[ALSA-2026:13642] Important: image-builder security update
Type:
security
Severity:
important
Release date:
2026-05-06
Description:
A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fix(es): * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 image-builder-31-5.el10_1.aarch64.rpm e4b4dc6717f9c2227f01259e8fa70840364ccd08cc8db7a05035d28286354da5
ppc64le image-builder-31-5.el10_1.ppc64le.rpm 89e560bb000c1a48a59737acd1d2d5af9620e8ed3618d346b3f4b4f970ca67e7
s390x image-builder-31-5.el10_1.s390x.rpm bafa841bf4f3e1c7a19a6db15d43e569e658e276f85f5fe5fec3eb7a4343990b
x86_64 image-builder-31-5.el10_1.x86_64.rpm 57f59b69b1cfeb2a9671dbfa588e998d5808b160c3b9ecbd5d777d12328aa60c
x86_64_v2 image-builder-31-5.el10_1.x86_64_v2.rpm 9155128753313b874160400653c20fe07dff1aeb12a7474dcaf01f84d92e5127
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.