[CLSA-2026:1783340505] jq: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-06 12:22:08 UTC
Description:
- CVE-2026-49839: break out of the raw file load loop when jv_string_append_buf returns an invalid value to prevent a heap-buffer-overflow
Updated packages:
  • jq-1.6-14.el9_2.tuxcare.els9.i686.rpm
    sha:5f93fbc35ef7f7255c121b6286d1ae08ebad8f9d3cb4820698c22fdfd09b974f
  • jq-1.6-14.el9_2.tuxcare.els9.x86_64.rpm
    sha:f16da55ca20c49acf03fe278a569f91c570605f8df0021d8f133dd453d2005a1
  • jq-devel-1.6-14.el9_2.tuxcare.els9.i686.rpm
    sha:5a12b2d05e30c25629569c4fcde6045a2e23cd5a3b8bc62479f631d55a198c1d
  • jq-devel-1.6-14.el9_2.tuxcare.els9.x86_64.rpm
    sha:82a88220ecb5ec0ca42da000c709e588495ba42b52e9763ca8f425aeacdebce3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.