ALSA-2025:12850

[ALSA-2025:12850] Moderate: opentelemetry-collector security update

Type:

security

Severity:

moderate

Release date:

2025-08-07

Description:

Collector with the supported components for a AlmaLinux build of OpenTelemetry  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	opentelemetry-collector-0.127.0-1.el10_0.aarch64.rpm	58d7c2263f75db144a3fec8b0feff3667cf015b8a55072b813677d70279ddc1b
ppc64le	opentelemetry-collector-0.127.0-1.el10_0.ppc64le.rpm	1d5beba15e189ff3562a1d06813a7be45ba78e9e7b328a52eaa76e59d9269b5b
s390x	opentelemetry-collector-0.127.0-1.el10_0.s390x.rpm	4a14ad93b7e8ee9d138bb6e4851e17c80e127cf366bf13a54e95840c599f9ec3
x86_64	opentelemetry-collector-0.127.0-1.el10_0.x86_64.rpm	79290906765d83052bb7319bd353b52ee02fd6aabc56439027bcf0e2e4e62304
x86_64_v2	opentelemetry-collector-0.127.0-1.el10_0.x86_64_v2.rpm	ab738abc862ebd6dd1bc304cb7f17a1eec8501ad1d2636d6c14a25fc834966c1

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.