osbuild-composer-132.2-2.el9_6.ML.1
エラータID: AXSA:2025-10647:06
A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.
Security Fix(es):
* net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Update packages.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
N/A
SRPMS
- osbuild-composer-132.2-2.el9_6.ML.1.src.rpm
MD5: e592bf32647939537b3fd595b4f03fca
SHA-256: 5c3d2d5c88bdee0d0e0266ec6c9dcf46576d055bff6665b2b195717a471250b2
Size: 62.84 MB
Asianux Server 9 for x86_64
- osbuild-composer-132.2-2.el9_6.ML.1.x86_64.rpm
MD5: 6701429fe221c08b8f95a9bfb6e6c14d
SHA-256: 013ddde2e608703703b70494f00d1fb4557282579a23dc3db774851f168e5e73
Size: 21.65 kB - osbuild-composer-core-132.2-2.el9_6.ML.1.x86_64.rpm
MD5: a0f768aef9338aed2d7d0b3d8ba2947b
SHA-256: 133a8aaa44fd17d142daa5abe5d24fe7634941651501ff8921eb71f4e95d2bc9
Size: 14.70 MB - osbuild-composer-worker-132.2-2.el9_6.ML.1.x86_64.rpm
MD5: 3f8a93dca82049acf4fc431a136be05e
SHA-256: 2f597b42f57274fd4d4e90fc49fb557490a7ed27a6b739c2aa266ce3dfe8ad23
Size: 26.19 MB
日本語