Release date:
2026-03-04 10:34:05 UTC
Description:
- rebuild with newer golang version 1.25.7-1.el9_6.tuxcare.els1 to fix the following CVEs
- CVE-2025-68121: fix TLS session resumption bypass by preventing shared
auto-rotated ticket keys in Config and validating full certificate chain expiry
- CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory
consumption during form parsing
- CVE-2025-61729: fix excessive resource consumption when constructing hostname
error messages for certificates with many SANs
Updated packages:
-
skopeo-1.18.1-2.el9_6.tuxcare.els1.x86_64.rpm
sha:f30751a204a6e1f95d8be63f5175e1db4a9ef1851c24842db084a9afdb7be2ab
-
skopeo-tests-1.18.1-2.el9_6.tuxcare.els1.x86_64.rpm
sha:2073b3f85b325be94990699f212ed020649c03a35a009e8e2d6232828286b9de
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
