debuginfo-0:0.7.33-5.el10_2.aarch64.rpm libsolv-tools-0:0.7.33-5.el10_2.aarch64.rpm

Rocky Linux 10 s390x - CRB

libsolv-tools-base-debuginfo-0:0.7.33-5.el10_2.s390x.rpm libsolv-tools-debuginfo-0:0.7.33-5.el10_2.s390x.rpm libsolv-tools-0:0.7.33-5.el10_2.s390x.rpm libsolv-tools-base-0:0.7.33-5.el10_2.s390x.rpm libsolv-devel-0:0.7.33-5.el10_2.s390x.rpm

Rocky Linux 10 ppc64le - AppStream

python3-solv-debuginfo-0:0.7.33-5.el10_2.ppc64le.rpm python3-solv-0:0.7.33-5.el10_2.ppc64le.rpm

Rocky Linux 10 x86_64 - BaseOS

libsolv-debuginfo-0:0.7.33-5.el10_2.x86_64.rpm libsolv-0:0.7.33-5.el10_2.src.rpm libsolv-debugsource-0:0.7.33-5.el10_2.x86_64.rpm libsolv-0:0.7.33-5.el10_2.x86_64.rpm

Rocky Linux 10 ppc64le - BaseOS

libsolv-debugsource-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-0:0.7.33-5.el10_2.src.rpm libsolv-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-debuginfo-0:0.7.33-5.el10_2.ppc64le.rpm

Rocky Linux 10 x86_64 - CRB

libsolv-devel-0:0.7.33-5.el10_2.x86_64.rpm libsolv-tools-0:0.7.33-5.el10_2.x86_64.rpm libsolv-tools-debuginfo-0:0.7.33-5.el10_2.x86_64.rpm libsolv-tools-base-0:0.7.33-5.el10_2.x86_64.rpm libsolv-tools-base-debuginfo-0:0.7.33-5.el10_2.x86_64.rpm

Rocky Linux 10 riscv64 - BaseOS

libsolv-0:0.7.33-5.el10_2.src.rpm

Rocky Linux 10 s390x - BaseOS

libsolv-0:0.7.33-5.el10_2.src.rpm libsolv-debugsource-0:0.7.33-5.el10_2.s390x.rpm libsolv-0:0.7.33-5.el10_2.s390x.rpm libsolv-debuginfo-0:0.7.33-5.el10_2.s390x.rpm

Rocky Linux 10 s390x - AppStream

python3-solv-0:0.7.33-5.el10_2.s390x.rpm python3-solv-debuginfo-0:0.7.33-5.el10_2.s390x.rpm

Rocky Linux 10 ppc64le - CRB

libsolv-tools-base-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-tools-base-debuginfo-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-devel-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-tools-0:0.7.33-5.el10_2.ppc64le.rpm libsolv-tools-debuginfo-0:0.7.33-5.el10_2.ppc64le.rpm

Rocky Linux 10 aarch64 - AppStream

python3-solv-debuginfo-0:0.7.33-5.el10_2.aarch64.rpm python3-solv-0:0.7.33-5.el10_2.aarch64.rpm

Rocky Linux 10 x86_64 - AppStream

python3-solv-0:0.7.33-5.el10_2.x86_64.rpm python3-solv-debuginfo-0:0.7.33-5.el10_2.x86_64.rpm