Описание
ELSA-2025-9149: skopeo security update (MODERATE)
[1:1.18.1-2]
- Fix bats dep on tests subpackage
- Resolves: RHEL-58990
- Rebuild on new golang to fix CVE-2025-22871
[1:1.18.1-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.18 (https://github.com/containers/skopeo/commit/bfd0850)
- fixes 'CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-10.1]'
- Resolves: RHEL-80611
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
skopeo
1.18.1-2.el10_0
skopeo-tests
1.18.1-2.el10_0
Oracle Linux x86_64
skopeo
1.18.1-2.el10_0
skopeo-tests
1.18.1-2.el10_0
Связанные CVE
Связанные уязвимости
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator ...