Issued:: 2026-02-25
Updated:: 2026-02-25

RHSA-2026:3289 - Security Advisory

Overview
Updated Packages

Synopsis

Important: opentelemetry-collector security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Collector with the supported components for a Red Hat build of OpenTelemetry

Security Fix(es):

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x

Fixes

BZ - 2418462 - CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

CVEs

CVE-2025-61729

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
x86_64
opentelemetry-collector-0.135.0-3.el9_6.x86_64.rpm	SHA-256: 93523a352f98853c47b735a14483339dd0b6e72ec02086e550a094c08e09ccd7

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
x86_64
opentelemetry-collector-0.135.0-3.el9_6.x86_64.rpm	SHA-256: 93523a352f98853c47b735a14483339dd0b6e72ec02086e550a094c08e09ccd7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
s390x
opentelemetry-collector-0.135.0-3.el9_6.s390x.rpm	SHA-256: 72d8411694469c78ba697615a39791fc52e99c0b1f406bc326e7b4fbcb335671

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
ppc64le
opentelemetry-collector-0.135.0-3.el9_6.ppc64le.rpm	SHA-256: 6d9d71013e98c2b621d0aed5eff061c6135ff76c37cb40e96580a6cffdbf478b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
aarch64
opentelemetry-collector-0.135.0-3.el9_6.aarch64.rpm	SHA-256: eb5fa5c2792292cd2dc9ad897d7b4810c8539ef86bd82e845522382a6ae00cd9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
ppc64le
opentelemetry-collector-0.135.0-3.el9_6.ppc64le.rpm	SHA-256: 6d9d71013e98c2b621d0aed5eff061c6135ff76c37cb40e96580a6cffdbf478b

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
x86_64
opentelemetry-collector-0.135.0-3.el9_6.x86_64.rpm	SHA-256: 93523a352f98853c47b735a14483339dd0b6e72ec02086e550a094c08e09ccd7

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
aarch64
opentelemetry-collector-0.135.0-3.el9_6.aarch64.rpm	SHA-256: eb5fa5c2792292cd2dc9ad897d7b4810c8539ef86bd82e845522382a6ae00cd9

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
s390x
opentelemetry-collector-0.135.0-3.el9_6.s390x.rpm	SHA-256: 72d8411694469c78ba697615a39791fc52e99c0b1f406bc326e7b4fbcb335671

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
x86_64
opentelemetry-collector-0.135.0-3.el9_6.x86_64.rpm	SHA-256: 93523a352f98853c47b735a14483339dd0b6e72ec02086e550a094c08e09ccd7

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
aarch64
opentelemetry-collector-0.135.0-3.el9_6.aarch64.rpm	SHA-256: eb5fa5c2792292cd2dc9ad897d7b4810c8539ef86bd82e845522382a6ae00cd9

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
ppc64le
opentelemetry-collector-0.135.0-3.el9_6.ppc64le.rpm	SHA-256: 6d9d71013e98c2b621d0aed5eff061c6135ff76c37cb40e96580a6cffdbf478b

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6

SRPM
opentelemetry-collector-0.135.0-3.el9_6.src.rpm	SHA-256: dc2f4c8c1394cf34de079b2aabe82c75df3ff9020208b3c76966534073b288ad
s390x
opentelemetry-collector-0.135.0-3.el9_6.s390x.rpm	SHA-256: 72d8411694469c78ba697615a39791fc52e99c0b1f406bc326e7b4fbcb335671

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation