v2026.6.1 - CVE-2026-31431 Mitigation

Small update this morning to deal with the recent CVE release. To our knowledge, Midsummer had no way to execute this vulnerability from userland, so the impact to us is very minimal, if any at all.

In a nutshell

  • Elsewhere [Security] - Upgraded container base to trixie latest, patching copy.fail vulnerability. Upgraded Python to 3.14. Upgraded Node to 24.x (Latest)
  • Elsewhere [Infrastructure] - All Kubernetes systems have been patched and upgraded to 1.35 latest patch

Additional Reading

https://copy.fail/
https://www.cve.org/CVERecord?id=CVE-2026-31431
https://xint.io/blog/copy-fail-linux-distributions

Share
Yuukari

Yuukari

Midsummer Creator