[ALSA-2026:13671] Important: image-builder security update
Type:
security
Severity:
important
Release date:
2026-05-05
Description:
A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fix(es): * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 image-builder-31-4.el9_7.aarch64.rpm db5ec64132e4d14f3b43b71c410b38915b60571b818f05250f4de87033eed8d3
ppc64le image-builder-31-4.el9_7.ppc64le.rpm cc6c3a760ae6874d09c009caafdb5865c772a7337e79e45416b8f0711be0eeee
s390x image-builder-31-4.el9_7.s390x.rpm cd1b547e7ad7a069339fdd39d87a6e70f31a2afcd02bab79f7b5772f524605a9
x86_64 image-builder-31-4.el9_7.x86_64.rpm bcbe5267ca64ab4853d519382408b373df40e93383b6b7c222f73092b86891a8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.