[ALSA-2025:7459] Moderate: buildah security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 buildah-tests-1.39.4-1.el10_0.aarch64.rpm 3fcb0860ef41985412deab3f6da3c0c79dc366aa771e82000ac72c7480f719e9
aarch64 buildah-1.39.4-1.el10_0.aarch64.rpm 976a85b85e49b6d07fdfccd271e8192033b963904fc76c8b31b64f30c9eb3807
ppc64le buildah-tests-1.39.4-1.el10_0.ppc64le.rpm 197021a1fd0ba35f62d6fab65725555c0e80ab1305389121a9b1880f1439420c
ppc64le buildah-1.39.4-1.el10_0.ppc64le.rpm bb267509c7bf52c655423ba17cc4cbda70513455225e76b617d2d2a9c6b5e82a
s390x buildah-1.39.4-1.el10_0.s390x.rpm a73d5d395f4c6a19ecdd68aac9251c7ca7fa022401bb10a17af9b4f280c7fd38
s390x buildah-tests-1.39.4-1.el10_0.s390x.rpm dbb346c323da45a8238ac0bd19a957de573b4f9df719f5b3efe542098b3f2749
x86_64 buildah-1.39.4-1.el10_0.x86_64.rpm 41fd85d4a432329622dd488e6f279cdbc5775198dc81d9659b78cd22bc761072
x86_64 buildah-tests-1.39.4-1.el10_0.x86_64.rpm 6b72ecc8b53acad306d0c40cf30f62d3574f100bb74095ac1ceee221bec34382
x86_64_v2 buildah-1.39.4-1.el10_0.x86_64_v2.rpm 23b44ce2de984010f0f8c268dc986270ae3a79e1b5159616bd5518e8899824d5
x86_64_v2 buildah-tests-1.39.4-1.el10_0.x86_64_v2.rpm 4892da1ad527ac65c5fecfa97993ed6891f7a0342e9731e85321b8a040da799a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.