Stay Connected:

ELSA-2025-10618

ELSA-2025-10618 - jq security update

Type:SECURITY
Impact:MODERATE
Release Date:2025-07-08

Description


[1.6-11]
- Fix CVE-2025-48060 AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
- Resolves: RHEL-92987

[1.6-10]
- Fix CVE-2024-23337 jq has signed integer overflow in jv.c:jvp_array_write
- Resolves: RHEL-92968


Related CVEs


CVE-2024-23337
CVE-2025-48060

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) jq-1.6-11.el8_10.src.rpmeaafa47e3d3981a3750083e8bea5e3bd4039e0934d79e1c572c3682c64d1365e-ol8_aarch64_appstream
jq-1.6-11.el8_10.src.rpmeaafa47e3d3981a3750083e8bea5e3bd4039e0934d79e1c572c3682c64d1365e-ol8_aarch64_codeready_builder
jq-1.6-11.el8_10.aarch64.rpm306ca74b92a5d1a80aa69b7fb06475aba02d77d1da54e1202630b963c262f002-ol8_aarch64_appstream
jq-devel-1.6-11.el8_10.aarch64.rpmee1695cef50c10c3b7c6dc957084cf41741a57bd1ad43ae5df9f8695efc821fa-ol8_aarch64_codeready_builder
Oracle Linux 8 (x86_64) jq-1.6-11.el8_10.src.rpmeaafa47e3d3981a3750083e8bea5e3bd4039e0934d79e1c572c3682c64d1365e-ol8_x86_64_appstream
jq-1.6-11.el8_10.src.rpmeaafa47e3d3981a3750083e8bea5e3bd4039e0934d79e1c572c3682c64d1365e-ol8_x86_64_codeready_builder
jq-1.6-11.el8_10.i686.rpm7463ed3d313e3ca043b661c284d29b817066d24bc4840d797dcb02ab78afa988-ol8_x86_64_appstream
jq-1.6-11.el8_10.x86_64.rpm3b6ad281a2147f3d419a9aabfc6989a945c8c48a73556abf8dab0254d932efb1-ol8_x86_64_appstream
jq-devel-1.6-11.el8_10.i686.rpmefaf43d6aace0e7682e6b493cb5c013200de17782c058c1af5ad683bfe575494-ol8_x86_64_codeready_builder
jq-devel-1.6-11.el8_10.x86_64.rpmabd5d47ae99e5adb170daeed67450c3a0d2150cac803eba613ee23ca1e3a432c-ol8_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights