[ALSA-2025:23729] Important: opentelemetry-collector security update
Type:
security
Severity:
important
Release date:
2025-12-23
Description:
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fix(es): * github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation (CVE-2025-68156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opentelemetry-collector-0.135.0-2.el9_7.aarch64.rpm c3a11676aa8b75d403a6878da63624b7b60228d94ea661697467d660a9a81935
ppc64le opentelemetry-collector-0.135.0-2.el9_7.ppc64le.rpm 1418a26ba576597cc269c5abee10aba8894b92b780c870a47ba9f1b255849b36
s390x opentelemetry-collector-0.135.0-2.el9_7.s390x.rpm 26e589f29ce990263b1d71c8cfc0f1f4018d6bc1ee5ff4bb4ca8d8b8ed509737
x86_64 opentelemetry-collector-0.135.0-2.el9_7.x86_64.rpm e1157434f0dfb5b300c0caa44e084b75f1a21f38d96fcf0e376afc6c6ea62916
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.