Synopsis
Important: perl-IO-Compress security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for perl-IO-Compress is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution:
- Compress-Zlib
- IO-Compress-Zlib
- IO-Compress-Bzip2
- IO-Compress-Base
Security Fix(es):
- perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x
Fixes
-
BZ - 2481767
- CVE-2026-48962 perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| x86_64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| x86_64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| s390x |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| s390x |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| ppc64le |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| ppc64le |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| aarch64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| aarch64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| aarch64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| s390x |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| ppc64le |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| x86_64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| x86_64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| aarch64 |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| ppc64le |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2
| SRPM |
|
perl-IO-Compress-2.212-512.el10_2.1.src.rpm
|
SHA-256: cda871e8e1f8e0c8c3e4602b929b3ab828765ceb3df5832b2863e7c97d932e01 |
| s390x |
|
perl-IO-Compress-2.212-512.el10_2.1.noarch.rpm
|
SHA-256: 2f1939a74dd6d2c0bd53d36f570a4b51783dea879f5184cd6745c5146bcc021f |
