buildah-1.39.4-2.el9_6

エラータID: AXSA:2025-10547:03

リリース日: 
2025/07/22 Tuesday - 18:13
題名: 
buildah-1.39.4-2.el9_6
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

Security Fix(es):

* net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

解決策: 

Update packages.

CVE: 
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. buildah-1.39.4-2.el9_6.src.rpm
    MD5: 98989db1f7805f300135430a718efab5
    SHA-256: 0ff488092c396c442ce0a5870dc1b80ff865d16be0fccaea6a1cf7a4e5703787
    Size: 17.60 MB

Asianux Server 9 for x86_64
  1. buildah-1.39.4-2.el9_6.x86_64.rpm
    MD5: 135cf8d1aa6b01b47482d9d5f87e5b09
    SHA-256: 91db6f156f207846b2209ea32228409be9f09983217409cf59c05ef5bcce18a3
    Size: 11.08 MB
  2. buildah-tests-1.39.4-2.el9_6.x86_64.rpm
    MD5: 3675470ae3273246a2c501b41a5b0527
    SHA-256: 8d1206e835c1d026c4608a116423414925be21e3867be635a8630cd2e69d2e03
    Size: 34.98 MB