ALSA-2026:1908

[ALSA-2026:1908] Important: opentelemetry-collector security update

Type:

security

Severity:

important

Release date:

2026-02-10

Description:

Collector with the supported components for a AlmaLinux build of OpenTelemetry  

Security Fix(es):  

  * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	opentelemetry-collector-0.135.0-3.el9_7.aarch64.rpm	43635b43de6f7edb6f87f66856ffb1c6e08efe966a0520078d75e1a8f2c10b74
ppc64le	opentelemetry-collector-0.135.0-3.el9_7.ppc64le.rpm	f9f677317593ec04e7516f9743e083766aace435cbf94adc3e5f6251a1e31a28
s390x	opentelemetry-collector-0.135.0-3.el9_7.s390x.rpm	39670cc1dc265ba62f6b0a63f24ac38ab0cba0e2913dbea4f7bdb8cbfccb0db3
x86_64	opentelemetry-collector-0.135.0-3.el9_7.x86_64.rpm	d8ad952652d381daa086010da563abc56af8db960ca88475ee89bd68b106d41a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.