[Apollo] Advisories Statistics light light Login

RLSA-2026:6470

Security Mirrored from RHSA-2026:6470
Issued at: 2026-04-09
Updated at: 2026-04-10

Synopsis

Important: perl-YAML-Syck security update



Description

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around.

Security Fix(es):

* perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter (CVE-2026-4177)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2448277

CVEs

CVE-2026-4177

Affected packages

Rocky Linux 8 aarch64 - PowerTools

perl-YAML-Syck-0:1.30-6.el8_10.aarch64.rpm perl-YAML-Syck-0:1.30-6.el8_10.src.rpm perl-YAML-Syck-debuginfo-0:1.30-6.el8_10.aarch64.rpm perl-YAML-Syck-debugsource-0:1.30-6.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

perl-YAML-Syck-0:1.30-6.el8_10.src.rpm perl-YAML-Syck-0:1.30-6.el8_10.x86_64.rpm perl-YAML-Syck-debuginfo-0:1.30-6.el8_10.x86_64.rpm perl-YAML-Syck-debugsource-0:1.30-6.el8_10.x86_64.rpm