Red Hat Product Errata RHSA-2025:9017 - Security Advisory
Issued:
2025-06-12
Updated:
2025-06-12

RHSA-2025:9017 - Security Advisory

Synopsis

Moderate: buildah security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for buildah is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

Security Fix(es):

  • net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2358493 - CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
buildah-1.29.5-1.el9_2.1.src.rpm SHA-256: 521d71f6a5b249097bb8585dc22cff4fb1d9d5911eae7921655b1c869bfe1c1f
x86_64
buildah-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 3d82bcc07830c6271494db4619ce196ba19f305ecd6d3fcef3119a038b12851c
buildah-debuginfo-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 202ef5033fb1620976dd125823608d70e331c685bf82f41c14b3f00e486f5432
buildah-debugsource-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: d68f98d8f883974e84393e3192e4ce5d1cfb181867173782f91623f93b0268c8
buildah-tests-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 97b299960963c09358f6315ca8a84c383bfba8cea06d33fc2d65c90c6c21032d
buildah-tests-debuginfo-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 2f4283a259e9263c196862e1301441ea8469dc673fc9efb86602143aea9ef387

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.5-1.el9_2.1.src.rpm SHA-256: 521d71f6a5b249097bb8585dc22cff4fb1d9d5911eae7921655b1c869bfe1c1f
ppc64le
buildah-1.29.5-1.el9_2.1.ppc64le.rpm SHA-256: 7eee30892191261d98fc3c31cf85361cef01de25a6b05fba54ad6256c52d7d65
buildah-debuginfo-1.29.5-1.el9_2.1.ppc64le.rpm SHA-256: 669fc17c6f347ff82efe2531dc91ae38c846c62703e76384e98d1dc1bf8b586c
buildah-debugsource-1.29.5-1.el9_2.1.ppc64le.rpm SHA-256: ace7597ae9e067790239018f8e5a2ae68970df26c2a6d5c6272e4e5a2d120822
buildah-tests-1.29.5-1.el9_2.1.ppc64le.rpm SHA-256: e75631abee7670939bc938d182492a52ee59b3ade65c653ff2ccf79a067341ca
buildah-tests-debuginfo-1.29.5-1.el9_2.1.ppc64le.rpm SHA-256: 568886bba311d72a6dc833e06a1573e4e7c4ced2a9d84518f7684c21988ce084

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.5-1.el9_2.1.src.rpm SHA-256: 521d71f6a5b249097bb8585dc22cff4fb1d9d5911eae7921655b1c869bfe1c1f
x86_64
buildah-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 3d82bcc07830c6271494db4619ce196ba19f305ecd6d3fcef3119a038b12851c
buildah-debuginfo-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 202ef5033fb1620976dd125823608d70e331c685bf82f41c14b3f00e486f5432
buildah-debugsource-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: d68f98d8f883974e84393e3192e4ce5d1cfb181867173782f91623f93b0268c8
buildah-tests-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 97b299960963c09358f6315ca8a84c383bfba8cea06d33fc2d65c90c6c21032d
buildah-tests-debuginfo-1.29.5-1.el9_2.1.x86_64.rpm SHA-256: 2f4283a259e9263c196862e1301441ea8469dc673fc9efb86602143aea9ef387

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
buildah-1.29.5-1.el9_2.1.src.rpm SHA-256: 521d71f6a5b249097bb8585dc22cff4fb1d9d5911eae7921655b1c869bfe1c1f
aarch64
buildah-1.29.5-1.el9_2.1.aarch64.rpm SHA-256: 722d3979107de336ebb49bcebefad9025ef17b489dbb8ae57287eb7f94e7df0a
buildah-debuginfo-1.29.5-1.el9_2.1.aarch64.rpm SHA-256: cafab669e5a709a8dea652874b40c6bd6bd27f4f09fe1ed61d373a33d7f0940a
buildah-debugsource-1.29.5-1.el9_2.1.aarch64.rpm SHA-256: 30915711f8ebf0c84c0542fec445c654edd8164ea0a18507eb1910780bb9530d
buildah-tests-1.29.5-1.el9_2.1.aarch64.rpm SHA-256: 13a08c6bde2f7ba5e2a210a95e61228511d7b346b8c06c97f3c95a4e5ab8d06e
buildah-tests-debuginfo-1.29.5-1.el9_2.1.aarch64.rpm SHA-256: 6cd47113cffdc90c468274db8705e6681ed868f9bb52d2fea1680f2231df83ee

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
buildah-1.29.5-1.el9_2.1.src.rpm SHA-256: 521d71f6a5b249097bb8585dc22cff4fb1d9d5911eae7921655b1c869bfe1c1f
s390x
buildah-1.29.5-1.el9_2.1.s390x.rpm SHA-256: c15a037f50d647731fbe6e2f194b7d018c30fc8b9a50a254355172f2d8e0c019
buildah-debuginfo-1.29.5-1.el9_2.1.s390x.rpm SHA-256: ecb3fc3e6b84c8050a1c42537ae36fd0b0d4afc9fda0d5dc522ba3e48ca47c16
buildah-debugsource-1.29.5-1.el9_2.1.s390x.rpm SHA-256: 907a0e22f935ffaf866c8d74122421d3a27a440f7c5f37c4aca84047a5505580
buildah-tests-1.29.5-1.el9_2.1.s390x.rpm SHA-256: 884c374dcc7102641cf78372914aa5f02777d1b4bde57e68791161efe65f3058
buildah-tests-debuginfo-1.29.5-1.el9_2.1.s390x.rpm SHA-256: 8a597456f055be4ceb582722390d9d42b633d9ca33677267d9b50b4d912f713b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.