[ALSA-2025:23664] Important: opentelemetry-collector security update
Type:
security
Severity:
important
Release date:
2025-12-23
Description:
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fix(es): * github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation (CVE-2025-68156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opentelemetry-collector-0.135.0-2.el10_1.aarch64.rpm 626f5ea71e71f0522d4cc8ac02cb118d796f65c726a3433c1703fbb8ed67178b
ppc64le opentelemetry-collector-0.135.0-2.el10_1.ppc64le.rpm dfbe9556d985661956ff9d983a415518bf74a9a37de7d3868501844adabc06a0
s390x opentelemetry-collector-0.135.0-2.el10_1.s390x.rpm aa68a71a29d04eba1ab2e8b2107061a1e682c478ed2adc6e288935c61e8f4623
x86_64 opentelemetry-collector-0.135.0-2.el10_1.x86_64.rpm 13f91ed14d72bcc5f981fcb8a5f7e0e9d9871ec50f2b75f1396c3d164941ca1c
x86_64_v2 opentelemetry-collector-0.135.0-2.el10_1.x86_64_v2.rpm 268e91ab895a238801c363cf18b181148be07aa0c763c1921827d87b62a85ac9
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.