红帽产品勘误 RHSA-2026:13642 - Security Advisory
发布:
2026-05-05
已更新:
2026-05-05

RHSA-2026:13642 - Security Advisory

概述

Important: image-builder security update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for image-builder is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood.

Security Fix(es):

  • net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 10 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 10 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
  • Red Hat Enterprise Linux for Power, little endian 10 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 10 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x

修复

  • BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url

Red Hat Enterprise Linux for x86_64 10

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
x86_64
image-builder-31-5.el10_1.x86_64.rpm SHA-256: 5ca83a2279503e1face566c1959146bb6c9a59ce3e2721c69139a71d8209da80
image-builder-debuginfo-31-5.el10_1.x86_64.rpm SHA-256: f55da9a581be033cf246acadd916ca6119608d7d73311aa82193040b83416625
image-builder-debugsource-31-5.el10_1.x86_64.rpm SHA-256: 03edf86fd46b2515ea0022dd8b0434c6755114c11a97fe583810e1ac63ed8364

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
x86_64
image-builder-31-5.el10_1.x86_64.rpm SHA-256: 5ca83a2279503e1face566c1959146bb6c9a59ce3e2721c69139a71d8209da80
image-builder-debuginfo-31-5.el10_1.x86_64.rpm SHA-256: f55da9a581be033cf246acadd916ca6119608d7d73311aa82193040b83416625
image-builder-debugsource-31-5.el10_1.x86_64.rpm SHA-256: 03edf86fd46b2515ea0022dd8b0434c6755114c11a97fe583810e1ac63ed8364

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
s390x
image-builder-31-5.el10_1.s390x.rpm SHA-256: 64651be0f190db325558fef55c28f6ee515be9caf99c26dd32d9ad93452ba318
image-builder-debuginfo-31-5.el10_1.s390x.rpm SHA-256: e428bf40d794cfa6283a81fad9d9a500e423f6c2bf9cad1398796a5b5e7310b5
image-builder-debugsource-31-5.el10_1.s390x.rpm SHA-256: dc24e6fa0b2f67b76b82218abbc34e1e32c469af1d096d08ce99050e739bb319

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
s390x
image-builder-31-5.el10_1.s390x.rpm SHA-256: 64651be0f190db325558fef55c28f6ee515be9caf99c26dd32d9ad93452ba318
image-builder-debuginfo-31-5.el10_1.s390x.rpm SHA-256: e428bf40d794cfa6283a81fad9d9a500e423f6c2bf9cad1398796a5b5e7310b5
image-builder-debugsource-31-5.el10_1.s390x.rpm SHA-256: dc24e6fa0b2f67b76b82218abbc34e1e32c469af1d096d08ce99050e739bb319

Red Hat Enterprise Linux for Power, little endian 10

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
ppc64le
image-builder-31-5.el10_1.ppc64le.rpm SHA-256: f61efb514a0c571ba913db744bdde3e503c7a17a73d5c529361799a0b5da27ec
image-builder-debuginfo-31-5.el10_1.ppc64le.rpm SHA-256: 20b7849f85df2213586e532c7a54ec6d94cb6b9475169acee778f19ec860b21a
image-builder-debugsource-31-5.el10_1.ppc64le.rpm SHA-256: bd787d9e2cac3dfa0877c21d3f0af781053146a33542afc5e0afb878351df6e4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
ppc64le
image-builder-31-5.el10_1.ppc64le.rpm SHA-256: f61efb514a0c571ba913db744bdde3e503c7a17a73d5c529361799a0b5da27ec
image-builder-debuginfo-31-5.el10_1.ppc64le.rpm SHA-256: 20b7849f85df2213586e532c7a54ec6d94cb6b9475169acee778f19ec860b21a
image-builder-debugsource-31-5.el10_1.ppc64le.rpm SHA-256: bd787d9e2cac3dfa0877c21d3f0af781053146a33542afc5e0afb878351df6e4

Red Hat Enterprise Linux for ARM 64 10

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
aarch64
image-builder-31-5.el10_1.aarch64.rpm SHA-256: f9cf71878f6778acda582e0ffe02cd40ecb3e0ccb4f57b107216d024cb4e8209
image-builder-debuginfo-31-5.el10_1.aarch64.rpm SHA-256: 7959baff10e8b0889f3dbf76b82a48d2c4f0abb2f7ea7548fc70e5b7262edb6b
image-builder-debugsource-31-5.el10_1.aarch64.rpm SHA-256: a34f807abdd78f3b9b62dcbe36b3bfc6df3153ff07bf149d40343f518939025d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
aarch64
image-builder-31-5.el10_1.aarch64.rpm SHA-256: f9cf71878f6778acda582e0ffe02cd40ecb3e0ccb4f57b107216d024cb4e8209
image-builder-debuginfo-31-5.el10_1.aarch64.rpm SHA-256: 7959baff10e8b0889f3dbf76b82a48d2c4f0abb2f7ea7548fc70e5b7262edb6b
image-builder-debugsource-31-5.el10_1.aarch64.rpm SHA-256: a34f807abdd78f3b9b62dcbe36b3bfc6df3153ff07bf149d40343f518939025d

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
aarch64
image-builder-31-5.el10_1.aarch64.rpm SHA-256: f9cf71878f6778acda582e0ffe02cd40ecb3e0ccb4f57b107216d024cb4e8209
image-builder-debuginfo-31-5.el10_1.aarch64.rpm SHA-256: 7959baff10e8b0889f3dbf76b82a48d2c4f0abb2f7ea7548fc70e5b7262edb6b
image-builder-debugsource-31-5.el10_1.aarch64.rpm SHA-256: a34f807abdd78f3b9b62dcbe36b3bfc6df3153ff07bf149d40343f518939025d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
s390x
image-builder-31-5.el10_1.s390x.rpm SHA-256: 64651be0f190db325558fef55c28f6ee515be9caf99c26dd32d9ad93452ba318
image-builder-debuginfo-31-5.el10_1.s390x.rpm SHA-256: e428bf40d794cfa6283a81fad9d9a500e423f6c2bf9cad1398796a5b5e7310b5
image-builder-debugsource-31-5.el10_1.s390x.rpm SHA-256: dc24e6fa0b2f67b76b82218abbc34e1e32c469af1d096d08ce99050e739bb319

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
ppc64le
image-builder-31-5.el10_1.ppc64le.rpm SHA-256: f61efb514a0c571ba913db744bdde3e503c7a17a73d5c529361799a0b5da27ec
image-builder-debuginfo-31-5.el10_1.ppc64le.rpm SHA-256: 20b7849f85df2213586e532c7a54ec6d94cb6b9475169acee778f19ec860b21a
image-builder-debugsource-31-5.el10_1.ppc64le.rpm SHA-256: bd787d9e2cac3dfa0877c21d3f0af781053146a33542afc5e0afb878351df6e4

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
x86_64
image-builder-31-5.el10_1.x86_64.rpm SHA-256: 5ca83a2279503e1face566c1959146bb6c9a59ce3e2721c69139a71d8209da80
image-builder-debuginfo-31-5.el10_1.x86_64.rpm SHA-256: f55da9a581be033cf246acadd916ca6119608d7d73311aa82193040b83416625
image-builder-debugsource-31-5.el10_1.x86_64.rpm SHA-256: 03edf86fd46b2515ea0022dd8b0434c6755114c11a97fe583810e1ac63ed8364

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
x86_64
image-builder-31-5.el10_1.x86_64.rpm SHA-256: 5ca83a2279503e1face566c1959146bb6c9a59ce3e2721c69139a71d8209da80
image-builder-debuginfo-31-5.el10_1.x86_64.rpm SHA-256: f55da9a581be033cf246acadd916ca6119608d7d73311aa82193040b83416625
image-builder-debugsource-31-5.el10_1.x86_64.rpm SHA-256: 03edf86fd46b2515ea0022dd8b0434c6755114c11a97fe583810e1ac63ed8364

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
aarch64
image-builder-31-5.el10_1.aarch64.rpm SHA-256: f9cf71878f6778acda582e0ffe02cd40ecb3e0ccb4f57b107216d024cb4e8209
image-builder-debuginfo-31-5.el10_1.aarch64.rpm SHA-256: 7959baff10e8b0889f3dbf76b82a48d2c4f0abb2f7ea7548fc70e5b7262edb6b
image-builder-debugsource-31-5.el10_1.aarch64.rpm SHA-256: a34f807abdd78f3b9b62dcbe36b3bfc6df3153ff07bf149d40343f518939025d

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
ppc64le
image-builder-31-5.el10_1.ppc64le.rpm SHA-256: f61efb514a0c571ba913db744bdde3e503c7a17a73d5c529361799a0b5da27ec
image-builder-debuginfo-31-5.el10_1.ppc64le.rpm SHA-256: 20b7849f85df2213586e532c7a54ec6d94cb6b9475169acee778f19ec860b21a
image-builder-debugsource-31-5.el10_1.ppc64le.rpm SHA-256: bd787d9e2cac3dfa0877c21d3f0af781053146a33542afc5e0afb878351df6e4

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2

SRPM
image-builder-31-5.el10_1.src.rpm SHA-256: 565370093682a6a15bfd6a39cd49d8dc029b19990b5936af292a0a4b61b705dd
s390x
image-builder-31-5.el10_1.s390x.rpm SHA-256: 64651be0f190db325558fef55c28f6ee515be9caf99c26dd32d9ad93452ba318
image-builder-debuginfo-31-5.el10_1.s390x.rpm SHA-256: e428bf40d794cfa6283a81fad9d9a500e423f6c2bf9cad1398796a5b5e7310b5
image-builder-debugsource-31-5.el10_1.s390x.rpm SHA-256: dc24e6fa0b2f67b76b82218abbc34e1e32c469af1d096d08ce99050e739bb319

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/