NCSA-2026-C3F05EE51E Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32877

- EN: Backport the Botan upstream SM2 C3 length verification fix for CVE-2026-32877. Malformed SM2 ciphertext could trigger a heap over-read during decryption; the patch adds a length check before comparing the C3/authentication value and prevents out-of-bounds reads. - RU: Назадпортировать исправление Botan для проверки длины поля C3 в SM2, устраняющее CVE-2026-32877. Некорректно сформированный SM2-шифртекст мог вызывать heap over-read при расшифровании; патч добавляет проверку длины перед сравнением значения C3/authentication code и предотвращает чтение за пределами буфера. 0 niceos-5.2-updates noarch/botan2-doc-2.19.5-2.niceosc5.noarch.rpm 104cd0fab25daa99428f26be964d4394dcdaa2a5437b22fb72d8e0ae82afda70 noarch/python3-botan2-2.19.5-2.niceosc5.noarch.rpm f4632e6587d9594ad4afabef148267845aafdebe3a6fbee07774960784f2157d NCSA-2026-BFCCEDAC4B Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32316

- Backport upstream fix for CVE-2026-32316. - Address an integer overflow in jvp_string_append()/jvp_string_copy_replace_bad that can lead to a heap buffer overflow when jq handles very large string concatenations. - Add/extend regression coverage for large-string allocation and copy paths. - Bump Release for the security update. - RU: Выполнен backport исправления upstream для CVE-2026-32316. - Устранено целочисленное переполнение в jvp_string_append()/jvp_string_copy_replace_bad, которое может приводить к heap buffer overflow при обработке очень больших конкатенаций строк. - Добавлено/расширено регрессионное покрытие для путей выделения памяти и копирования больших строк. - Повышен Release для security-обновления. 0 niceos-5.2-updates x86_64/jq-1.8.1-2.niceosc5.x86_64.rpm 98f67b4cf43a6ff241e7ac292aeef490e3d19b5805147a6d848c8a0565d3380a x86_64/jq-devel-1.8.1-2.niceosc5.x86_64.rpm 984e12d912635fb48156e3be31138b1f3b792bb0ec30510c672a77d3fb763d1a NCSA-2026-BE7E801DEF Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32316

- Backport upstream fix for CVE-2026-32316. - Address an integer overflow in jvp_string_append()/jvp_string_copy_replace_bad that can lead to a heap buffer overflow when jq handles very large string concatenations. - Add/extend regression coverage for large-string allocation and copy paths. - Bump Release for the security update. - RU: Выполнен backport исправления upstream для CVE-2026-32316. - Устранено целочисленное переполнение в jvp_string_append()/jvp_string_copy_replace_bad, которое может приводить к heap buffer overflow при обработке очень больших конкатенаций строк. - Добавлено/расширено регрессионное покрытие для путей выделения памяти и копирования больших строк. - Повышен Release для security-обновления. 0 niceos-5.2-updates src/jq-1.8.1-2.niceosc5.src.rpm fea5a12099cb79c0a61d26c45881f78598ace4198dfaeaa189b17c4d9ec42cbc NCSA-2026-8B3FAA5217 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32877

- EN: Backport the Botan upstream SM2 C3 length verification fix for CVE-2026-32877. Malformed SM2 ciphertext could trigger a heap over-read during decryption; the patch adds a length check before comparing the C3/authentication value and prevents out-of-bounds reads. - RU: Назадпортировать исправление Botan для проверки длины поля C3 в SM2, устраняющее CVE-2026-32877. Некорректно сформированный SM2-шифртекст мог вызывать heap over-read при расшифровании; патч добавляет проверку длины перед сравнением значения C3/authentication code и предотвращает чтение за пределами буфера. 0 niceos-5.2-updates src/botan2-2.19.5-2.niceosc5.src.rpm ecae541023fc30dca9bab27bd4aaa5ce2d1badbaa9f46f14cc18b88f5f1ef375 NCSA-2026-32AA0E2E89 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662

- BUMP to 2.14 - Backport GRUB2 security fixes for HFS, squash4, UDF, and gettext issues (CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662). - Reduce pre-boot memory-corruption and secure-boot bypass risk in grub2 modules and boot images. - Внедрены backport-исправления безопасности GRUB2 для ошибок в HFS, squash4, UDF и gettext (CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662). - Снижены риски повреждения памяти до загрузки ОС и обхода Secure Boot в модулях и загрузочных образах grub2. 0 niceos-5.2-updates src/grub2-2.14-1.niceosc5.src.rpm c6397c01066b5bfcb02d6fc244f15a5db4c910c7b926d28bc5657a6dc247d3a9 NCSA-2026-28BF93C55D Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32877

- EN: Backport the Botan upstream SM2 C3 length verification fix for CVE-2026-32877. Malformed SM2 ciphertext could trigger a heap over-read during decryption; the patch adds a length check before comparing the C3/authentication value and prevents out-of-bounds reads. - RU: Назадпортировать исправление Botan для проверки длины поля C3 в SM2, устраняющее CVE-2026-32877. Некорректно сформированный SM2-шифртекст мог вызывать heap over-read при расшифровании; патч добавляет проверку длины перед сравнением значения C3/authentication code и предотвращает чтение за пределами буфера. 0 niceos-5.2-updates x86_64/botan2-2.19.5-2.niceosc5.x86_64.rpm b9e00e071deb8acc4d11a6fd5489493ae01be26ab2e7962e0395a79ff9c413fe x86_64/botan2-devel-2.19.5-2.niceosc5.x86_64.rpm 89d9eed592b51bb1dfc95d2fee19a37c3ed808be98a22854bee31f6da6ddafe6 NCSA-2026-0A0E2D444F Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662

- BUMP to 2.14 - Backport GRUB2 security fixes for HFS, squash4, UDF, and gettext issues (CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662). - Reduce pre-boot memory-corruption and secure-boot bypass risk in grub2 modules and boot images. - Внедрены backport-исправления безопасности GRUB2 для ошибок в HFS, squash4, UDF и gettext (CVE-2024-45782, CVE-2024-56737, CVE-2025-0678, CVE-2025-0689, CVE-2025-1125, CVE-2025-61662). - Снижены риски повреждения памяти до загрузки ОС и обхода Secure Boot в модулях и загрузочных образах grub2. 0 niceos-5.2-updates x86_64/grub2-2.14-1.niceosc5.x86_64.rpm 7bc6eeee0b2f3bd696fa5bce4a38be147add16deb7ea28ae496eae2b65943817 x86_64/grub2-efi-2.14-1.niceosc5.x86_64.rpm bca279cf5e719470f7381899d0972822c471d37000ec1f555b3785cc75bb22cc x86_64/grub2-efi-image-2.14-1.niceosc5.x86_64.rpm 3049518a6a468ef0a21c712e4ed0b6998f1c762cef5a006b77659cc8d97eec1e x86_64/grub2-emu-2.14-1.niceosc5.x86_64.rpm 36f6fe26e339eefaa6dba0031400f9cfc8a9c51c89df3f46a3ce38164d5f14d9 x86_64/grub2-pc-2.14-1.niceosc5.x86_64.rpm 146bfb1739c0cf11c38c0d708b0aef8c705651585b3ace5a2542e44e7b4cef3f NCSA-2026-F25C1BB322 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232

- EN: - Update rsync to 3.4.3: fix six upstream CVEs and a --copy-dirlinks regression. - RU: - Обновление rsync до 3.4.3: исправлены шесть уязвимостей upstream и регрессия в --copy-dirlinks. - CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232, CVE-2026-29518 0 niceos-5.2-updates noarch/rsync-daemon-3.4.3-1.niceosc5.noarch.rpm 996565bac2928b79a34586058477031e960a62108336523c67f1d023e6955b21 noarch/rsync-rrsync-3.4.3-1.niceosc5.noarch.rpm 547ab74336cf580cf8dceaad9abecae5fd4d418d8479635fcd81b7a72d95dbbc NCSA-2026-89CFB55B2B Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232

- EN: - Update rsync to 3.4.3: fix six upstream CVEs and a --copy-dirlinks regression. - RU: - Обновление rsync до 3.4.3: исправлены шесть уязвимостей upstream и регрессия в --copy-dirlinks. - CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232, CVE-2026-29518 0 niceos-5.2-updates src/rsync-3.4.3-1.niceosc5.src.rpm 5384d0f6dd23fc5895e4e41d2d8bc2238275a0f2b59811cf58d9986741bcb246 NCSA-2026-206EE70097 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232

- EN: - Update rsync to 3.4.3: fix six upstream CVEs and a --copy-dirlinks regression. - RU: - Обновление rsync до 3.4.3: исправлены шесть уязвимостей upstream и регрессия в --copy-dirlinks. - CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232, CVE-2026-29518 0 niceos-5.2-updates x86_64/rsync-3.4.3-1.niceosc5.x86_64.rpm 6d68a03fc4baafffa2f3440d7804c03ccfaa67dce2efebf4a06b4ca08df44845 NCSA-2026-E9783F426C Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-5450, CVE-2026-5928

- Backport upstream glibc 2.42 stable security fixes for CVE-2026-5450, CVE-2026-5928. - Keep glibc on the NiceOS 5.2 2.42.x ABI line; do not bump Version. - Added security backport patches: - Patch1007: glibc-2.42-1007-CVE-2026-5928-b4bca35ab9e7-libio-fix-ungetwc-operating-on-byte-stream.patch (CVE-2026-5928; b4bca35ab9e7). - Patch1008: glibc-2.42-1008-CVE-2026-5450-4ebd33dd77ea-stdio-common-fix-buffer-overflow-in-scanf-mc.patch (CVE-2026-5450; 4ebd33dd77ea). 0 niceos-5.2-updates x86_64/glibc-2.42-3.niceosc5.x86_64.rpm d687a4270dadf7540e5a23819722f352be9504f7a673c3f5b169edf76919a5cf x86_64/glibc-devel-2.42-3.niceosc5.x86_64.rpm 138364e345eefc338e8e47e5e7f14d8d6f674c90aaeb7e956f47a04b273c7936 x86_64/glibc-libs-2.42-3.niceosc5.x86_64.rpm 0c680a10a1f1204dad3b1917b156a6c090088bdcb4921cb370f4daef6c159746 x86_64/lib32-glibc-2.42-3.niceosc5.x86_64.rpm 076259c462d2e708ac6ddcc3f3a1583e4007d376d8416a6a46a42b4ab5cabba9 NCSA-2026-C6AB6C2971 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2022-40320

- Fix CVE-2022-40320 0 niceos-5.2-updates src/libconfuse-3.3-2.niceosc5.src.rpm 4859cff0b6b79715a830bce3b99e2688551581ea9c67de221e1ee82710053a0b NCSA-2026-B4797B4A5D Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-13151

- CVE-2025-13151 0 niceos-5.2-updates src/libtasn1-4.20.0-1.niceosc5.src.rpm 45b7aa0718c6cadbb41d8c1757b8df9d30adb3fccaf557f0d1110b3b82c7d1d9 NCSA-2026-AF8E27154D Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-0994

- CVE-2026-0994 0 niceos-5.2-updates src/protobuf-31.1-2.niceosc5.src.rpm b2ecb3530f9536b4d0b51278ee96f07a9042c2287c82f65e6d030e0e48a25303 NCSA-2026-52292594DC Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-0994

- CVE-2026-0994 0 niceos-5.2-updates x86_64/protobuf-31.1-2.niceosc5.x86_64.rpm cd99d65111f484bf21af599ca544231fa07c185f65f22527a7bb772dccca73ad x86_64/protobuf-devel-31.1-2.niceosc5.x86_64.rpm 1fe0f5808bce6aa9f3c1166048d9a4f334bcd58757bb66fe50eb58e695102ab3 x86_64/python3-protobuf-31.1-2.niceosc5.x86_64.rpm 6db8937755ed2e03da2f082da2bf3f6d45ebc0c828a7918524ea07e6755a743f NCSA-2026-4D1845D4C4 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-13151

- CVE-2025-13151 0 niceos-5.2-updates x86_64/lib32-libtasn1-4.20.0-1.niceosc5.x86_64.rpm 72ef41a7bff34c22f97a40e94978778ee41ee9796e435befe1b37dc33d0b6e56 x86_64/libtasn1-4.20.0-1.niceosc5.x86_64.rpm 056f79a184db3cabacc3698bf694d1ee659759324d78c93cae501daab70d98f8 x86_64/libtasn1-devel-4.20.0-1.niceosc5.x86_64.rpm 86f997c1829b8bc40ab4ad78b9a6b2dcb3e8c88c44c738af04f151a8e702d3ce NCSA-2026-45A064D5CB Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589

- Security update to Redis 8.2.6. - Fix CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588, and CVE-2026-25589. - Upstream release also includes bug fixes; rebuild and smoke-testing are required. - Обновление безопасности Redis до версии 8.2.6. - Исправлены CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588 и CVE-2026-25589. - В upstream-релизе также есть исправления ошибок; требуется пересборка и smoke-тестирование. 0 niceos-5.2-updates x86_64/redis-8.2.6-1.niceosc5.x86_64.rpm 5591941d0c23e2f0874c7a35121e5e525a71a177a13eec9b5cee6c30d2f3ebe2 NCSA-2026-1BC741E312 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-5450, CVE-2026-5928

- Backport upstream glibc 2.42 stable security fixes for CVE-2026-5450, CVE-2026-5928. - Keep glibc on the NiceOS 5.2 2.42.x ABI line; do not bump Version. - Added security backport patches: - Patch1007: glibc-2.42-1007-CVE-2026-5928-b4bca35ab9e7-libio-fix-ungetwc-operating-on-byte-stream.patch (CVE-2026-5928; b4bca35ab9e7). - Patch1008: glibc-2.42-1008-CVE-2026-5450-4ebd33dd77ea-stdio-common-fix-buffer-overflow-in-scanf-mc.patch (CVE-2026-5450; 4ebd33dd77ea). 0 niceos-5.2-updates src/glibc-2.42-3.niceosc5.src.rpm 83ab3d23dc4249c069116d3c34c576a42477d24f4d02b7138c0d905201f2ac72 NCSA-2026-168E55E8D1 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589

- Security update to Redis 8.2.6. - Fix CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588, and CVE-2026-25589. - Upstream release also includes bug fixes; rebuild and smoke-testing are required. - Обновление безопасности Redis до версии 8.2.6. - Исправлены CVE-2026-23479, CVE-2026-23631, CVE-2026-25243, CVE-2026-25588 и CVE-2026-25589. - В upstream-релизе также есть исправления ошибок; требуется пересборка и smoke-тестирование. 0 niceos-5.2-updates src/redis-8.2.6-1.niceosc5.src.rpm 0efe2923c57f74b8e39cda4cdafd964f97e025d5faec4489370cf3a51d4f86f7 NCSA-2026-116352CAC0 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2022-40320

- Fix CVE-2022-40320 0 niceos-5.2-updates x86_64/libconfuse-3.3-2.niceosc5.x86_64.rpm ceced711d88de81c8ddde6c4c9e007e412efc5806ce8d038a48abcd417ab5c98 x86_64/libconfuse-devel-3.3-2.niceosc5.x86_64.rpm 83140bbef5f23ed032b68d34842ee91da06f052cdcba6bcb69ed2b8a089d8127 NCSA-2026-E8E9C65D43 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-21444

- EN: - Update libtpms to 0.10.2. - Fix a TPM2 memory leak by freeing the KDF context. - Fix retrieval of the updated IV when using OpenSSL >= 3.0 (CVE-2026-21444). - RU: - Обновить libtpms до версии 0.10.2. - Исправлена утечка памяти в TPM2: освобождение KDF context. - Исправлено получение обновлённого IV при использовании OpenSSL >= 3.0 (CVE-2026-21444). 0 niceos-5.2-updates src/libtpms-0.10.2-1.niceosc5.src.rpm 9ea1665c08d6b41903a9feed5c09c4889a2d0a75e9852394e9c6d0447f696bc1 NCSA-2026-AE0378A508 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-21444

- EN: - Update libtpms to 0.10.2. - Fix a TPM2 memory leak by freeing the KDF context. - Fix retrieval of the updated IV when using OpenSSL >= 3.0 (CVE-2026-21444). - RU: - Обновить libtpms до версии 0.10.2. - Исправлена утечка памяти в TPM2: освобождение KDF context. - Исправлено получение обновлённого IV при использовании OpenSSL >= 3.0 (CVE-2026-21444). 0 niceos-5.2-updates x86_64/libtpms-0.10.2-1.niceosc5.x86_64.rpm 889594d7a939028b6f03dac74beed3c764383558fe66d70c1d13e818e55b7e00 x86_64/libtpms-devel-0.10.2-1.niceosc5.x86_64.rpm 658e05e9377a2ca691f557199186e41da9fbed6816d39316fbaadeff77e07ce6 NCSA-2026-C0B1BD6D88 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-31133, CVE-2025-52565, CVE-2025-52881

- EN: - Update docker to 28.5.2. - Pull in runc security fixes for CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881. - Note upstream rootless change: dockerd-rootless.sh now tries pasta (passt) when slirp4netns is unavailable. - Refresh source tarballs and package metadata for the new release. - RU: - Обновить docker до 28.5.2. - Подтянуть исправления безопасности runc для CVE-2025-31133, CVE-2025-52565 и CVE-2025-52881. - Учесть изменение поведения rootless: dockerd-rootless.sh теперь пробует pasta (passt), если slirp4netns недоступен. - Обновить исходные tarball-архивы и метаданные пакета под новый выпуск. 0 niceos-5.2-updates x86_64/docker-28.5.2-1.niceosc5.x86_64.rpm ca9e1fd4fa0c9de2866226ed56bf76b5eac2e2aa10bd04e03c3cfa8c30f61e7c x86_64/docker-cli-28.5.2-1.niceosc5.x86_64.rpm 501c813a5f9fe233e0662a66579931d055f54b753a3ed03601190d62c291cb2d x86_64/docker-doc-28.5.2-1.niceosc5.x86_64.rpm 3630c6de7ff01455484ff1917c60a3b8e723977a56f34201d059f9bbc22053de x86_64/docker-engine-28.5.2-1.niceosc5.x86_64.rpm cb4e66e6f04fe55e627751a70697585b184ff6cfb7b9e49342c38ab254059e38 x86_64/docker-rootless-28.5.2-1.niceosc5.x86_64.rpm 278397d753e1a65a9f728d48c6693e74f04720ae29bab3553143fc2f6571168c NCSA-2026-BE22668332 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-52881

- EN: - Update cni from 1.7.1 to 1.9.1 - Security update for CVE-2025-52881 via selinux dependency bump to 1.13.0 - Backport upstream fixes for nil bandwidth handling in CHECK, vrf route filtering, and bridge AddrAdd error details - RU: - Обновление cni с 1.7.1 до 1.9.1 - Исправление безопасности для CVE-2025-52881 через обновление зависимости selinux до 1.13.0 - Включены upstream-исправления для обработки nil bandwidth в CHECK, фильтрации маршрутов vrf и текста ошибки bridge AddrAdd 0 niceos-5.2-updates src/cni-1.9.1-1.niceosc5.src.rpm 931ab0042cf97d8b06fdb58a8d49c671c16da5f037ed8494b1bc27dec9200a02 NCSA-2026-B32D2346A6 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-31133, CVE-2025-52565, CVE-2025-52881

- EN: - Update docker to 28.5.2. - Pull in runc security fixes for CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881. - Note upstream rootless change: dockerd-rootless.sh now tries pasta (passt) when slirp4netns is unavailable. - Refresh source tarballs and package metadata for the new release. - RU: - Обновить docker до 28.5.2. - Подтянуть исправления безопасности runc для CVE-2025-31133, CVE-2025-52565 и CVE-2025-52881. - Учесть изменение поведения rootless: dockerd-rootless.sh теперь пробует pasta (passt), если slirp4netns недоступен. - Обновить исходные tarball-архивы и метаданные пакета под новый выпуск. 0 niceos-5.2-updates src/docker-28.5.2-1.niceosc5.src.rpm 82d78cf8d8a69fee849f9d6a6199cae4653b1314671c89111e89d11c59139a49 NCSA-2026-05CB8BC889 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-52881

- EN: - Update cni from 1.7.1 to 1.9.1 - Security update for CVE-2025-52881 via selinux dependency bump to 1.13.0 - Backport upstream fixes for nil bandwidth handling in CHECK, vrf route filtering, and bridge AddrAdd error details - RU: - Обновление cni с 1.7.1 до 1.9.1 - Исправление безопасности для CVE-2025-52881 через обновление зависимости selinux до 1.13.0 - Включены upstream-исправления для обработки nil bandwidth в CHECK, фильтрации маршрутов vrf и текста ошибки bridge AddrAdd 0 niceos-5.2-updates x86_64/cni-1.9.1-1.niceosc5.x86_64.rpm 7b5ae65603fa2fda235c7f49f7c902f658dec09d7a9c85d1813b60b9ca841b89 NCSA-2026-1CDB5E15D5 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-35385, CVE-2026-35386, CVE-2026-35414

- Backport upstream scp setuid/setgid clearing fix for CVE-2026-35385. - Backport upstream authorized_keys principals matching fix for CVE-2026-35414. - Triage CVE-2026-35386 as already fixed/not affected in NiceOS 9.9p2 code path: command-line remote usernames are validated before use. - Keep OpenSSH on the NiceOS 5.2 pinned 9.9p2 line; do not update to 10.3. 0 niceos-5.2-updates x86_64/openssh-9.9p2-3.niceosc5.x86_64.rpm d8461188ac31af609cd299cd712355d66bf5d0a60cee7803a1ea7a89c5cce37d x86_64/openssh-clients-9.9p2-3.niceosc5.x86_64.rpm 2c04eb2ef029467f3357ae684258ce969688c206a18c9b1bd0afc759d63ddec3 x86_64/openssh-server-9.9p2-3.niceosc5.x86_64.rpm 637e2260ab8cb77a3020fb1943479bdf08ce03701fb050edbf18a4faab711084 x86_64/openssh-socket-9.9p2-3.niceosc5.x86_64.rpm 3eee0662c50771635e0d42b85d8d152608d2d9b45050d35896ee4f9ef0431b93 NCSA-2026-EEFDAD4744 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-4519

- CVE-2026-4519 0 niceos-5.2-updates x86_64/python3-3.12.12-3.niceosc5.x86_64.rpm ee4f184ec6c2a04e0621aeb47c3b1179432b3ed4d054c75e7d51d19f981b6f68 x86_64/python3-curses-3.12.12-3.niceosc5.x86_64.rpm a1abd47aa1762dee4e15486cb1eb4e99126cf924ca4deb5cc582c16b4824fce9 x86_64/python3-devel-3.12.12-3.niceosc5.x86_64.rpm b0cbf8325840f09ac5e5ace297d8d5caff5f0925c37983aca28cc91988f3d9fc x86_64/python3-libs-3.12.12-3.niceosc5.x86_64.rpm 2657147e33b34d4c285026ed84e61c03e51b1c7b44f1a3803b93f12c695bdbf3 x86_64/python3-test-3.12.12-3.niceosc5.x86_64.rpm ddcf4872321f49f535367e1f5b9189c4b4dbc9eb8b33b7e3ec2fd72d7761a0d9 x86_64/python3-xml-3.12.12-3.niceosc5.x86_64.rpm ab320b95894fb3925a7233cf4b3bfbf6de543ed41db11696f850d855a8980c07 NCSA-2026-EA6877F071 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-4519

- CVE-2026-4519 0 niceos-5.2-updates noarch/python3-macros-3.12.12-3.niceosc5.noarch.rpm 7265974719b076b22c88254812fe64a7c0c52216688b3cd033d0820d944b32d0 NCSA-2026-DA70F850BF Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-5914

- Actually apply Patch1001 backport for CVE-2025-5914. 0 niceos-5.2-updates x86_64/lib32-libarchive-3.7.9-3.niceosc5.x86_64.rpm 44230af38724de92807ca422a3981f4d23672a845f1e9786ca5f0b39fab83097 x86_64/libarchive-3.7.9-3.niceosc5.x86_64.rpm 2c3df0605a70b97049b0bc13811cc243c7ce81f1db5d443517f202fe80fdb0ac x86_64/libarchive-devel-3.7.9-3.niceosc5.x86_64.rpm a9dab3c680bd48c1c9fa1e480a97073a4de6cb518055833d0fde1a15aafa6f63 NCSA-2026-D2C7ABD6CD Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-70873

- Backport upstream zipfileInflate fix for CVE-2025-70873. - Keep SQLite on the NiceOS 5.2 pinned 3.50.x line to avoid unnecessary ABI/API/behavior changes. 0 niceos-5.2-updates x86_64/lib32-sqlite-3.50.4-2.niceosc5.x86_64.rpm 925a59a20b8c7d61f0a946f11c2585df7934e3a728b801303ee49f077d949329 x86_64/sqlite-3.50.4-2.niceosc5.x86_64.rpm e4e2fde2844d8a89e5a1e2090ee3178f560f8c403102ea89a446ac13c56acfe3 x86_64/sqlite-devel-3.50.4-2.niceosc5.x86_64.rpm e6541ef469a50e2d66538121e180018a600039d67a99871b9b2469dda912f30d x86_64/sqlite-libs-3.50.4-2.niceosc5.x86_64.rpm 468a47a31bbae4fe91b53c838eb47940657ce38a10042aa12a4c0e3db30cf476 NCSA-2026-8B79B2046D Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-15281, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437

- Backport upstream glibc 2.42 stable security fixes for CVE-2026-0861, CVE-2025-15281, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437. - Keep glibc on the NiceOS 5.2 2.42.x ABI line; do not bump Version. - Added security backport patches: - Patch1001: glibc-2.42-1001-CVE-2026-0861-b0ec8fb689df-memalign-reinstate-alignment-overflow-check.patch (CVE-2026-0861; b0ec8fb689df). - Patch1002: glibc-2.42-1002-CVE-2026-0915-453e6b8dbab9-resolv-fix-nss-dns-backend-for-getnetbyaddr.patch (CVE-2026-0915; 453e6b8dbab9). - Patch1003: glibc-2.42-1003-CVE-2025-15281-cbf39c26b258-posix-reset-wordexp-t-fields-with-wrde-reuse-bz-33814.patch (CVE-2025-15281; cbf39c26b258). - Patch1004: glibc-2.42-1004-CVE-2025-15281-1a19d5a507eb-posix-run-tst-wordexp-reuse-mem-test.patch (CVE-2025-15281; 1a19d5a507eb). - Patch1005: glibc-2.42-1005-CVE-2026-4437-8e863fb1c923-resolv-count-records-correctly.patch (CVE-2026-4437; 8e863fb1c923). - Patch1006: glibc-2.42-1006-CVE-2026-4046-f13c1bb0f97f-use-pending-character-state-in-ibm1390-ibm1399-character-sets.patch (CVE-2026-4046; f13c1bb0f97f). 0 niceos-5.2-updates x86_64/glibc-2.42-2.niceosc5.x86_64.rpm 1115e8fea7c38395247e484ce5ca4a89c1d001b03411fbe660498a134ccb1ba4 x86_64/glibc-devel-2.42-2.niceosc5.x86_64.rpm 073d0d280b5866fab9cd165178d5d7fc98aa6494f93bbdb3557b77e34b70865a x86_64/glibc-libs-2.42-2.niceosc5.x86_64.rpm 7de86a090acf292daf2a6b378f9de5100d9e9d71c61e50842d4fadec8e9722f7 x86_64/lib32-glibc-2.42-2.niceosc5.x86_64.rpm 69d0aa499b8801437f6c22a946d85d7452dc4d9258dc579ac1296402e58c7081 NCSA-2026-7F928C931B Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-5914

- Backport upstream fix for CVE-2025-5914. - Fix RAR reader integer overflow leading to double-free with over 4 billion nodes. - Keep libarchive on the NiceOS 5.2 pinned 3.7.x line; do not bump to 3.8.x. 0 niceos-5.2-updates x86_64/lib32-libarchive-3.7.9-2.niceosc5.x86_64.rpm a89ed1bc176d317cbb995cc99b03c9bd96285b7ada3c74363043aecde325186e x86_64/libarchive-3.7.9-2.niceosc5.x86_64.rpm 8f27b3bb55436446a55486e27347e9cb31a081aff98533ab47d09c10da341cb1 x86_64/libarchive-devel-3.7.9-2.niceosc5.x86_64.rpm 444010b2ec664f79a05d166ba206790d09f691f29d6be75193f14528250be8c0 NCSA-2026-5FE089753D Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-3201, CVE-2026-3202, CVE-2026-3203

- EN: Update to upstream version 4.4.14. Security references: CVE-2026-3201, CVE-2026-3202, CVE-2026-3203. - RU: Обновление до upstream-версии 4.4.14. Упоминания безопасности: CVE-2026-3201, CVE-2026-3202, CVE-2026-3203. 0 niceos-5.2-updates x86_64/wireshark-4.4.14-1.niceosc5.x86_64.rpm 712b33558b7d0d50ac9c9985996bd462e2f91163f72ef4e554e94355ae1c111d x86_64/wireshark-devel-4.4.14-1.niceosc5.x86_64.rpm dcb977d3722400c713d54886ad74404be92df7b285ca04181cfa51b3c32c5076 NCSA-2026-4CC5E9FEBD Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-3805

- Backport upstream SMB connection reuse fix for CVE-2026-3805. - Keep curl/libcurl on the NiceOS 5.2 stable 8.18.x line to avoid unnecessary behavior changes. 0 niceos-5.2-updates x86_64/curl-8.18.0-2.niceosc5.x86_64.rpm 7e246d74c1a720d8ea43f85873b12c0daa2104011aae41bc14cead0b74296cd6 x86_64/curl-devel-8.18.0-2.niceosc5.x86_64.rpm 3aa967a53c405e5953a856d7a06111075e5af5f067ecb106f19a6ad714ad169d x86_64/curl-libs-8.18.0-2.niceosc5.x86_64.rpm 1fc2f014237d5fe1b8cc0d41c761ad9d5b92040b9e85c89e097c639935051f6b x86_64/lib32-curl-8.18.0-2.niceosc5.x86_64.rpm d58c96ffde725c1f2568aaec2480e5c122cc7c9369423cdd95ca8ee5fb7edabb NCSA-2026-3F40D03388 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-69649, CVE-2025-69650

- Backport upstream readelf fix for CVE-2025-69649. - Triage CVE-2025-69650 as disputed/not affected for tagged binutils 2.45. - Keep binutils on the NiceOS 5.2 pinned 2.45 toolchain line; do not update to 2.46. 0 niceos-5.2-updates x86_64/binutils-2.45-2.niceosc5.x86_64.rpm 12a1c0a53fd557d3deef95608ce6c6b756665b2332b2a34a02e1189ecd6d1847 x86_64/binutils-devel-2.45-2.niceosc5.x86_64.rpm c5ac9ac12458f0c9751c2996ba24a598bf47222730f8d03d0e713560619a35e5 x86_64/binutils-libs-2.45-2.niceosc5.x86_64.rpm c419b8d696feaf7916688f31d1582cc75890d34fa50874e84882cf8e5c1545ae NCSA-2026-02444E07AD Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844, CVE-2025-62507

- EN: - Security fix: prevent data manipulation via injected \r\n sequences in error replies - RU: - Исправление уязвимости: предотвращение манипуляции данными через внедрение последовательностей \r\n в ответы об ошибках Fixed by updating Redis within the NiceOS 5.2 pinned 8.2.x series. Triage result: - CVE-2025-49844: fixed upstream in 8.2.2. - CVE-2025-46817: fixed upstream in 8.2.2. - CVE-2025-46818: fixed upstream in 8.2.2. - CVE-2025-46819: fixed upstream in 8.2.2. - CVE-2025-62507: fixed upstream in 8.2.3. NiceOS target is Redis 8.2.5 because it is the latest security update in the pinned 8.2.x series. 0 niceos-5.2-updates x86_64/redis-8.2.5-1.niceosc5.x86_64.rpm c7597a90a34d86f1cb8a54791968b2596c874e98ed0b027138b51b820ab2d023 NCSA-2026-EC7C8DE283 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-12474, CVE-2026-1837

- EN: Update jpegxl to 0.11.2 (CVE-2025-12474, CVE-2026-1837) - RU: Обновление jpegxl до версии 0.11.2 (CVE-2025-12474, CVE-2026-1837) 0 niceos-5.2-updates noarch/jpegxl-doc-0.11.2-1.niceosc5.noarch.rpm a204ad062ac0b05bd70ed2e9ad792c9852a71eac57abf474360bfd172c12cea9 NCSA-2026-91E5C3830A Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-35406

- EN: - Update aardvark-dns to 1.17.1 to fix CVE-2026-35406 (infinite loop on malformed TCP packets) - RU: - Обновление aardvark-dns до 1.17.1 для исправления CVE-2026-35406 (бесконечный цикл при получении некорректных TCP-пакетов) 0 niceos-5.2-updates x86_64/aardvark-dns-1.17.1-1.niceosc5.x86_64.rpm 7ddf3dc0b1ab37c427c71be60432f3990e2d18e3b3a997680710ef63eb13c82b x86_64/aardvark-dns-tests-1.17.1-1.niceosc5.x86_64.rpm ee5d142246fdfcb6776cc3a170afc3e10c11536bbbca7e99fac0e6cfb40410bf NCSA-2026-8ACD57DFB9 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-12474, CVE-2026-1837

- EN: Update jpegxl to 0.11.2 (CVE-2025-12474, CVE-2026-1837) - RU: Обновление jpegxl до версии 0.11.2 (CVE-2025-12474, CVE-2026-1837) 0 niceos-5.2-updates x86_64/jpegxl-0.11.2-1.niceosc5.x86_64.rpm d7b065c8909e60ba1ea75248b8d01844aacbb2697a510b57509146e1e9603716 x86_64/lib32-jpegxl-0.11.2-1.niceosc5.x86_64.rpm 88bf2be49200d437b79699c0d9529480f227c023241c95ddc99a98c6745013ea x86_64/libjxl-0.11.2-1.niceosc5.x86_64.rpm 6af8f94c6db1346738b66f5a1d50b4f7868cd3e60427a2f0112cd7e0a8db8993 x86_64/libjxl-devel-0.11.2-1.niceosc5.x86_64.rpm 3f9eb2d72a2fac060d6615c65e62aeba687029f9ecaa6a6133731d32e0d18353 x86_64/libjxl-devtools-0.11.2-1.niceosc5.x86_64.rpm 8ca64bce78289d862602627a2ca305ef1d6c0335f6d8f5c3270e1bfcbf2f7caf x86_64/libjxl-utils-0.11.2-1.niceosc5.x86_64.rpm 2c5a1a06764a6a0cf56e86ad7430c85e6c46bfab84d5baf69ed20e0e3475a31d NCSA-2026-697E17225E Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-32775, CVE-2026-40385, CVE-2026-40386

- EN: - Security fixes for CVE-2026-32775, CVE-2026-40385, CVE-2026-40386 in makernote handling plus new features - RU: - Исправления уязвимостей безопасности (CVE-2026-32775, CVE-2026-40385, CVE-2026-40386) и добавление новых функций 0 niceos-5.2-updates x86_64/lib32-libexif-0.6.26-1.niceosc5.x86_64.rpm 1242a24d2336538e711fc74a8abb3bfd2685ef8246c631ee400e7282b289f13f x86_64/libexif-0.6.26-1.niceosc5.x86_64.rpm 1e5d1edd78be323926e8beb85009ccf51e0b0183936cbba66af824ce1d046c2a x86_64/libexif-devel-0.6.26-1.niceosc5.x86_64.rpm 7ddf77aa1005223dcbc965d54e1902c4f53280ea89918f77999e7e8f3cbba182 x86_64/libexif-doc-0.6.26-1.niceosc5.x86_64.rpm 026b838a941b72956ced82af0cd834242fe3883ae33112046d5ffcdd28b3ab71 NCSA-2026-58D3A12ADC Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-35406

- EN: - Update aardvark-dns to 1.17.1 to fix CVE-2026-35406 (infinite loop on malformed TCP packets) - RU: - Обновление aardvark-dns до 1.17.1 для исправления CVE-2026-35406 (бесконечный цикл при получении некорректных TCP-пакетов) 0 niceos-5.2-updates src/aardvark-dns-1.17.1-1.niceosc5.src.rpm e76dfb9e21dbc0d2dbeec4b265efcbe6d83c945e0751144b24a1bb16c476cdd7 NCSA-2026-23438CB040 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-62408

- EN: - security update to 1.34.6 fixing CVE-2025-62408 (use-after-free in read_answers()) and various bugfixes - RU: - обновление безопасности до версии 1.34.6 с исправлением CVE-2025-62408 (use-after-free в read_answers()) и другими исправлениями ошибок 0 niceos-5.2-updates x86_64/c-ares-1.34.6-1.niceosc5.x86_64.rpm 55db6d309201628c912bd0f0dbe9220d290f89d5f052241f45034b1176b882a8 x86_64/c-ares-devel-1.34.6-1.niceosc5.x86_64.rpm e41b806ae9348d25fd75ecb7c3a48f5e2132bc985d8009762fd754765c5d0078 x86_64/lib32-c-ares-1.34.6-1.niceosc5.x86_64.rpm b74d52120bf54e9aed69f75294ec7b7e9f18c71a9a288fae17d6b5993943cf1a NCSA-2026-22A73B19DF Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2025-62408

- EN: - security update to 1.34.6 fixing CVE-2025-62408 (use-after-free in read_answers()) and various bugfixes - RU: - обновление безопасности до версии 1.34.6 с исправлением CVE-2025-62408 (use-after-free в read_answers()) и другими исправлениями ошибок 0 niceos-5.2-updates src/c-ares-1.34.6-1.niceosc5.src.rpm e7fdcedfd2877599418494dd6a83fde037a731ed0d63ec08433ad6023a39c4ff NCSA-2026-E762F603B9 Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-2673, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789, CVE-2026-31790

- OpenSSL 3.5.6 is a security patch release. CVE-2026-31790 CVE-2026-2673 CVE-2026-28387 CVE-2026-28388 CVE-2026-28389 CVE-2026-28390 CVE-2026-31789 0 niceos-5.2-updates x86_64/lib32-openssl-3.5.6-1.niceosc5.x86_64.rpm ba7f3fbb1842609cf6838d5fa4218fdd313772dd1bf9831158745f7bbd3049ca x86_64/openssl-3.5.6-1.niceosc5.x86_64.rpm c9ce825e9612f2ccc2c059d64cb6b56a917e2cecf9e233c0f9f2a3f4d76f07fb x86_64/openssl-c_rehash-3.5.6-1.niceosc5.x86_64.rpm fb3aa81c22804b2bbf628841fc36eb8bdecc668216ea03adcd8ce9c50461812f x86_64/openssl-devel-3.5.6-1.niceosc5.x86_64.rpm 825e4901fb115251b313fd2a92cf85b54412beaf1cc709b5895b2f518bf87b99 x86_64/openssl-docs-3.5.6-1.niceosc5.x86_64.rpm 62394ff16e7447155c7f88fd60fac4888479c30427e15731714c541a9ef7cf9d x86_64/openssl-libs-3.5.6-1.niceosc5.x86_64.rpm 96eeaa173e39cf01a072cd02e48694b5b365169b1b44fe1ca3567a27447df2d5 x86_64/openssl-perl-3.5.6-1.niceosc5.x86_64.rpm d9f2780ddf63547b0ed7919dbff3084014d12ccd587d2ed943826a9ea85ac93b NCSA-2026-6872E81C8A Copyright (C) NiceSOFT LLC. Generated from NiceOS RPM changelogs. NiceOS Moderate

Security fixes for CVE-2026-24061

- CVE-2026-24061 0 niceos-5.2-updates x86_64/inetutils-2.6-2.niceosc5.x86_64.rpm a690749c457976525f8457cc9156878051c2f8c9c54d7e18f38995432d375b2e