Release date:
2026-03-02 12:44:13 UTC
Description:
- rebuild with newer golang version 1.22.9-1.el9_2.tuxcare.els6 to fix the following CVE's
- CVE-2025-68121: fix TLS session resumption bypass by preventing shared
auto-rotated ticket keys in Config and validating full certificate chain expiry
- CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory
consumption during form parsing
- CVE-2025-61729: fix excessive resource consumption when constructing hostname
error messages for certificates with many SANs
Updated packages:
-
buildah-1.39.6-1.el9_2.tuxcare.els5.x86_64.rpm
sha:0d3521e774c6c5bc27fe5b582debb6ef423c032ac5649a95f7931ff734c215a5
-
buildah-tests-1.39.6-1.el9_2.tuxcare.els5.x86_64.rpm
sha:8dfbb7483050817afde6e707b7a13034cf828f06cd2513221851679fb3bde3b3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
