Synopsis
Moderate: weldr-client security update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for weldr-client is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Command line utility to control osbuild-composer
Security Fix(es):
- net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
Fixes
-
BZ - 2358493
- CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| x86_64 |
|
weldr-client-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 674f3e20d1218b20baa01410ba9846aee34106d451bd9ce1f091899e16045cb9 |
|
weldr-client-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: a113ab9df7ad74000352f4374ff3f0f3d1764e36f3601998b59404f20d5b1b9f |
|
weldr-client-debugsource-35.12-3.el9_4.x86_64.rpm
|
SHA-256: f9ed333160b75ab7e392f7dd7c4be0992aca1a3e0cb1e9e710401cf46c80c980 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 98c2e648ba780bee6a70a7ea2a3e92bc9baf2adb24257e5634adb98105d0c823 |
Red Hat Enterprise Linux Server - AUS 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| x86_64 |
|
weldr-client-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 674f3e20d1218b20baa01410ba9846aee34106d451bd9ce1f091899e16045cb9 |
|
weldr-client-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: a113ab9df7ad74000352f4374ff3f0f3d1764e36f3601998b59404f20d5b1b9f |
|
weldr-client-debugsource-35.12-3.el9_4.x86_64.rpm
|
SHA-256: f9ed333160b75ab7e392f7dd7c4be0992aca1a3e0cb1e9e710401cf46c80c980 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 98c2e648ba780bee6a70a7ea2a3e92bc9baf2adb24257e5634adb98105d0c823 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| s390x |
|
weldr-client-35.12-3.el9_4.s390x.rpm
|
SHA-256: f8eb86e16262f9c4bb95bbd68a2daf8639c4def747c36d77bf755f7990203c6f |
|
weldr-client-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: 40529eff804b1c6f282eae6bc791bf1a9511ba2408d5f5bcbe7d8b9263e2df5a |
|
weldr-client-debugsource-35.12-3.el9_4.s390x.rpm
|
SHA-256: c03ea40a2a71fdba2cf0aec8a1f8e491bc26e4ebc28b253bc9900d8ff0308ff1 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: a1e23f01c51e266024bd14ae112484174461b0af7668b4623bea594505f11dc2 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| ppc64le |
|
weldr-client-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: e77ca95d389117c00aa51ffbe80db13451d7510b5a87e43e33668c37b471c3d7 |
|
weldr-client-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 995641d22837cb3bea9e3d296c52b39ecf6ec18053fa8f131de0c7f5e2c32f22 |
|
weldr-client-debugsource-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 9dde4241e978535b124e64ff098cfc88f204ad181e8c75d2d5312acdf4fef5ee |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: d38afaa1132f016b3ed0759db4b8d071e2a6131890aeb6cc984be887f4163857 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| aarch64 |
|
weldr-client-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 2d1a841e9a713fb4b83d580151fb9e0e945dd34fadfaec08e1b0d0e62cae6f71 |
|
weldr-client-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: a71d5ef6d945792d29e4c4a4126e033023483b1d6a047c995c95211194677031 |
|
weldr-client-debugsource-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 9bb316a8ca691dc0ccec57add22838bef936b374d4c79c1c819f20e6314463ef |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 84ec6510f9242bbffaab9928ae5aee0c7d4206906ec528b51f626a48b8e5172b |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| ppc64le |
|
weldr-client-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: e77ca95d389117c00aa51ffbe80db13451d7510b5a87e43e33668c37b471c3d7 |
|
weldr-client-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 995641d22837cb3bea9e3d296c52b39ecf6ec18053fa8f131de0c7f5e2c32f22 |
|
weldr-client-debugsource-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 9dde4241e978535b124e64ff098cfc88f204ad181e8c75d2d5312acdf4fef5ee |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: d38afaa1132f016b3ed0759db4b8d071e2a6131890aeb6cc984be887f4163857 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| x86_64 |
|
weldr-client-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 674f3e20d1218b20baa01410ba9846aee34106d451bd9ce1f091899e16045cb9 |
|
weldr-client-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: a113ab9df7ad74000352f4374ff3f0f3d1764e36f3601998b59404f20d5b1b9f |
|
weldr-client-debugsource-35.12-3.el9_4.x86_64.rpm
|
SHA-256: f9ed333160b75ab7e392f7dd7c4be0992aca1a3e0cb1e9e710401cf46c80c980 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 98c2e648ba780bee6a70a7ea2a3e92bc9baf2adb24257e5634adb98105d0c823 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| aarch64 |
|
weldr-client-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 2d1a841e9a713fb4b83d580151fb9e0e945dd34fadfaec08e1b0d0e62cae6f71 |
|
weldr-client-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: a71d5ef6d945792d29e4c4a4126e033023483b1d6a047c995c95211194677031 |
|
weldr-client-debugsource-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 9bb316a8ca691dc0ccec57add22838bef936b374d4c79c1c819f20e6314463ef |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 84ec6510f9242bbffaab9928ae5aee0c7d4206906ec528b51f626a48b8e5172b |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| s390x |
|
weldr-client-35.12-3.el9_4.s390x.rpm
|
SHA-256: f8eb86e16262f9c4bb95bbd68a2daf8639c4def747c36d77bf755f7990203c6f |
|
weldr-client-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: 40529eff804b1c6f282eae6bc791bf1a9511ba2408d5f5bcbe7d8b9263e2df5a |
|
weldr-client-debugsource-35.12-3.el9_4.s390x.rpm
|
SHA-256: c03ea40a2a71fdba2cf0aec8a1f8e491bc26e4ebc28b253bc9900d8ff0308ff1 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: a1e23f01c51e266024bd14ae112484174461b0af7668b4623bea594505f11dc2 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| x86_64 |
|
weldr-client-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 674f3e20d1218b20baa01410ba9846aee34106d451bd9ce1f091899e16045cb9 |
|
weldr-client-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: a113ab9df7ad74000352f4374ff3f0f3d1764e36f3601998b59404f20d5b1b9f |
|
weldr-client-debugsource-35.12-3.el9_4.x86_64.rpm
|
SHA-256: f9ed333160b75ab7e392f7dd7c4be0992aca1a3e0cb1e9e710401cf46c80c980 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.x86_64.rpm
|
SHA-256: 98c2e648ba780bee6a70a7ea2a3e92bc9baf2adb24257e5634adb98105d0c823 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| aarch64 |
|
weldr-client-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 2d1a841e9a713fb4b83d580151fb9e0e945dd34fadfaec08e1b0d0e62cae6f71 |
|
weldr-client-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: a71d5ef6d945792d29e4c4a4126e033023483b1d6a047c995c95211194677031 |
|
weldr-client-debugsource-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 9bb316a8ca691dc0ccec57add22838bef936b374d4c79c1c819f20e6314463ef |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.aarch64.rpm
|
SHA-256: 84ec6510f9242bbffaab9928ae5aee0c7d4206906ec528b51f626a48b8e5172b |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| ppc64le |
|
weldr-client-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: e77ca95d389117c00aa51ffbe80db13451d7510b5a87e43e33668c37b471c3d7 |
|
weldr-client-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 995641d22837cb3bea9e3d296c52b39ecf6ec18053fa8f131de0c7f5e2c32f22 |
|
weldr-client-debugsource-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: 9dde4241e978535b124e64ff098cfc88f204ad181e8c75d2d5312acdf4fef5ee |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.ppc64le.rpm
|
SHA-256: d38afaa1132f016b3ed0759db4b8d071e2a6131890aeb6cc984be887f4163857 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4
| SRPM |
|
weldr-client-35.12-3.el9_4.src.rpm
|
SHA-256: 7ec7833e4fd580d38d1504829abc44cffe0e68ade61f9ee1b4afbc4c0c8d92ae |
| s390x |
|
weldr-client-35.12-3.el9_4.s390x.rpm
|
SHA-256: f8eb86e16262f9c4bb95bbd68a2daf8639c4def747c36d77bf755f7990203c6f |
|
weldr-client-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: 40529eff804b1c6f282eae6bc791bf1a9511ba2408d5f5bcbe7d8b9263e2df5a |
|
weldr-client-debugsource-35.12-3.el9_4.s390x.rpm
|
SHA-256: c03ea40a2a71fdba2cf0aec8a1f8e491bc26e4ebc28b253bc9900d8ff0308ff1 |
|
weldr-client-tests-debuginfo-35.12-3.el9_4.s390x.rpm
|
SHA-256: a1e23f01c51e266024bd14ae112484174461b0af7668b4623bea594505f11dc2 |
