Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:34197 - Security Advisory
Issued:
2026-07-01
Updated:
2026-07-01

RHSA-2026:34197 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: skopeo security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for skopeo is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

  • github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)
  • crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)
  • crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
  • crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x

Fixes

  • BZ - 2455470 - CVE-2026-34986 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object
  • BZ - 2456333 - CVE-2026-32281 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation
  • BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
  • BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

CVEs

  • CVE-2026-32280
  • CVE-2026-32281
  • CVE-2026-32283
  • CVE-2026-34986

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
x86_64
skopeo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 03eafd1864d1d49f129209a07036ad49abff8d2c18a5f4cf06bd57558c6dda9a
skopeo-debuginfo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 3569f0a1fdd2f37223a05a10195b408d7c27b48726cb4c1df454d1f1b9485188
skopeo-debugsource-1.14.6-1.el9_4.x86_64.rpm SHA-256: ac9ff3a6b716f25ca6d94c51cfa9238b0d4738c37e9a112e74ccabca1fa6376a
skopeo-tests-1.14.6-1.el9_4.x86_64.rpm SHA-256: c40041b575be809d1d704e4e78781a13d553eab7213a36dc0c6ca2c335a29601

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
ppc64le
skopeo-1.14.6-1.el9_4.ppc64le.rpm SHA-256: 08de1300996b52beb2273538307c8549426c01dcf876aa7481ebe891d3d4b193
skopeo-debuginfo-1.14.6-1.el9_4.ppc64le.rpm SHA-256: d55ecbe602e48f3a81c34a0bc13a7cbf76be060f64c3e70fdb226f77a0559323
skopeo-debugsource-1.14.6-1.el9_4.ppc64le.rpm SHA-256: 014eb8a76f9c081e4b75b44b39a6610146379d0845446bf39dbc001baf02864f
skopeo-tests-1.14.6-1.el9_4.ppc64le.rpm SHA-256: cd4abc181d2820bb044aecec8ec084a85c40836812c0a6bc08fb53f87478ba88

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
x86_64
skopeo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 03eafd1864d1d49f129209a07036ad49abff8d2c18a5f4cf06bd57558c6dda9a
skopeo-debuginfo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 3569f0a1fdd2f37223a05a10195b408d7c27b48726cb4c1df454d1f1b9485188
skopeo-debugsource-1.14.6-1.el9_4.x86_64.rpm SHA-256: ac9ff3a6b716f25ca6d94c51cfa9238b0d4738c37e9a112e74ccabca1fa6376a
skopeo-tests-1.14.6-1.el9_4.x86_64.rpm SHA-256: c40041b575be809d1d704e4e78781a13d553eab7213a36dc0c6ca2c335a29601

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
aarch64
skopeo-1.14.6-1.el9_4.aarch64.rpm SHA-256: fb6d3e0b131b471921443d29cc18fc2baee032f5e6d502f86b3c294bc09d4bbb
skopeo-debuginfo-1.14.6-1.el9_4.aarch64.rpm SHA-256: 7a953c054a99a2ae861b5219db4cf4e730b31459825b33380e93f2686265dbd7
skopeo-debugsource-1.14.6-1.el9_4.aarch64.rpm SHA-256: 63ca6e83170f17e166d501363694a0ebccd2b59a913270caba05153edb1e2e8c
skopeo-tests-1.14.6-1.el9_4.aarch64.rpm SHA-256: c726f299d03cd4aafae0cc9353994f06e18e54779a4ae8d2a43d650ea5cbb25e

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
s390x
skopeo-1.14.6-1.el9_4.s390x.rpm SHA-256: 9d15226c4d2d55b2834bf34afce2c03e3a550581c03cf63862f5ba90b5d07ed3
skopeo-debuginfo-1.14.6-1.el9_4.s390x.rpm SHA-256: 715fe6f260b94e6c0c41ff2ec24853a6bedfb0cfba5991c0971a660a66362bdb
skopeo-debugsource-1.14.6-1.el9_4.s390x.rpm SHA-256: 11acd98db948efdcfa9887d524abfdba6e753b310ef965b82b10ea1b9c86587e
skopeo-tests-1.14.6-1.el9_4.s390x.rpm SHA-256: 917ebb10cd8d302eedca4dfc0caa7fba4c4cc7f14b574317eda1ed5e7907ba8e

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
x86_64
skopeo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 03eafd1864d1d49f129209a07036ad49abff8d2c18a5f4cf06bd57558c6dda9a
skopeo-debuginfo-1.14.6-1.el9_4.x86_64.rpm SHA-256: 3569f0a1fdd2f37223a05a10195b408d7c27b48726cb4c1df454d1f1b9485188
skopeo-debugsource-1.14.6-1.el9_4.x86_64.rpm SHA-256: ac9ff3a6b716f25ca6d94c51cfa9238b0d4738c37e9a112e74ccabca1fa6376a
skopeo-tests-1.14.6-1.el9_4.x86_64.rpm SHA-256: c40041b575be809d1d704e4e78781a13d553eab7213a36dc0c6ca2c335a29601

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
aarch64
skopeo-1.14.6-1.el9_4.aarch64.rpm SHA-256: fb6d3e0b131b471921443d29cc18fc2baee032f5e6d502f86b3c294bc09d4bbb
skopeo-debuginfo-1.14.6-1.el9_4.aarch64.rpm SHA-256: 7a953c054a99a2ae861b5219db4cf4e730b31459825b33380e93f2686265dbd7
skopeo-debugsource-1.14.6-1.el9_4.aarch64.rpm SHA-256: 63ca6e83170f17e166d501363694a0ebccd2b59a913270caba05153edb1e2e8c
skopeo-tests-1.14.6-1.el9_4.aarch64.rpm SHA-256: c726f299d03cd4aafae0cc9353994f06e18e54779a4ae8d2a43d650ea5cbb25e

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
ppc64le
skopeo-1.14.6-1.el9_4.ppc64le.rpm SHA-256: 08de1300996b52beb2273538307c8549426c01dcf876aa7481ebe891d3d4b193
skopeo-debuginfo-1.14.6-1.el9_4.ppc64le.rpm SHA-256: d55ecbe602e48f3a81c34a0bc13a7cbf76be060f64c3e70fdb226f77a0559323
skopeo-debugsource-1.14.6-1.el9_4.ppc64le.rpm SHA-256: 014eb8a76f9c081e4b75b44b39a6610146379d0845446bf39dbc001baf02864f
skopeo-tests-1.14.6-1.el9_4.ppc64le.rpm SHA-256: cd4abc181d2820bb044aecec8ec084a85c40836812c0a6bc08fb53f87478ba88

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4

SRPM
skopeo-1.14.6-1.el9_4.src.rpm SHA-256: 761830ed123ba7f9e9bfe1a4eabe606eeb1327f73b499919332a1f8f81192514
s390x
skopeo-1.14.6-1.el9_4.s390x.rpm SHA-256: 9d15226c4d2d55b2834bf34afce2c03e3a550581c03cf63862f5ba90b5d07ed3
skopeo-debuginfo-1.14.6-1.el9_4.s390x.rpm SHA-256: 715fe6f260b94e6c0c41ff2ec24853a6bedfb0cfba5991c0971a660a66362bdb
skopeo-debugsource-1.14.6-1.el9_4.s390x.rpm SHA-256: 11acd98db948efdcfa9887d524abfdba6e753b310ef965b82b10ea1b9c86587e
skopeo-tests-1.14.6-1.el9_4.s390x.rpm SHA-256: 917ebb10cd8d302eedca4dfc0caa7fba4c4cc7f14b574317eda1ed5e7907ba8e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility