Synopsis
Important: image-builder security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for image-builder is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood.
Security Fix(es):
- crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
- golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
- crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x
Fixes
-
BZ - 2418462
- CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
-
BZ - 2434432
- CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url
-
BZ - 2437111
- CVE-2025-68121 crypto/tls: Unexpected session resumption in crypto/tls
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| x86_64 |
|
image-builder-31-4.el10_1.x86_64.rpm
|
SHA-256: 3e4888429426f242d05f33e67d0d32e7ef824084c26c2177a1c7503d8640f597 |
|
image-builder-debuginfo-31-4.el10_1.x86_64.rpm
|
SHA-256: 2c9d950e2a04d35211cea743a23f7c94479fc0a97c96b5d3bca32aea67ebca34 |
|
image-builder-debugsource-31-4.el10_1.x86_64.rpm
|
SHA-256: 961833976e02dd8963b9835a09e153e4c7fc69c24773e44af069189b3b2914ff |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| x86_64 |
|
image-builder-31-4.el10_1.x86_64.rpm
|
SHA-256: 3e4888429426f242d05f33e67d0d32e7ef824084c26c2177a1c7503d8640f597 |
|
image-builder-debuginfo-31-4.el10_1.x86_64.rpm
|
SHA-256: 2c9d950e2a04d35211cea743a23f7c94479fc0a97c96b5d3bca32aea67ebca34 |
|
image-builder-debugsource-31-4.el10_1.x86_64.rpm
|
SHA-256: 961833976e02dd8963b9835a09e153e4c7fc69c24773e44af069189b3b2914ff |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| s390x |
|
image-builder-31-4.el10_1.s390x.rpm
|
SHA-256: ae1fbc714f7a43fe1261fb934eab9f3f6291d63a6075517f78ca7cad9546aa28 |
|
image-builder-debuginfo-31-4.el10_1.s390x.rpm
|
SHA-256: 033cd7b93f69a5d388d9928367f6497b398ff38e4d9c3f3857e11706118d546a |
|
image-builder-debugsource-31-4.el10_1.s390x.rpm
|
SHA-256: ece3d48efe8b5dbf0e64a13b4e8fe5edac1cd18da0e665f1c8eda820d04e7947 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| s390x |
|
image-builder-31-4.el10_1.s390x.rpm
|
SHA-256: ae1fbc714f7a43fe1261fb934eab9f3f6291d63a6075517f78ca7cad9546aa28 |
|
image-builder-debuginfo-31-4.el10_1.s390x.rpm
|
SHA-256: 033cd7b93f69a5d388d9928367f6497b398ff38e4d9c3f3857e11706118d546a |
|
image-builder-debugsource-31-4.el10_1.s390x.rpm
|
SHA-256: ece3d48efe8b5dbf0e64a13b4e8fe5edac1cd18da0e665f1c8eda820d04e7947 |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| ppc64le |
|
image-builder-31-4.el10_1.ppc64le.rpm
|
SHA-256: f921b5ca161e5beda7b644ea199de2484b61eab7dd34aed3caa4471811956717 |
|
image-builder-debuginfo-31-4.el10_1.ppc64le.rpm
|
SHA-256: fee102f5a7c13e734defb5ed9126540ddd467296ca425e0f80fda61853696f71 |
|
image-builder-debugsource-31-4.el10_1.ppc64le.rpm
|
SHA-256: 48463efa3774eaabe237a21738e4e45729ebae869b0240df4456bd23351bef42 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| ppc64le |
|
image-builder-31-4.el10_1.ppc64le.rpm
|
SHA-256: f921b5ca161e5beda7b644ea199de2484b61eab7dd34aed3caa4471811956717 |
|
image-builder-debuginfo-31-4.el10_1.ppc64le.rpm
|
SHA-256: fee102f5a7c13e734defb5ed9126540ddd467296ca425e0f80fda61853696f71 |
|
image-builder-debugsource-31-4.el10_1.ppc64le.rpm
|
SHA-256: 48463efa3774eaabe237a21738e4e45729ebae869b0240df4456bd23351bef42 |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| aarch64 |
|
image-builder-31-4.el10_1.aarch64.rpm
|
SHA-256: 0bf5c30cd76ffb3fd6ef30fa988ea48fd04338bfee5cf61b3208cf7ee674e7f6 |
|
image-builder-debuginfo-31-4.el10_1.aarch64.rpm
|
SHA-256: 48bacf59baa1151b659e8133da67eee89e52b3c966de3872ba98973d3641d0a7 |
|
image-builder-debugsource-31-4.el10_1.aarch64.rpm
|
SHA-256: 504d0c5efa844ef8c8c42bf90d7d250a3bf39e6d824cad04c6596e40c01c7095 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| aarch64 |
|
image-builder-31-4.el10_1.aarch64.rpm
|
SHA-256: 0bf5c30cd76ffb3fd6ef30fa988ea48fd04338bfee5cf61b3208cf7ee674e7f6 |
|
image-builder-debuginfo-31-4.el10_1.aarch64.rpm
|
SHA-256: 48bacf59baa1151b659e8133da67eee89e52b3c966de3872ba98973d3641d0a7 |
|
image-builder-debugsource-31-4.el10_1.aarch64.rpm
|
SHA-256: 504d0c5efa844ef8c8c42bf90d7d250a3bf39e6d824cad04c6596e40c01c7095 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| aarch64 |
|
image-builder-31-4.el10_1.aarch64.rpm
|
SHA-256: 0bf5c30cd76ffb3fd6ef30fa988ea48fd04338bfee5cf61b3208cf7ee674e7f6 |
|
image-builder-debuginfo-31-4.el10_1.aarch64.rpm
|
SHA-256: 48bacf59baa1151b659e8133da67eee89e52b3c966de3872ba98973d3641d0a7 |
|
image-builder-debugsource-31-4.el10_1.aarch64.rpm
|
SHA-256: 504d0c5efa844ef8c8c42bf90d7d250a3bf39e6d824cad04c6596e40c01c7095 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| s390x |
|
image-builder-31-4.el10_1.s390x.rpm
|
SHA-256: ae1fbc714f7a43fe1261fb934eab9f3f6291d63a6075517f78ca7cad9546aa28 |
|
image-builder-debuginfo-31-4.el10_1.s390x.rpm
|
SHA-256: 033cd7b93f69a5d388d9928367f6497b398ff38e4d9c3f3857e11706118d546a |
|
image-builder-debugsource-31-4.el10_1.s390x.rpm
|
SHA-256: ece3d48efe8b5dbf0e64a13b4e8fe5edac1cd18da0e665f1c8eda820d04e7947 |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| ppc64le |
|
image-builder-31-4.el10_1.ppc64le.rpm
|
SHA-256: f921b5ca161e5beda7b644ea199de2484b61eab7dd34aed3caa4471811956717 |
|
image-builder-debuginfo-31-4.el10_1.ppc64le.rpm
|
SHA-256: fee102f5a7c13e734defb5ed9126540ddd467296ca425e0f80fda61853696f71 |
|
image-builder-debugsource-31-4.el10_1.ppc64le.rpm
|
SHA-256: 48463efa3774eaabe237a21738e4e45729ebae869b0240df4456bd23351bef42 |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| x86_64 |
|
image-builder-31-4.el10_1.x86_64.rpm
|
SHA-256: 3e4888429426f242d05f33e67d0d32e7ef824084c26c2177a1c7503d8640f597 |
|
image-builder-debuginfo-31-4.el10_1.x86_64.rpm
|
SHA-256: 2c9d950e2a04d35211cea743a23f7c94479fc0a97c96b5d3bca32aea67ebca34 |
|
image-builder-debugsource-31-4.el10_1.x86_64.rpm
|
SHA-256: 961833976e02dd8963b9835a09e153e4c7fc69c24773e44af069189b3b2914ff |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| x86_64 |
|
image-builder-31-4.el10_1.x86_64.rpm
|
SHA-256: 3e4888429426f242d05f33e67d0d32e7ef824084c26c2177a1c7503d8640f597 |
|
image-builder-debuginfo-31-4.el10_1.x86_64.rpm
|
SHA-256: 2c9d950e2a04d35211cea743a23f7c94479fc0a97c96b5d3bca32aea67ebca34 |
|
image-builder-debugsource-31-4.el10_1.x86_64.rpm
|
SHA-256: 961833976e02dd8963b9835a09e153e4c7fc69c24773e44af069189b3b2914ff |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| aarch64 |
|
image-builder-31-4.el10_1.aarch64.rpm
|
SHA-256: 0bf5c30cd76ffb3fd6ef30fa988ea48fd04338bfee5cf61b3208cf7ee674e7f6 |
|
image-builder-debuginfo-31-4.el10_1.aarch64.rpm
|
SHA-256: 48bacf59baa1151b659e8133da67eee89e52b3c966de3872ba98973d3641d0a7 |
|
image-builder-debugsource-31-4.el10_1.aarch64.rpm
|
SHA-256: 504d0c5efa844ef8c8c42bf90d7d250a3bf39e6d824cad04c6596e40c01c7095 |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| ppc64le |
|
image-builder-31-4.el10_1.ppc64le.rpm
|
SHA-256: f921b5ca161e5beda7b644ea199de2484b61eab7dd34aed3caa4471811956717 |
|
image-builder-debuginfo-31-4.el10_1.ppc64le.rpm
|
SHA-256: fee102f5a7c13e734defb5ed9126540ddd467296ca425e0f80fda61853696f71 |
|
image-builder-debugsource-31-4.el10_1.ppc64le.rpm
|
SHA-256: 48463efa3774eaabe237a21738e4e45729ebae869b0240df4456bd23351bef42 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2
| SRPM |
|
image-builder-31-4.el10_1.src.rpm
|
SHA-256: dab6dfa89cc43ced282b0d040cd53a30e5596369ae7f6aa7c7caadae581dccce |
| s390x |
|
image-builder-31-4.el10_1.s390x.rpm
|
SHA-256: ae1fbc714f7a43fe1261fb934eab9f3f6291d63a6075517f78ca7cad9546aa28 |
|
image-builder-debuginfo-31-4.el10_1.s390x.rpm
|
SHA-256: 033cd7b93f69a5d388d9928367f6497b398ff38e4d9c3f3857e11706118d546a |
|
image-builder-debugsource-31-4.el10_1.s390x.rpm
|
SHA-256: ece3d48efe8b5dbf0e64a13b4e8fe5edac1cd18da0e665f1c8eda820d04e7947 |
