ALSA-2024:2239

[ALSA-2024:2239] Moderate: skopeo security update

Type:

security

Severity:

moderate

Release date:

2024-05-07

Description:

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. 

Security Fix(es):

* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	skopeo-1.14.3-0.1.el9.aarch64.rpm	9f783b411ae8ad788de2ac901179c58e3d025325997e7734537add18edbfc0ab
aarch64	skopeo-tests-1.14.3-0.1.el9.aarch64.rpm	e786effab0a54e7b1635f0fa9ae03b2d4de6584632e45ee43d46e94fa919520a
ppc64le	skopeo-tests-1.14.3-0.1.el9.ppc64le.rpm	9a90a2b5d812ecc0268f1eb5982feab0d333e3d0c2ab94fee031061c8a3f2d59
ppc64le	skopeo-1.14.3-0.1.el9.ppc64le.rpm	e7b6a185a4469fab34b3e79cb7d0ecd9acca615de732d09c4506b3d23ec5c391
s390x	skopeo-1.14.3-0.1.el9.s390x.rpm	8d6ff5f61f5d6be4e458c14e5295814bd9b20be572a7714682f3eaecd97eaa15
s390x	skopeo-tests-1.14.3-0.1.el9.s390x.rpm	f86bb1ed60a0ef5ce873f0ce0fb7d9f60056cf9827935ae42214f04f4407cdbd
x86_64	skopeo-tests-1.14.3-0.1.el9.x86_64.rpm	668ef0c72ee799303a7d3844fe3fbc47f12c9b899b38387ff83de940b9938a6f
x86_64	skopeo-1.14.3-0.1.el9.x86_64.rpm	f0e14f9ebd571615ed48cefe1a5a8826132c0c5b87d8fe91b7bf21f3c7403c1a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.