ALSA-2026:3336

[ALSA-2026:3336] Important: podman security update

Type:

security

Severity:

important

Release date:

2026-02-26

Description:

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.  

Security Fix(es):  

  * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
  * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
  * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
  * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	podman-tests-5.6.0-12.el10_1.alma.1.aarch64.rpm	37dba6482c3d74948b76acd7f8d94e20ae27d5db11fe360b4799d27b369d4083
aarch64	podman-remote-5.6.0-12.el10_1.alma.1.aarch64.rpm	97052bb5191b7a151b7e8b01413c14fc76ca2d9cd1a21705b9d75529d3d7c6bd
aarch64	podman-5.6.0-12.el10_1.alma.1.aarch64.rpm	eb81c842939953015a3d5b1e6fe13691a4260904610f151574cc2c6e46c6b68c
noarch	podman-docker-5.6.0-12.el10_1.alma.1.noarch.rpm	80f70b57e8c0d83fc499d457c70ac52864961794ccf398aa96dac4e858438a80
ppc64le	podman-5.6.0-12.el10_1.alma.1.ppc64le.rpm	01ff07c0c314eb4bd34a31869deb4ad4dcecf444f2737dcbc04e9f715c8737f6
ppc64le	podman-remote-5.6.0-12.el10_1.alma.1.ppc64le.rpm	346257357c4efaf86555043ee819b7c135f4d9a1a8d8c2f06c3223c6a0f13f3c
ppc64le	podman-tests-5.6.0-12.el10_1.alma.1.ppc64le.rpm	b2b0a1aebc7470337507ecacfe414620f9f12b9e8828a88347841f2d13fda6eb
s390x	podman-remote-5.6.0-12.el10_1.alma.1.s390x.rpm	2189e72c8707bda5f7cbcd8f1b8e3a2691ee538fee38641e98c3361d4324190e
s390x	podman-5.6.0-12.el10_1.alma.1.s390x.rpm	4a47799c3da46b7d3b0426048af9eb386561a185b93838a20abf0e57c62f7e53
s390x	podman-tests-5.6.0-12.el10_1.alma.1.s390x.rpm	71768b575e6059371e0410b29c91b27429554aa13278960bd7838d38d01fd653
x86_64	podman-remote-5.6.0-12.el10_1.alma.1.x86_64.rpm	10ead1d731e21ac9bce158988cee93e4adda160535a181893993e5564f9354bc
x86_64	podman-5.6.0-12.el10_1.alma.1.x86_64.rpm	244da9cd3370767c969cfc379f33f3fa47eb0f801d89043a9e3599731ff3f355
x86_64	podman-tests-5.6.0-12.el10_1.alma.1.x86_64.rpm	f2ce88253f0e488b6545e49db05781d45e700020a2bb0514c084947bd19eef5e
x86_64_v2	podman-5.6.0-12.el10_1.alma.1.x86_64_v2.rpm	457cd64589fae05744c760c6106a2deee16545573047de9d4e740a88574ef297
x86_64_v2	podman-remote-5.6.0-12.el10_1.alma.1.x86_64_v2.rpm	acdb7f6751c3bd0b070494316f6b3e0d6e61eb157ccab875a2bfc711f933d865
x86_64_v2	podman-tests-5.6.0-12.el10_1.alma.1.x86_64_v2.rpm	d742866fac7753a6f86ccd704610d49571ea7dd15e09b28beaabdd812cc8bec3

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.