Important: yggdrasil security update

Important: git-lfs security update

Important: git-lfs security update

Important: git-lfs security update

ELSA-2026-16875: git-lfs security update (IMPORTANT)

Important: image-builder security update

Important: image-builder security update

Important: opentelemetry-collector security update

Important: opentelemetry-collector security update

Important: osbuild-composer security update

Important: osbuild-composer security update

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls

If one side of the TLS connection sends multiple key update messages p ...

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

Incorrect parsing of IPv6 host literals in net/url