ALSA-2025:9147

[ALSA-2025:9147] Moderate: buildah security update

Type:

security

Severity:

moderate

Release date:

2025-06-17

Description:

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.   

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	buildah-tests-1.39.4-2.el9_6.aarch64.rpm	85e052afb9bb0842922a6a01f1ae7ce5acfe08fad5b974c8653638b10b89d502
aarch64	buildah-1.39.4-2.el9_6.aarch64.rpm	bb48872c38584668a96bf4bb6b2c49a211c68a848dced6057d2d92c802265a9f
ppc64le	buildah-tests-1.39.4-2.el9_6.ppc64le.rpm	1090ca3639047924f39655475e346e2ed4f8d472b3f72b0bd5819478aa221ae4
ppc64le	buildah-1.39.4-2.el9_6.ppc64le.rpm	69dc572be1c87d84759f81bb0c13194ae7a593f8d94693bccec99ee982a71962
s390x	buildah-1.39.4-2.el9_6.s390x.rpm	3c2c4b32317e1810111c4165fc34ab4c5b75cdf6bcd4082c552434d576319840
s390x	buildah-tests-1.39.4-2.el9_6.s390x.rpm	953a33da2053000c3c68b1059c6905ae5265980e98e22de767567e6669ec4d23
x86_64	buildah-tests-1.39.4-2.el9_6.x86_64.rpm	aaac6e10bd04c9e14f54c083c807d7fd2009ad2f21adf6553d685368089f4bbe
x86_64	buildah-1.39.4-2.el9_6.x86_64.rpm	eaa7f7f944c13241cb0738463be1efb76664a9ab2dea175a1482a4ddcbcc4923

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.