Issued:: 2026-04-20
Updated:: 2026-04-20

RHSA-2026:9098 - Security Advisory

Overview
Updated Packages

Synopsis

Important: skopeo security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for skopeo is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x

Fixes

BZ - 2418462 - CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
BZ - 2434432 - CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url
BZ - 2437111 - CVE-2025-68121 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
x86_64
skopeo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 0db33dea8dffd2b357a0a5599852fa2cfb494e367d587b18d183477466b3c9a1
skopeo-debuginfo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: a0c988b7f76c38a956f106e618ed17815396e351f9970cfdae9d136808c7e8be
skopeo-debugsource-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 9140535cf4819c731b65514c1db0af25bdeb2c06543250bcb488589ad9e535a1
skopeo-tests-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 6880366dd3a5a94da3608691fbeb280ecbab022abd49e8cda1c531cf27949a28

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
x86_64
skopeo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 0db33dea8dffd2b357a0a5599852fa2cfb494e367d587b18d183477466b3c9a1
skopeo-debuginfo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: a0c988b7f76c38a956f106e618ed17815396e351f9970cfdae9d136808c7e8be
skopeo-debugsource-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 9140535cf4819c731b65514c1db0af25bdeb2c06543250bcb488589ad9e535a1
skopeo-tests-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 6880366dd3a5a94da3608691fbeb280ecbab022abd49e8cda1c531cf27949a28

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
s390x
skopeo-1.18.1-5.el9_6.s390x.rpm	SHA-256: 09d417308a6ce42318880e7040d66e76b6a61bb4211cd2c0c35e6ca49279e491
skopeo-debuginfo-1.18.1-5.el9_6.s390x.rpm	SHA-256: a7fa471bbc6bf37f5f4b7ff9a46e1306c41c7c635f518cbf1e9869cb6474b3a2
skopeo-debugsource-1.18.1-5.el9_6.s390x.rpm	SHA-256: f0b218bb413b02696d234f7e38c22a251cc762507a8daa6d7801e078a9475d8c
skopeo-tests-1.18.1-5.el9_6.s390x.rpm	SHA-256: 86a1ddc7600aaa0e12453d5d537de662284e9036422d223ca487d934e850efd2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
ppc64le
skopeo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 106a35da2e60cdb44358cf697f486737fb5d3b16da9a9a7b389f6bb56307ae74
skopeo-debuginfo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 3f33e48fba4a5815fd1d4190d6d4155ed67bd92377b748e91d5ada29c10289e6
skopeo-debugsource-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 45f373f1f172f9c6d76f5973a0573b058385cd6f52ec95a3a9d85f10f7964dc7
skopeo-tests-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 6f8c8c417d1c23d446c244f723e607630e5afa53091e2348005b3fe14ac671ac

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
aarch64
skopeo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: bbcbc8bf94bd6646502ef1c55996766d27073fe90c860d90826998fe01385d57
skopeo-debuginfo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: b017118b4987a4a39a06bd5fac06e5974891b186755cc518d8107808aadda565
skopeo-debugsource-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 3933f0000f9ba3ddbb9a0f367e59b9709e28a463ed2bd710fa74ae22610344d6
skopeo-tests-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 8852c0c7d803ac6b49ae46c49318f89679602f8b13db07c827e25586d863117f

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
ppc64le
skopeo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 106a35da2e60cdb44358cf697f486737fb5d3b16da9a9a7b389f6bb56307ae74
skopeo-debuginfo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 3f33e48fba4a5815fd1d4190d6d4155ed67bd92377b748e91d5ada29c10289e6
skopeo-debugsource-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 45f373f1f172f9c6d76f5973a0573b058385cd6f52ec95a3a9d85f10f7964dc7
skopeo-tests-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 6f8c8c417d1c23d446c244f723e607630e5afa53091e2348005b3fe14ac671ac

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
x86_64
skopeo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 0db33dea8dffd2b357a0a5599852fa2cfb494e367d587b18d183477466b3c9a1
skopeo-debuginfo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: a0c988b7f76c38a956f106e618ed17815396e351f9970cfdae9d136808c7e8be
skopeo-debugsource-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 9140535cf4819c731b65514c1db0af25bdeb2c06543250bcb488589ad9e535a1
skopeo-tests-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 6880366dd3a5a94da3608691fbeb280ecbab022abd49e8cda1c531cf27949a28

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
aarch64
skopeo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: bbcbc8bf94bd6646502ef1c55996766d27073fe90c860d90826998fe01385d57
skopeo-debuginfo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: b017118b4987a4a39a06bd5fac06e5974891b186755cc518d8107808aadda565
skopeo-debugsource-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 3933f0000f9ba3ddbb9a0f367e59b9709e28a463ed2bd710fa74ae22610344d6
skopeo-tests-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 8852c0c7d803ac6b49ae46c49318f89679602f8b13db07c827e25586d863117f

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
s390x
skopeo-1.18.1-5.el9_6.s390x.rpm	SHA-256: 09d417308a6ce42318880e7040d66e76b6a61bb4211cd2c0c35e6ca49279e491
skopeo-debuginfo-1.18.1-5.el9_6.s390x.rpm	SHA-256: a7fa471bbc6bf37f5f4b7ff9a46e1306c41c7c635f518cbf1e9869cb6474b3a2
skopeo-debugsource-1.18.1-5.el9_6.s390x.rpm	SHA-256: f0b218bb413b02696d234f7e38c22a251cc762507a8daa6d7801e078a9475d8c
skopeo-tests-1.18.1-5.el9_6.s390x.rpm	SHA-256: 86a1ddc7600aaa0e12453d5d537de662284e9036422d223ca487d934e850efd2

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
x86_64
skopeo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 0db33dea8dffd2b357a0a5599852fa2cfb494e367d587b18d183477466b3c9a1
skopeo-debuginfo-1.18.1-5.el9_6.x86_64.rpm	SHA-256: a0c988b7f76c38a956f106e618ed17815396e351f9970cfdae9d136808c7e8be
skopeo-debugsource-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 9140535cf4819c731b65514c1db0af25bdeb2c06543250bcb488589ad9e535a1
skopeo-tests-1.18.1-5.el9_6.x86_64.rpm	SHA-256: 6880366dd3a5a94da3608691fbeb280ecbab022abd49e8cda1c531cf27949a28

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
aarch64
skopeo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: bbcbc8bf94bd6646502ef1c55996766d27073fe90c860d90826998fe01385d57
skopeo-debuginfo-1.18.1-5.el9_6.aarch64.rpm	SHA-256: b017118b4987a4a39a06bd5fac06e5974891b186755cc518d8107808aadda565
skopeo-debugsource-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 3933f0000f9ba3ddbb9a0f367e59b9709e28a463ed2bd710fa74ae22610344d6
skopeo-tests-1.18.1-5.el9_6.aarch64.rpm	SHA-256: 8852c0c7d803ac6b49ae46c49318f89679602f8b13db07c827e25586d863117f

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
ppc64le
skopeo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 106a35da2e60cdb44358cf697f486737fb5d3b16da9a9a7b389f6bb56307ae74
skopeo-debuginfo-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 3f33e48fba4a5815fd1d4190d6d4155ed67bd92377b748e91d5ada29c10289e6
skopeo-debugsource-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 45f373f1f172f9c6d76f5973a0573b058385cd6f52ec95a3a9d85f10f7964dc7
skopeo-tests-1.18.1-5.el9_6.ppc64le.rpm	SHA-256: 6f8c8c417d1c23d446c244f723e607630e5afa53091e2348005b3fe14ac671ac

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6

SRPM
skopeo-1.18.1-5.el9_6.src.rpm	SHA-256: 9d266472087f840a668e6eb2855a4021e054a48b0b7c9f7ad1fe5acb42e93b95
s390x
skopeo-1.18.1-5.el9_6.s390x.rpm	SHA-256: 09d417308a6ce42318880e7040d66e76b6a61bb4211cd2c0c35e6ca49279e491
skopeo-debuginfo-1.18.1-5.el9_6.s390x.rpm	SHA-256: a7fa471bbc6bf37f5f4b7ff9a46e1306c41c7c635f518cbf1e9869cb6474b3a2
skopeo-debugsource-1.18.1-5.el9_6.s390x.rpm	SHA-256: f0b218bb413b02696d234f7e38c22a251cc762507a8daa6d7801e078a9475d8c
skopeo-tests-1.18.1-5.el9_6.s390x.rpm	SHA-256: 86a1ddc7600aaa0e12453d5d537de662284e9036422d223ca487d934e850efd2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation