[ALSA-2025:9845] Moderate: weldr-client security update
Type:
security
Severity:
moderate
Release date:
2025-06-30
Description:
Command line utility to control osbuild-composer Security Fix(es): * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 weldr-client-35.12-3.el8_10.aarch64.rpm 72cf4ca1582c7d14b724c0c7f65ae6cdb50ebdb7575cd2c5f41aad4d980f3cef
ppc64le weldr-client-35.12-3.el8_10.ppc64le.rpm 9618b257dfb054d8d2600fe45089cd3451704c1f15906e8542b75cd3c5821642
s390x weldr-client-35.12-3.el8_10.s390x.rpm c0b66ddcb0c5ce7c7966e8fff22ae6bf7b9f72bf1255537e014c52b5070b5f69
x86_64 weldr-client-35.12-3.el8_10.x86_64.rpm 534ca9376fa280ae4b4db5bf184b90aee5dac79ba41ac199a32ecbe4b444016a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.