Stay Connected:

ELSA-2026-16692

ELSA-2026-16692 - jq security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-05-13

Description


[1.7.1-13]
- Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing
hash collisions

[1.7.1-12]
- Fix CVE-2026-39979 out-of-bounds read in jv_parse_sized()


Related CVEs


CVE-2026-39979
CVE-2026-40164

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 10 (aarch64) jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_aarch64_baseos_latest
jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_aarch64_codeready_builder
jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_aarch64_u1_baseos_patch
jq-1.7.1-11.el10_1.0.2.aarch64.rpm873ff6cafd183185c1a946c810fef639bf0cf8c0f113bef34e397bc786b7ac40-ol10_aarch64_baseos_latest
jq-1.7.1-11.el10_1.0.2.aarch64.rpm873ff6cafd183185c1a946c810fef639bf0cf8c0f113bef34e397bc786b7ac40-ol10_aarch64_u1_baseos_patch
jq-devel-1.7.1-11.el10_1.0.2.aarch64.rpmea7030355ba8be57bb35398b0a7c84789e968e26442ecfa1909e3b2fc24d6d48-ol10_aarch64_codeready_builder
Oracle Linux 10 (x86_64) jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_x86_64_baseos_latest
jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_x86_64_codeready_builder
jq-1.7.1-11.el10_1.0.2.src.rpm273cfdb002331a39d4b22633e2fea00e04d86e95ba47116917c4892ead661046-ol10_x86_64_u1_baseos_patch
jq-1.7.1-11.el10_1.0.2.x86_64.rpm9a7bcc4908d3635a756d89839e4578bdfe37420741464283df835260b7dd4299-ol10_x86_64_baseos_latest
jq-1.7.1-11.el10_1.0.2.x86_64.rpm9a7bcc4908d3635a756d89839e4578bdfe37420741464283df835260b7dd4299-ol10_x86_64_u1_baseos_patch
jq-devel-1.7.1-11.el10_1.0.2.x86_64.rpme05a7bf2071b3e14f446e54cc73d0e1ab1803c71aaad0c87684aba4d6fb1805c-ol10_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights