containernetworking-plugins-1.6.2-2.el9_6

エラータID: AXSA:2025-10544:02

Release date: 
Tuesday, July 22, 2025 - 17:39
Subject: 
containernetworking-plugins-1.6.2-2.el9_6
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

Security Fix(es):

* net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

Solution: 

Update packages.

CVEs: 
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Additional Info: 

N/A

Download: 

SRPMS
  1. containernetworking-plugins-1.6.2-2.el9_6.src.rpm
    MD5: 955af8424e9ca3b18e3d2d8ff7431ed2
    SHA-256: 5eef3cbddb928bb9c018c4d6accf86c47a77bfadcb067aed77960a0074c0db0c
    Size: 3.60 MB

Asianux Server 9 for x86_64
  1. containernetworking-plugins-1.6.2-2.el9_6.x86_64.rpm
    MD5: bff48d1de906e194dfca35a610e586e4
    SHA-256: 51b736ffc9521b4bccfe089ae8ebc1441c7a2386c2e4b055d61a2714718b2b84
    Size: 11.09 MB