Synopsis
Moderate: opentelemetry-collector security update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Collector with the supported components for a Red Hat build of OpenTelemetry
Security Fix(es):
- net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
Fixes
-
BZ - 2358493
- CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| x86_64 |
|
opentelemetry-collector-0.127.0-1.el10_0.x86_64.rpm
|
SHA-256: 4d964ae8d151e7b6be2c90439e1a87ebc9a0252dd7d720138d200263dde00cda |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| x86_64 |
|
opentelemetry-collector-0.127.0-1.el10_0.x86_64.rpm
|
SHA-256: 4d964ae8d151e7b6be2c90439e1a87ebc9a0252dd7d720138d200263dde00cda |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| s390x |
|
opentelemetry-collector-0.127.0-1.el10_0.s390x.rpm
|
SHA-256: 94b1bcaeebc48c86dad49fb302ab68ec7fe9b638f90cdb4c8ed905e68b3659e3 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| s390x |
|
opentelemetry-collector-0.127.0-1.el10_0.s390x.rpm
|
SHA-256: 94b1bcaeebc48c86dad49fb302ab68ec7fe9b638f90cdb4c8ed905e68b3659e3 |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| ppc64le |
|
opentelemetry-collector-0.127.0-1.el10_0.ppc64le.rpm
|
SHA-256: 49aff345fcecfcd5ae65bfb7ed42d85564f22b10833469243184b1d80a276d94 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| ppc64le |
|
opentelemetry-collector-0.127.0-1.el10_0.ppc64le.rpm
|
SHA-256: 49aff345fcecfcd5ae65bfb7ed42d85564f22b10833469243184b1d80a276d94 |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| aarch64 |
|
opentelemetry-collector-0.127.0-1.el10_0.aarch64.rpm
|
SHA-256: c92639a6e48eef75bc55aadf0548257907a864fdbfb9b63ec69e43d0b6b72b51 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| aarch64 |
|
opentelemetry-collector-0.127.0-1.el10_0.aarch64.rpm
|
SHA-256: c92639a6e48eef75bc55aadf0548257907a864fdbfb9b63ec69e43d0b6b72b51 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| aarch64 |
|
opentelemetry-collector-0.127.0-1.el10_0.aarch64.rpm
|
SHA-256: c92639a6e48eef75bc55aadf0548257907a864fdbfb9b63ec69e43d0b6b72b51 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| s390x |
|
opentelemetry-collector-0.127.0-1.el10_0.s390x.rpm
|
SHA-256: 94b1bcaeebc48c86dad49fb302ab68ec7fe9b638f90cdb4c8ed905e68b3659e3 |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| ppc64le |
|
opentelemetry-collector-0.127.0-1.el10_0.ppc64le.rpm
|
SHA-256: 49aff345fcecfcd5ae65bfb7ed42d85564f22b10833469243184b1d80a276d94 |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0
| SRPM |
|
opentelemetry-collector-0.127.0-1.el10_0.src.rpm
|
SHA-256: 4e8e34ff340f9fd3fe5e95b5e4ca937b448f2bca3382eff2376ff4ced005469f |
| x86_64 |
|
opentelemetry-collector-0.127.0-1.el10_0.x86_64.rpm
|
SHA-256: 4d964ae8d151e7b6be2c90439e1a87ebc9a0252dd7d720138d200263dde00cda |
