- Issued:
- 2026-07-09
- Updated:
- 2026-07-09
RHSA-2026:37385 - Security Advisory
Synopsis
Important: rh-podman-desktop security advisory update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
A security advisory update for rh-podman-desktop is now available for Red Hat Enterprise Linux 10.
Description
Red Hat build of Podman Desktop is a graphical tool for managing containers using Podman. It allows users to run, manage, and configure containers and container images using a desktop GUI.
Most notable CVE and Bug Fix(es) and Enhancement(s):
- Issues for CVE fix 1.1.1 (JIRA:RHDESK-595)
- Fix for RHDESK-529, RHDESK-530, RHDESK-531 - "fast-uri: Path traversal vulnerability allows bypass of security policies (CVE-2026-6321)"
- Fix for RHDESK-611 - "protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (CVE-2026-44293)"
- Fix for RHDESK-640 - "fast-uri: URI authority bypass due to improper delimiter handling (CVE-2026-6322)"
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux for x86_64 10 x86_64
Fixes
- RHEL-182245 - Release RH Podman Desktop 1.1.1 to RHEL 10.2 Extensions
Red Hat Enterprise Linux for x86_64 10
| SRPM | |
|---|---|
| rh-podman-desktop-1.1.1-1.el10_2.src.rpm | SHA-256: 4c16c940e6b6759c1eb63888625db95ba5f88858ab02abc2f29c61ac0bf66c0a |
| x86_64 | |
| rh-podman-desktop-1.1.1-1.el10_2.x86_64.rpm | SHA-256: 8021eca9cce41d9fc857f029ed90a0c8d48b9a697c17985d7f5a36caab1f932f |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.