stable

openbao-2.5.3-1.el8

FEDORA-EPEL-2026-fb3934bee2 created by dwd 4 weeks ago for Fedora EPEL 8

Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264

This update has been submitted for testing by dwd.

4 weeks ago

This update's test gating status has been changed to 'ignored'.

4 weeks ago

dwd edited this update.

4 weeks ago

This update has been pushed to testing.

3 weeks ago

This update has been submitted for stable by bodhi.

2 weeks ago

This update has been pushed to stable.

2 weeks ago

Please log in to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 weeks ago
in testing
3 weeks ago
in stable
2 weeks ago
modified
4 weeks ago
approved
2 weeks ago
Builds
1
openbao-2.5.3-1.el8
BZ#2455614 CVE-2026-34986 openbao: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object [epel-all]
0
0
BZ#2459846 openbao-2.5.3 is available
0
0
BZ#2460056 CVE-2026-39388 openbao: OpenBao: Token renewal vulnerability via incorrect certificate matching in Certificate authentication. [epel-all]
0
0
BZ#2460058 CVE-2026-39396 openbao: OpenBao: Denial of Service via decompression bomb in OCI plugin extraction [epel-all]
0
0
BZ#2460060 CVE-2026-40264 openbao: OpenBao: Unauthorized token management by privileged administrator [epel-all]
0
0
openbao-2.5.3-1.el8

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 26.4.0 on bodhi-web-987666886-brf65.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy