Release date:
2026-03-02 15:31:37 UTC
Description:
- rebuild with newer golang version 1.25.7-1.el9_6.tuxcare.els1 to fix the following CVEs
- CVE-2025-68121: fix TLS session resumption bypass by preventing shared
auto-rotated ticket keys in Config and validating full certificate chain expiry
- CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory
consumption during form parsing
- CVE-2025-61728: fix denial-of-service in archive/zip by replacing super-linear
index construction with an efficient algorithm
- CVE-2025-61729: fix excessive resource consumption when constructing hostname
error messages for certificates with many SANs
Updated packages:
-
podman-5.4.0-13.el9_6.tuxcare.els3.x86_64.rpm
sha:9d8e1f366547b32f038bb65f03a0fb83d99ffa176644769e20a2e2152b12f6f3
-
podman-docker-5.4.0-13.el9_6.tuxcare.els3.noarch.rpm
sha:223eb5311a460d2f5412ae0be64a2d6d6517865e41f14bd9ad9cf05e400c7de5
-
podman-plugins-5.4.0-13.el9_6.tuxcare.els3.x86_64.rpm
sha:a554108b0a8f1c8462966b533ca147ae0913706e45f88693495b2fb3831f5337
-
podman-remote-5.4.0-13.el9_6.tuxcare.els3.x86_64.rpm
sha:5343f57566ac9bfe0ebd0bfcd8cf5ab579daa2e39066932bbc152b6830f4cfb3
-
podman-tests-5.4.0-13.el9_6.tuxcare.els3.x86_64.rpm
sha:8895a956330ddf23523c2f8717190f1abb142fd1b4ab692f7fd265343ffea587
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
