[ALSA-2026:1907] Important: opentelemetry-collector security update
Type:
security
Severity:
important
Release date:
2026-02-10
Description:
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fix(es): * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opentelemetry-collector-0.135.0-3.el10_1.aarch64.rpm 749d96c4cecd8567c760f412a6766d435f7401ae186b50b03c44fb3d6403a8f0
ppc64le opentelemetry-collector-0.135.0-3.el10_1.ppc64le.rpm 4845dde284c90407ab6c617e869eb5412a6b2f35191ba62ca6e5f652d60982c6
s390x opentelemetry-collector-0.135.0-3.el10_1.s390x.rpm a144fafdcd5e6a4b363b69c2713a85d88c0612e2c8cd1f851f01e21c2b95fcb2
x86_64 opentelemetry-collector-0.135.0-3.el10_1.x86_64.rpm cd5dcee1cffe2afc329ddfde0305f221078ffecd8c35227ab17ae7b96d29f2a6
x86_64_v2 opentelemetry-collector-0.135.0-3.el10_1.x86_64_v2.rpm e011160e9b1b6765204a5645797d94645e1270c39e708838a63937ed3245db86
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.