ALSA-2025:7462

[ALSA-2025:7462] Important: podman security update

Type:

security

Severity:

important

Release date:

2025-07-02

Description:

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.  

Security Fix(es):  

  * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
  * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	podman-tests-5.4.0-9.el10_0.aarch64.rpm	44240f546094e58d646ae5383ed9ca60be8a47ea5aea1e143b05c4d7b7558180
aarch64	podman-5.4.0-9.el10_0.aarch64.rpm	a678776ea2f2f6f74e900a18a5d6a3bf045cd7d2500a938fd0928f397584feec
aarch64	podman-remote-5.4.0-9.el10_0.aarch64.rpm	af94623948c4c8c8a6a5213029f387219246a46ded0cf738ff6e9638a1bee099
noarch	podman-docker-5.4.0-9.el10_0.noarch.rpm	2c86c66118f87151dd8bc3230169a89452b5476612daae68bd0cf9a84a8cd20e
ppc64le	podman-tests-5.4.0-9.el10_0.ppc64le.rpm	5ecc266a6fe881c71541266686bd0f2e2cad30d9094a882cca684ff503990cc8
ppc64le	podman-remote-5.4.0-9.el10_0.ppc64le.rpm	60c59cb6801b1585a27648ee3e7573ba094402b7bba959959249f3155b1c7f35
ppc64le	podman-5.4.0-9.el10_0.ppc64le.rpm	e6c0124505b4f91ec7aea1bc6355e1e9e106371128f5fce6045575b0a62e7c03
s390x	podman-5.4.0-9.el10_0.s390x.rpm	09cd72976daba901a7f68a15a690e590122718140a19d756155dc91f01f13058
s390x	podman-remote-5.4.0-9.el10_0.s390x.rpm	5fdc38133737c8d253d651f28f74a996ef4a7f74ec0f47527a1cbc9f637934fa
s390x	podman-tests-5.4.0-9.el10_0.s390x.rpm	7ba0e077de3c64428418174b5bb6d96796e54841455ed86e48d8971e500af862
x86_64	podman-5.4.0-9.el10_0.x86_64.rpm	46ee25981d6300f368dd0d4d3ba1e6904fe8dda541b0f85402927931ad0539e1
x86_64	podman-remote-5.4.0-9.el10_0.x86_64.rpm	aaeebde629087af712f49e67cd085ac3f182f5a25f408d2d57c326464303dd19
x86_64	podman-tests-5.4.0-9.el10_0.x86_64.rpm	fc42705494c31a08bbf7b0ceddf51d4d626176479a479dd6433cf58f2ca0b1b0
x86_64_v2	podman-remote-5.4.0-9.el10_0.x86_64_v2.rpm	4e0482f891880f8581dc1898d28f8a96e650200f773238f8ade85b30de00fef5
x86_64_v2	podman-tests-5.4.0-9.el10_0.x86_64_v2.rpm	92f49fe6b420be3c0db6c2d91116f54c0dc76f1a0913ab37f6cdcc222d6d8e54
x86_64_v2	podman-5.4.0-9.el10_0.x86_64_v2.rpm	c4d68291fe6648ab0e5ae5b159af4b91a4eee03959c28e88c1f9c35d927b9789

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.