ALSA-2025:16432

[ALSA-2025:16432] Moderate: opentelemetry-collector security update

Type:

security

Severity:

moderate

Release date:

2025-09-29

Description:

Collector with the supported components for a AlmaLinux build of OpenTelemetry  

Security Fix(es):  

  * net/[http:](http:) Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	opentelemetry-collector-0.127.0-3.el10_0.aarch64.rpm	405722e5fa1624cd28c7ad7f7574ce08159ea2fd8130feeb77f488804905f875
ppc64le	opentelemetry-collector-0.127.0-3.el10_0.ppc64le.rpm	ef42b6e38494108c57a5d190433b3316c17541e23684acc3f5b43bdb4a6848e0
s390x	opentelemetry-collector-0.127.0-3.el10_0.s390x.rpm	a464cd1d7a7c96313f12f09fb5210d22d16cfebbd7c4a7ef6af2fbece6ce9c21
x86_64	opentelemetry-collector-0.127.0-3.el10_0.x86_64.rpm	f67e0af434c8e47e1fce3f626fd3f5d205b7e74787bb20c6a5a6464a6e5e36d3
x86_64_v2	opentelemetry-collector-0.127.0-3.el10_0.x86_64_v2.rpm	c20e669a6cbad58ccb45d55edcf96d99bdb373ab2b7527a3e4da974965f67920

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.