osbuild-composer-101.4-5.el8_10.ML.1
エラータID: AXSA:2026-508:07
Release date:
Tuesday, April 28, 2026 - 13:54
Subject:
osbuild-composer-101.4-5.el8_10.ML.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.
Security Fix(es):
* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-25679
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
Solution:
Update packages.
CVEs:
CVE-2026-25679
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
Additional Info:
N/A
Download:
SRPMS
- osbuild-composer-101.4-5.el8_10.ML.1.src.rpm
MD5: dddbaeaa747dbf314cb4819e73318220
SHA-256: 0771ec0fc5791d3dff86d88db835857ebfeda0745c33cc80dcfc5474081b7a60
Size: 130.08 MB
Asianux Server 8 for x86_64
- osbuild-composer-101.4-5.el8_10.ML.1.x86_64.rpm
MD5: 2b716511169dabe5665084dab9a229a6
SHA-256: 8b1596e5c18a0f92868e7def8896f14b8139c137210e052ab95d006c82bd6400
Size: 23.84 kB - osbuild-composer-core-101.4-5.el8_10.ML.1.x86_64.rpm
MD5: f800570feb6e68a0fcdf480010a84a1a
SHA-256: de9c0102ef177601008d45da9917cd5992a9fb7d7dd55046283a0cdc949dccb3
Size: 10.98 MB - osbuild-composer-worker-101.4-5.el8_10.ML.1.x86_64.rpm
MD5: d96b819aa25d05a5511774c60cbcfa75
SHA-256: 5b02bbb44868d54679bebcafbd400a55635667f990bd4c89a6ae8fd1a9cc89bd
Size: 19.50 MB