Description:
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
Security Fix(es):
* containers/image: digest type does not guarantee valid type (CVE-2024-3727)
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* go-retryable[http:](http:) url might write sensitive information to log file (CVE-2024-6104)
* net/[http:](http:) Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
skopeo-1.16.1-1.el9.aarch64.rpm |
249f2268c16bd22c9fa479c55705482ba989b5342f51567bb1a1e837ed8bff1f |
| aarch64 |
skopeo-tests-1.16.1-1.el9.aarch64.rpm |
c9c0251ca98d859c56daef09ae56e9295525ce9a9a868d09c43f0c9cf5df1d36 |
| ppc64le |
skopeo-1.16.1-1.el9.ppc64le.rpm |
3de37b0d7a7eb4d712899c4fd78d2a598b3f5215b7c9fb1e7ac43639e4da6b7a |
| ppc64le |
skopeo-tests-1.16.1-1.el9.ppc64le.rpm |
d9c4ff4dcb39a6e16db246d59c7b8574daf0e6f63da4dee10118e0f2e9d80738 |
| s390x |
skopeo-tests-1.16.1-1.el9.s390x.rpm |
07fe07efbf54bf185b6424df987512d182655e8a3602e139873d273dbc89dc81 |
| s390x |
skopeo-1.16.1-1.el9.s390x.rpm |
403e6ae5839c7f5afab0fbe5cbe9fb66a3afb8246d4e3b649393fa2ce20dbfdf |
| x86_64 |
skopeo-1.16.1-1.el9.x86_64.rpm |
5b5fe42353356082c9485f2b2c49d5ad2decd26c04573154fe94c811ece07208 |
| x86_64 |
skopeo-tests-1.16.1-1.el9.x86_64.rpm |
6e0c9c00f4865cc5dc708147a9d1f154fd0a05fca4a54f6e6754eec4601fb0e7 |
