Release date:
2026-03-12 18:41:14 UTC
Description:
- rebuild with newer golang version 1.22.9-1.el9_2.tuxcare.els6 to fix the following CVEs
- CVE-2025-61729: fix excessive resource consumption when constructing hostname
error messages for certificates with many SANs
- CVE-2025-61728: reduce CPU usage in index construction
- CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory
consumption during form parsing
- CVE-2025-68121: fix TLS session resumption bypass by preventing shared
auto-rotated ticket keys in Config and validating full certificate chain expiry
Updated packages:
-
osbuild-composer-76-2.el9_2.2.alma.tuxcare.els2.x86_64.rpm
sha:fc82dbb413892d9f25f245077ab88e711e17bcaafb265ea99c3c882d9a35172e
-
osbuild-composer-core-76-2.el9_2.2.alma.tuxcare.els2.x86_64.rpm
sha:47112bbb6818eb8f634a91c90373b376d3183dc6084ee0c82b92c0401edbf4bb
-
osbuild-composer-dnf-json-76-2.el9_2.2.alma.tuxcare.els2.x86_64.rpm
sha:2971f85779ccbffb3d4c0fcdad301d583f58f623d778edfd81ca6f22541ff11b
-
osbuild-composer-tests-76-2.el9_2.2.alma.tuxcare.els2.x86_64.rpm
sha:453f3a34b2563e6405557676cce2faf764270cab9110a7f92e95c4cacd46218f
-
osbuild-composer-worker-76-2.el9_2.2.alma.tuxcare.els2.x86_64.rpm
sha:4fac77d85a14508c80a4bef8ffced04f39bda44c714b84b06f7caaecd81d99da
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
