osbuild-composer-101.4-3.el8_10.ML.1
エラータID: AXSA:2026-175:03
リリース日:
2026/02/13 Friday - 17:24
題名:
osbuild-composer-101.4-3.el8_10.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Golang の crypto/x509 ライブラリには、ループ内で過剰にプラット
フォームリソースを消費してしまう問題があるため、リモートの攻撃者
により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2025-61729)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-61729
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
追加情報:
N/A
ダウンロード:
SRPMS
- osbuild-composer-101.4-3.el8_10.ML.1.src.rpm
MD5: 740f0f5b5d39dff27bb63ffd2247e3a2
SHA-256: 8995393ec3b70c6de554203719f4d7607eba719023c439312349db9c04249be6
Size: 130.08 MB
Asianux Server 8 for x86_64
- osbuild-composer-101.4-3.el8_10.ML.1.x86_64.rpm
MD5: 0606e3d3b2366a6d96f47c2334c21a65
SHA-256: e8fb3c1c4d39b2e95bfd879b72227c21a7cc2532bd30de7c1ec76d9fd3c2b817
Size: 23.51 kB - osbuild-composer-core-101.4-3.el8_10.ML.1.x86_64.rpm
MD5: ad7e3c59f09faef965d7b88b7c9d7f8e
SHA-256: f02037de12d6e93c0181a6d66b8b4bb1876a2e78906551314e1f6700a4fa685e
Size: 10.98 MB - osbuild-composer-worker-101.4-3.el8_10.ML.1.x86_64.rpm
MD5: 7e705de37376ea9cedc5dc651c14bf1e
SHA-256: 20d353a5cef239b83a328c74c8e46ed62addd1cd1741c64b3d86c1c55d28f389
Size: 19.49 MB
English